Failed Connection Attempt - Firewall Control

I haven't found the official definition, but from what I've concluded is this means any traffic that was allowed through the firewall, but did not form a complete connection. It might also be tied to the session table timer. For example, if a device on the network tries to open a tcp session with another device through the firewall, but the receiving device isn't listening on the given port. Could be indicative of a misconfigured host, application, or a scan. You'd have to investigate to be sure.

I just set the threat weight to 0 as it was mostly junk. Again I'm not entirely sure but it looks like anything that times out of the session table gets this label, including UDP. I found it to be too noisy to be of any good and effectively disabled it in FortiView. You'll still see IP Connection error in the logs though, so its not like you are completely disabling the logging of this traffic.