Dear All,
I was trying to understand fortigate logs and came across incident serial no in logs.
Can anyone make me understand what the meaning is - incident serial no and when it is identified.
Also I would like to request you please share any article where I can understand logs by CLI
HI Umesh,
When checking IPS logs, you will have the "attack ID" which is the identification number of that signature. You can find further information related to that signature on FortiGuard.
The "Incident serial No" is the identification number of that particular event.
More information about logs can be found in the following Fortinet OS documentation: https://docs.fortinet.com/document/fortigate/7.4.1/fortios-log-message-reference
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.