Browse
Fortinet Community
Help
Sign In
Forums
Support Forum
Knowledge Base
Customer Service
FortiGate
FortiClient
FortiAP
FortiAnalyzer
FortiADC
FortiAuthenticator
FortiBridge
FortiCache
FortiCarrier
FortiCASB
FortiConnect
FortiConverter
FortiCNP
FortiDAST
FortiDDoS
FortiDB
FortiDNS
FortiDeceptor
FortiDevSec
FortiDirector
FortiEDR
FortiExtender
FortiGate Cloud
FortiGuard
FortiHypervisor
FortiInsight
FortiIsolator
FortiMail
FortiManager
FortiMonitor
FortiNAC
FortiNAC-F
FortiNDR (on-premise)
FortiNDRCloud
FortiPAM
FortiPortal
FortiProxy
FortiRecon
FortiRecorder
FortiSandbox
FortiSASE
FortiScan
FortiSIEM
FortiSOAR
FortiSwitch
FortiTester
FortiToken
FortiVoice
FortiWAN
FortiWeb
Wireless Controller
RMA Information and Announcements
FortiCloud Products
ZTNA
4D Documents
Community Groups
Agora
Engage Services
The EPSP Platform
The ETSP Platform
Finland
Fortinet for SAP
Discussions
Technical Learning
Knowledge Base
Idea Exchange
Events
FortiSIEM
Discussions
Blog
FortiSOAR
Discussions
Announcements
Idea Exchange
KCS
Blogs
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
Fortinet Community
Knowledge Base
FortiAnalyzer
Technical Tip: ICMP specific format for UTM logs
Options
Subscribe to RSS Feed
Mark as New
Mark as Read
Bookmark
Subscribe
Printer Friendly Page
Report Inappropriate Content
iyotov
Staff
Created on
04-23-2018
06:32 AM
Edited on
11-23-2021
07:25 AM
By
Anonymous
Article Id
192686
Technical Tip: ICMP specific format for UTM logs
Description
This article explains why the UTM logs for ICMP traffic contain source and destination port numbers.
Solution
For ICMP UTM logs, the "dstport" field is used to display the ICMP code, and "srcport" is showing the sequence number from the ICMP payload.
More information regarding Internet Control Message Protocol and a description of the ICMP parameters can be found at external sites such as:
https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml
and
https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
Labels:
FortiAnalyzer v4.0 MR3
FortiAnalyzer v5.0
FortiAnalyzer v5.2
FortiAnalyzer v5.4
FortiAnalyzer v5.6
FortiAnalyzer v6.0
FortiGate v4.0 MR3
FortiGate v5.0
FortiGate v5.2
FortiGate v5.4
FortiGate v5.6
FortiGate v6.0
Contributors
iyotov
Anonymous
Anonymous
