I am having the same question, and not finding much information on what the unit of time is. This has been open since 2007 and no response from Fortinet?
Hey jtatum1,
we're still catching up a lot; the Forums were changed to Community last November, and we have a team in place to keep a better eye on things.
As for the question in this thread:
- the 'duration' is in seconds
- FortiGate generates the log after a session is removed from its session table
-> in newer firmware versions it also generates interim traffic logs every two minutes for ongoing sessions
-> a session is closed (and the log written) if it times out, an RST packet or FIN/ACK exchange is observed, the session is cleared manually, and a few other reasons (such as a user authentication timing out)
Let me know if you have more questions on the 'duration' field :)
> - FortiGate generates the log after a session is removed from its session table
how is log's "duration" calculated for UDP sessions? UDP session only terminates at idle-timeout, right?
R's, Alex
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1752 | |
1115 | |
766 | |
447 | |
241 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.