Fortigate logs consist of a Header and a Body. The header contains specific universal information associated with the event log, whereas the body contains event type-specific information. The fields are transmitted as key-value pairs (and as such, it is usually easy to parse and/or extract information).
|1||alert||Immediate action needed|
|5||notification||Normal but significant conditions|
** Note: The Debug priority level (7) is rarely used. It is the lowest log priority level and usually contains some firmware status information that is useful when the FortiGate unit is not functioning properly.