Fortigate logs consist of a Header and a Body. The header contains specific universal information associated with the event log, whereas the body contains event type-specific information. The fields are transmitted as key-value pairs (and as such, it is usually easy to parse and/or extract information).
Level | Severity | Description |
---|---|---|
0 | emergency | System unusable |
1 | alert | Immediate action needed |
2 | critical | Critical conditions |
3 | error | Error conditions |
4 | warning | Warning conditions |
5 | notification | Normal but significant conditions |
6 | informational | Informational messages |
7 | debugging | Debugging messages |
** Note: The Debug priority level (7) is rarely used. It is the lowest log priority level and usually contains some firmware status information that is useful when the FortiGate unit is not functioning properly.