f. Voice over IP (VoIP)
- Svetlana Sheptiy
- Karein Directo (Unlicensed)
Records voice over IP events.
Sample Event
date=2018-12-27 time=16:47:09 logid="0814044032" type="utm" subtype="voip" eventtype="voip" level="information" vd="vdom1" eventtime=1545958028 session_id=18975 epoch=0 event_id=6857 srcip=10.1.100.11 src_port=5060 dstip=172.16.200.55 dst_port=5060 proto=17 src_int="port12" dst_int="port11" policy_id=1 profile="default" voip_proto="sip" kind="call" action="permit" status="start" duration=0 dir="session_origin" call_id="3444-13134@127.0.0.1" from="sip:sipp@127.0.0.1:5060" to="sip:service@172.16.200.55:5060"
Fields
Field | Description |
|---|---|
DATE | Event date, in the format YYYY-MM-DD |
TIME | Event time, in the format HH:MM:SS |
SYSTEM | The source system |
TABLE | FortiGateVoIP |
CRITICALITY |
|
LOGID | Unique 10-digit identifier (log type, subtype/event type and message ID) for that specific log and includes information about the log entry |
TYPE | Represented by the first two digits of the log ID |
SUBTYPE | Represented by the first/second two digits of the log ID |
EVENTTYPE | Represented by the second two digits of the log ID |
DEVNAME |
|
DEVID | Serial number of the device for the traffic's origin |
LEVEL | Security level rating |
VD | Name of the virtual domain in which the log message was recorded |
EVENTTIME | Epoch time the log was triggered by FortiGate |
SESSION_ID | Session ID |
EPOCH |
|
EVENT_ID |
|
SRCIP | Source IP |
SRC_PORT | Source port |
SRC_INT |
|
DSTIP | Destination IP |
DST_PORT | Destination port |
DST_INT |
|
PROTO |
|
POLICY_ID |
|
PROFILE |
|
VOIP_PROTO |
|
KIND |
|
ACTION |
|
STATUS |
|
DURATION |
|
DIR |
|
CALL_ID |
|
FROM |
|
TO |
|
SNAREDATAMAP | All other data in the event will be pushed to this field |
Notes
Log Message Reference Documentation: https://docs.fortinet.com/document/fortigate/6.4.2/fortios-log-message-reference