Document toolboxDocument toolbox

cef0.fortinet.fortinacVmCa

Owned by Juan Tomás Alonso Nieto (Deactivated)
May 08, 2023
1 min read
[ 1 Introduction ] [ 2 Tag structure ] [ 3 How is the data sent to Devo? ] [ 4 Sample data ]

Introduction

The table cef0.fortinet.fortinacVmCa identifies events in CEF format generated by Fortinet FortiNAC.

Tag structure

Events in CEF format don't have a specific tag structure, as explained in Technologies supported in CEF syslog format. They are always sent to a table with the structure cef0.deviceVendor.deviceProduct.

In this case, the valid data tables are:

  • cef0.fortinet.fortinacVmCa

How is the data sent to Devo?

Learn more about CEF syslog format and how Devo tags these events in Technologies supported in CEF syslog format.

Sample data

Field

Type

Extra fields

Field

Type

Extra fields

eventdate

timestamp

-

hostname

str

-

priorityCode

str

-

cefTag

str

-

cefVersion

str

-

embDeviceVendor

str

-

embDeviceProduct

str

-

deviceVersion

str

-

signatureID

str

-

name

str

-

severity

str

-

category

str

-

message

str

-

device_receipt_time

str

-

source_hostname

str

-

source_ip

ip4

-

source_mac

str

-

source_user_id

str

-

cs1Label

str

-

cs1

str

-

rawMessage

str

✓