Solved
What does "bid" in FortiOS log fields represent?
I found the bid in the FortiOS log field.
I'm not sure what this field means.
who can tell me?
The log format documentation doesn't even mention the bid field.
Hey Ryan,
thanks for sharing the logs :).
There are some fields FortiAnalyzer adds when adding the logs to its database, as basically meta-information, like itime and date/time fields - one is the timestamp from when FortiGate wrote the message, the other is when FortiAnalyzer received the message.
If I remember correctly, dstower, dvid, epid, and bid reference other tables in FortiAuthenticator database with added information (dvid is device ID for example, the reference for this particular FortiGate in FortiAnalyzer device table).
I can't recall what bid exactly references, and haven't been able to find this internally, my apologies.
Edit: If you download the log from FortiGate directly, it should not contain the bid/dvid/epid/etc fields.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.