- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
- Fortinet Community
- Knowledge Base
- FortiGate
- Technical Tip: Display application control signatu...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Description
In general, the logs for application control signature are logged from GUI by navigating to Log & Report -> Application Control -> Add filter based on the based of requirement.
Similarly, it is possible to generate the logs from CLI.
Solution
In the below example:
10.143.5.27 is the IP address of the PC from you are trying to access the application.31077 is application signature ID
10 logs returned.
In general, the logs for application control signature are logged from GUI by navigating to Log & Report -> Application Control -> Add filter based on the based of requirement.
Similarly, it is possible to generate the logs from CLI.
Solution
In the below example:
10.143.5.27 is the IP address of the PC from you are trying to access the application.31077 is application signature ID
# execute log filter start-line 110 logs found.
# execute log filter field srcip 10.143.5.27
# execute log filter field appid 31077
# execute log display
10 logs returned.
1: date=2021-04-24 time=08:53:05 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1619247185411863762 tz="+0200" srcip=10.143.5.27 srcport=49867 srcintf="port3" srcintfrole="undefined" dstip=74.125.206.91 dstport=443 dstintf="port1" dstintfrole="undefined" poluuid="fa0c895a-a4c4-51eb-8781-5b744b4ecdcb" sessionid=6454070 proto=6 action="close" policyid=1 policytype="policy" service="HTTPS" dstcountry="United States" srccountry="Reserved" trandisp="snat" transip=10.5.23.36 transport=49867 appid=31077 app="YouTube" appcat="Video/Audio" apprisk="elevated" applist="Youtube access" appact="detected" duration=25 sentbyte=14723 rcvdbyte=193588 sentpkt=95 rcvdpkt=184
2: date=2021-04-24 time=08:53:05 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1619247185411858198 tz="+0200" srcip=10.143.5.27 srcport=49868 srcintf="port3" srcintfrole="undefined" dstip=64.233.184.119 dstport=443 dstintf="port1" dstintfrole="undefined" poluuid="fa0c895a-a4c4-51eb-8781-5b744b4ecdcb" sessionid=6454088 proto=6 action="close" policyid=1 policytype="policy" service="HTTPS" dstcountry="United States" srccountry="Reserved" trandisp="snat" transip=10.5.23.36 transport=49868 appid=31077 app="YouTube" appcat="Video/Audio" apprisk="elevated" applist="Youtube access" appact="detected" duration=25 sentbyte=2104 rcvdbyte=4746 sentpkt=17 rcvdpkt=16
3: date=2021-04-24 time=08:51:44 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1619247104471850754 tz="+0200" srcip=10.143.5.27 srcport=49793 srcintf="port3" srcintfrole="undefined" dstip=142.251.5.132 dstport=443 dstintf="port1" dstintfrole="undefined" poluuid="fa0c895a-a4c4-51eb-8781-5b744b4ecdcb" sessionid=6448068 proto=6 action="close" policyid=1 policytype="policy" service="HTTPS" dstcountry="United States" srccountry="Reserved" trandisp="snat" transip=10.5.23.36 transport=49793 appid=31077 app="YouTube" appcat="Video/Audio" apprisk="elevated" applist="Youtube access" appact="detected" duration=199 sentbyte=3356 rcvdbyte=33841 sentpkt=37 rcvdpkt=42 sentdelta=162 rcvddelta=144
4: date=2021-04-24 time=08:51:44 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1619247104471847653 tz="+0200" srcip=10.143.5.27 srcport=49781 srcintf="port3" srcintfrole="undefined" dstip=74.125.206.119 dstport=443 dstintf="port1" dstintfrole="undefined" poluuid="fa0c895a-a4c4-51eb-8781-5b744b4ecdcb" sessionid=6447319 proto=6 action="close" policyid=1 policytype="policy" service="HTTPS" dstcountry="United States" srccountry="Reserved" trandisp="snat" transip=10.5.23.36 transport=49781 appid=31077 app="YouTube" appcat="Video/Audio" apprisk="elevated" applist="Youtube access" appact="detected" duration=228 sentbyte=7426 rcvdbyte=296226 sentpkt=130 rcvdpkt=224 sentdelta=203 rcvddelta=196
5: date=2021-04-24 time=08:51:44 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1619247104471833290 tz="+0200" srcip=10.143.5.27 srcport=49780 srcintf="port3" srcintfrole="undefined" dstip=64.233.166.136 dstport=443 dstintf="port1" dstintfrole="undefined" poluuid="fa0c895a-a4c4-51eb-8781-5b744b4ecdcb" sessionid=6447313 proto=6 action="close" policyid=1 policytype="policy" service="HTTPS" dstcountry="United States" srccountry="Reserved" trandisp="snat" transip=10.5.23.36 transport=49780 appid=31077 app="YouTube" appcat="Video/Audio" apprisk="elevated" applist="Youtube access" appact="detected" duration=229 sentbyte=76305 rcvdbyte=2218413 sentpkt=402 rcvdpkt=1697 sentdelta=2216 rcvddelta=749
6: date=2021-04-24 time=08:50:40 logid="0000000020" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1619247040548893384 tz="+0200" srcip=10.143.5.27 srcport=49793 srcintf="port3" srcintfrole="undefined" dstip=142.251.5.132 dstport=443 dstintf="port1" dstintfrole="undefined" poluuid="fa0c895a-a4c4-51eb-8781-5b744b4ecdcb" sessionid=6448068 proto=6 action="accept" policyid=1 policytype="policy" service="HTTPS" dstcountry="United States" srccountry="Reserved" trandisp="snat" transip=10.5.23.36 transport=49793 appid=31077 app="YouTube" appcat="Video/Audio" apprisk="elevated" applist="Youtube access" appact="detected" duration=135 sentbyte=3194 rcvdbyte=33697 sentpkt=33 rcvdpkt=39 sentdelta=3194 rcvddelta=33697
7: date=2021-04-24 time=08:49:59 logid="0000000020" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1619246999424441049 tz="+0200" srcip=10.143.5.27 srcport=49780 srcintf="port3" srcintfrole="undefined" dstip=64.233.166.136 dstport=443 dstintf="port1" dstintfrole="undefined" poluuid="fa0c895a-a4c4-51eb-8781-5b744b4ecdcb" sessionid=6447313 proto=6 action="accept" policyid=1 policytype="policy" service="HTTPS" dstcountry="United States" srccountry="Reserved" trandisp="snat" transip=10.5.23.36 transport=49780 appid=31077 app="YouTube" appcat="Video/Audio" apprisk="elevated" applist="Youtube access" appact="detected" duration=124 sentbyte=74089 rcvdbyte=2217664 sentpkt=391 rcvdpkt=1685 sentdelta=74089 rcvddelta=2217664
8: date=2021-04-24 time=08:49:55 logid="0000000020" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1619246995523816525 tz="+0200" srcip=10.143.5.27 srcport=49781 srcintf="port3" srcintfrole="undefined" dstip=74.125.206.119 dstport=443 dstintf="port1" dstintfrole="undefined" poluuid="fa0c895a-a4c4-51eb-8781-5b744b4ecdcb" sessionid=6447319 proto=6 action="accept" policyid=1 policytype="policy" service="HTTPS" dstcountry="United States" srccountry="Reserved" trandisp="snat" transip=10.5.23.36 transport=49781 appid=31077 app="YouTube" appcat="Video/Audio" apprisk="elevated" applist="Youtube access" appact="detected" duration=120 sentbyte=7223 rcvdbyte=296030 sentpkt=125 rcvdpkt=220 sentdelta=7223 rcvddelta=296030
9: date=2021-04-24 time=08:48:30 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1619246910661865138 tz="+0200" srcip=10.143.5.27 srcport=49794 srcintf="port3" srcintfrole="undefined" dstip=142.251.5.132 dstport=443 dstintf="port1" dstintfrole="undefined" poluuid="fa0c895a-a4c4-51eb-8781-5b744b4ecdcb" sessionid=6448069 proto=6 action="client-rst" policyid=1 policytype="policy" service="HTTPS" dstcountry="United States" srccountry="Reserved" trandisp="snat" transip=10.5.23.36 transport=49794 appid=31077 app="YouTube" appcat="Video/Audio" apprisk="elevated" applist="Youtube access" appact="detected" duration=6 sentbyte=873 rcvdbyte=6246 sentpkt=7
10: date=2021-04-24 time=08:48:30 logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" eventtime=1619246910661859843 tz="+0200" srcip=10.143.5.27 srcport=49792 srcintf="port3" srcintfrole="undefined" dstip=142.251.5.132 dstport=443 dstintf="port1" dstintfrole="undefined" poluuid="fa0c895a-a4c4-51eb-8781-5b744b4ecdcb" sessionid=6448067 proto=6 action="client-rst" policyid=1 policytype="policy" service="HTTPS" dstcountry="United States" srccountry="Reserved" trandisp="snat" transip=10.5.23.36 transport=49792 appid=31077 app="YouTube" appcat="Video/Audio" apprisk="elevated" applist="Youtube access" appact="detected" duration=6 sentbyte=873 rcvdbyte=6247 sentpkt=7
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.