Fortinet black logo

Alert

Copy Link
Copy Doc ID f6b3dff5-e164-11ea-96b9-00505692583a:539869
Download PDF

Alert

MALWARE

Log Field Name

Description

Data Type

Length

devid

Device ID for FortiSandbox in FortiAnalyzer

string

16

logid

Log ID

string

8

type

Log Type

string

16

subtype

Log Subtype

string

32

level

Log Level

string

16

tzone

time offset in seconds to UTC

int32

32

clientdev

Client Device

string

64

clientvd

Client VDOM

string

64

fname

File Name

string

1024

jobid

Job process ID

string

16

md5

MD5 checksum

string

32

mname

Malware Name

string

256

proto

Protocol

string

16

risk

Risk name

string

16

sha256

SHA256 checksum

string

64

scanstart

Scan Start Time

uint32

32

scaned

Scan End Time

uint32

32

srcip

Source IP address

string

45

srcport

Source Port Number

int32

32

dstip

Destination IP Address

string

45

dstport

Destination Port Number

int32

32

stype

Source Type

string

16

suser

Source User Name

string

64

url

URL

string

2048

vd

VDOM

string

32

vmos

Virtual Machine OS

string

128

jstatus

Job Status

string

16

NETATTACK

Log Field Name

Description

Data Type

Length

virusid

Virus ID

int32

32

attackid

Attack ID

int32

32

srcipport

source ip and port

string

48

dstipport

destination ip and port

string

48

host

Host name

string

256

attackname

Attack Name

string

128

botnetname

Botnet Name

string

128

jstatus

Job Status

string

16

NETBOTNET

Log Field Name

Description

Data Type

Length

devid

Device ID for FortiSandbox in FortiAnalyzer

string

16

logid

Log ID

string

8

type

Log Type

string

16

subtype

Log Subtype

string

32

level

Log Level

string

16

virusid

Virus ID

int32

32

attackid

Attack ID

int32

32

srcipport

source ip and port

string

48

dstipport

destination ip and port

string

48

host

Host name

string

256

attackname

Attack Name

string

128

botnetname

Botnet Name

string

128

vd

VDOM

string

32

jstatus

Job Status

string

16

NETURL

Log Field Name

Description

Data Type

Length

devid

Device ID for FortiSandbox in FortiAnalyzer

string

16

logid

Log ID

string

8

type

Log Type

string

16

subtype

Log Subtype

string

32

level

Log Level

string

16

virusid

Virus ID

int32

32

attackid

Attack ID

int32

32

srcipport

source ip and port

string

48

dstipport

destination ip and port

string

48

host

Host name

string

256

attackname

Attack Name

string

128

botnetname

Botnet Name

string

128

vd

VDOM

string

32

jstatus

Job Status

string

16

Alert

MALWARE

Log Field Name

Description

Data Type

Length

devid

Device ID for FortiSandbox in FortiAnalyzer

string

16

logid

Log ID

string

8

type

Log Type

string

16

subtype

Log Subtype

string

32

level

Log Level

string

16

tzone

time offset in seconds to UTC

int32

32

clientdev

Client Device

string

64

clientvd

Client VDOM

string

64

fname

File Name

string

1024

jobid

Job process ID

string

16

md5

MD5 checksum

string

32

mname

Malware Name

string

256

proto

Protocol

string

16

risk

Risk name

string

16

sha256

SHA256 checksum

string

64

scanstart

Scan Start Time

uint32

32

scaned

Scan End Time

uint32

32

srcip

Source IP address

string

45

srcport

Source Port Number

int32

32

dstip

Destination IP Address

string

45

dstport

Destination Port Number

int32

32

stype

Source Type

string

16

suser

Source User Name

string

64

url

URL

string

2048

vd

VDOM

string

32

vmos

Virtual Machine OS

string

128

jstatus

Job Status

string

16

NETATTACK

Log Field Name

Description

Data Type

Length

virusid

Virus ID

int32

32

attackid

Attack ID

int32

32

srcipport

source ip and port

string

48

dstipport

destination ip and port

string

48

host

Host name

string

256

attackname

Attack Name

string

128

botnetname

Botnet Name

string

128

jstatus

Job Status

string

16

NETBOTNET

Log Field Name

Description

Data Type

Length

devid

Device ID for FortiSandbox in FortiAnalyzer

string

16

logid

Log ID

string

8

type

Log Type

string

16

subtype

Log Subtype

string

32

level

Log Level

string

16

virusid

Virus ID

int32

32

attackid

Attack ID

int32

32

srcipport

source ip and port

string

48

dstipport

destination ip and port

string

48

host

Host name

string

256

attackname

Attack Name

string

128

botnetname

Botnet Name

string

128

vd

VDOM

string

32

jstatus

Job Status

string

16

NETURL

Log Field Name

Description

Data Type

Length

devid

Device ID for FortiSandbox in FortiAnalyzer

string

16

logid

Log ID

string

8

type

Log Type

string

16

subtype

Log Subtype

string

32

level

Log Level

string

16

virusid

Virus ID

int32

32

attackid

Attack ID

int32

32

srcipport

source ip and port

string

48

dstipport

destination ip and port

string

48

host

Host name

string

256

attackname

Attack Name

string

128

botnetname

Botnet Name

string

128

vd

VDOM

string

32

jstatus

Job Status

string

16