Help
FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
nsoni
Staff
Staff

Created on ‎03-02-2025 05:11 AM

Article Id 379607

Troubleshooting Tip: Manual malware IOC import using csv file failed with error 'Row 1, Column 2: Expected String format, Field is missing'

Description The article provides steps to fix the csv file format to prevent malware IOC import failure while using a csv file.
Scope FortiSIEM.
Solution

 

malware_url_import_error.png

 

The import failed error indicates that format of the CSV file contents is incorrect.

 

CSV import failed due to missing comma separators. Each row in the CSV file must contain the required number of columns, even if some columns are blank.

 

For example, when importing URLs, the CSV file must contain five columns: URL, malware type, confidence, description, and last seen (mm/dd/yyyy)

Therefore, each row should have four commas, even if the columns other than the URL are blank.

 

Incorrect CSV file:


https://abc.local/unPek2 
https://xyz.local/setup_wm.exe 

 

Correct CSV file:

 

https://abc.local/unPek2,,,,
https://xyz.local/setup_wm.exe,,,,

 

Refer to the guides below to understand the fields required in a csv file for the respective malware IOC types.
246
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.