The sample system event message will be looked like below:

date=2025-01-06 time=01:22:11 eventtime=1697974411360510151 tz="+0200" logid="1501054200" type="utm" subtype="dns" eventtype="dns-response" level="error" vd="root" policyid=1 poluuid="0ad2809c-7458-51ec-0ba6-b1a5f7bc02cc" policytype="policy" sessionid=380455832 user="test" srcip=192.168.1.1 srcport=56326 srccountry="Reserved" srcintf="port1" srcintfrole="undefined" dstip=113.111.118.114 dstport=53 dstcountry="China" dstintf="port2" dstintfrole="undefined" proto=17 profile="DNS Profile" srcmac="b9:bf:77:64:68:2f" xid=39675 qname="example.com" qtype="Unknown" qtypeval=65 qclass="IN" msg="A DNS resolution error occurs" action="pass" error="DNS query timeout" rcode=2

This message says that FortiGate having trouble resolving 'example.com' to be used for the DNS filter under security scanning. When the domain is unresolvable, the DNS filter will not function as expected, and 'example.com' can be blocked under the 'unrated' category unless a rating error option is allowed under the DNS profile.

Additional information:

Check whether 'example.com' can be found under the DNS cache using the command and tune the FortiGate DNS setting if required:

diagnose test application dnsproxy 7