Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ppatel
Staff
Staff

Created on ‎05-03-2021 05:59 AM

Article Id 193223

Technical Tip: The unit detection/identification data do not correspond to the real workstation values

Description
The 'srcname’ parameter in the traffic logs comes from the unit detection/identification feature (enabled at the source interface) and the scan does not request periodical updates from the source what are the current information (once the data from the host are obtained once they remains within the FortiOS).

Solution
To update the source name, clear the record from the unit inventory and let the unit be newly discovered:
# diag user device del <MAC address of the host>
To clear all discovered records/hosts:
# diag user device clear
Alternatively, to achieve a periodical update, it is possible to schedule a system auto-script feature:
# config system auto-script
    edit "devices_update"             <----- Type whatever name you would find suitable.
        set interval 86400            <----- Frequency on how often the script would execute.
        set repeat 0                  <----- Repeat infinitely.
        set script "diag user device clear"
    next
end

Labels:
1970
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.