The Traffic Log table displays logs related to traffic served by the FortiADC deployment.
Figure 61 shows the Traffic log table. By default, the log is filtered to display Server Load Balancing - Layer 4 traffic logs, and the table lists the most recent records first.
You can use the following category filters to review logs of interest:
Within each category, you can use Filter Setting controls to filter the table based on the values of matching data:
The last column in each table includes a link to log details.
Before you begin:
Table 117 to Table 122 list the log columns in the order in which they appear in the log.
Column | Example | Description |
---|---|---|
date | date=2014-12-01 | Log date. |
time | time=07:50:36 | Log time. |
log_id | log_id=0102007810 | Log ID. |
type | type=traffic | Log type. |
subtype | subtype=slb_tcps | Log subtype: slb_layer4, slb_tcps. |
pri | pri=information | Log level. |
vd | vd=root | Virtual domain. |
msg_id | msg_id=522030 | Message ID. |
duration | duration=55 | Session duration. |
ibytes | ibytes=138 | Bytes in. |
obytes | obytes=303 | Bytes out. |
proto | proto=6 | Protocol. |
service | service=tcps | Service. |
src | src=31.1.1.103 | Source IP address in traffic received by FortiADC. |
src_port | src_port=5534 | Source port. |
dst | dst=21.1.1.101 | Destination IP address in traffic received by FortiADC (IP address of the virtual server). |
dst_port | dst_port=443 | Destination port. |
trans_src | trans_src=31.1.1.103 | Source IP address in packet sent from FortiADC. Address might have been translated. |
trans_src_port | trans_src_port=5534 | Source port in packet sent from FortiADC. |
trans_dst | trans_dst=21.1.1.101 | Destination IP address in packet sent from FortiADC (IP address of the real server). |
trans_dst_port | trans_dst_port=443 | Destination port in packet sent from FortiADC. |
policy | policy=L7vs | Virtual server name. |
action | action=none | For most logs, action=none. |
srccountry | srccountry=Reserved | Location of the source IP address. |
dstcountry | dstcountry=Reserved | Location of the destination IP address. |
real_server | real_server=2_2_2_10 | Real server configured name. |
Column | Example | Description |
---|---|---|
date | date=2014-12-01 | Log date. |
time | time=07:50:36 | Log time. |
log_id | log_id=0102007810 | Log ID. |
type | type=traffic | Log type. |
subtype | subtype=slb_http | Log subtype: slb_http. |
pri | pri=information | Log level. |
vd | vd=root | Virtual domain. |
msg_id | msg_id=522030 | Message ID. |
duration | duration=55 | Session duration. |
ibytes | ibytes=138 | Bytes in. |
obytes | obytes=303 | Bytes out. |
proto | proto=6 | Protocol. |
service | service=http | Service. |
src | src=31.1.1.103 | Source IP address in traffic received by FortiADC. |
src_port | src_port=5534 | Source port. |
dst | dst=21.1.1.101 | Destination IP address in traffic received by FortiADC (IP address of the virtual server). |
dst_port | dst_port=443 | Destination port. |
trans_src | trans_src=31.1.1.103 | Source IP address in packet sent from FortiADC. Address might have been translated. |
trans_src_port | trans_src_port=5534 | Source port in packet sent from FortiADC. |
trans_dst | trans_dst=21.1.1.101 | Destination IP address in packet sent from FortiADC (IP address of the real server). |
trans_dst_port | trans_dst_port=443 | Destination port in packet sent from FortiADC. |
policy | policy=L7vs | Virtual server name. |
action | action=none | For most logs, action=none. |
http_method | http_method=get | HTTP method. |
http_host | http_host=10.61.2.100 | Host IP address. |
http_agent | http_agent=curl/7.29.0 | HTTP agent. |
http_url= | http_url=/ip.php | Base URL. |
http_qry | http_qry=unknown | URL parameters after the base URL. |
http_cookie | http_cookie=unknown | Cookie name. |
http_retcode | http_retcode=200 | HTTP return code. |
user | user=user1 | User name. |
usergrp | usergrp=companyABC | User group. |
auth_status | auth_status=success | Authentication success/failure. |
srccountry | srccountry=Reserved | Location of the source IP address. |
dstcountry | dstcountry=Reserved | Location of the destination IP address. |
real_server | real_server=2_2_2_10 | Real server configured name. |
Column | Example | Description |
---|---|---|
date | date=2014-12-01 | Log date. |
time | time=07:50:36 | Log time. |
log_id | log_id=0102007810 | Log ID. |
type | type=traffic | Log type. |
subtype | subtype=slb_radius. | Log subtype: slb_radius. |
pri | pri=information | Log level. |
vd | vd=root | Virtual domain. |
msg_id | msg_id=522030 | Message ID. |
duration | duration=55 | Session duration. |
ibytes | ibytes=138 | Bytes in. |
obytes | obytes=303 | Bytes out. |
proto | proto=6 | Protocol. |
service | service=radius | Service. |
src | src=31.1.1.103 | Source IP address in traffic received by FortiADC. |
src_port | src_port=5534 | Source port. |
dst | dst=21.1.1.101 | Destination IP address in traffic received by FortiADC (IP address of the virtual server). |
dst_port | dst_port=443 | Destination port. |
trans_src | trans_src=31.1.1.103 | Source IP address in packet sent from FortiADC. Address might have been translated. |
trans_src_port | trans_src_port=5534 | Source port in packet sent from FortiADC. |
trans_dst | trans_dst=21.1.1.101 | Destination IP address in packet sent from FortiADC (IP address of the real server). |
trans_dst_port | trans_dst_port=443 | Destination port in packet sent from FortiADC. |
policy | policy=L7vs | Virtual server name. |
action | action=none | For RADIUS, action=auth or acct. |
user | user=user1 | RADIUS accounting username. |
srccountry | srccountry=Reserved | Location of the source IP address. |
dstcountry | dstcountry=Reserved | Location of the destination IP address. |
real_server | real_server=2_2_2_10 | Real server configured name. |
Column | Example | Description |
---|---|---|
date | date=2016-03-18 | Log date. |
time | time=11:48:29 | Log time. |
log_id | log_id=107005800 | Log ID. |
type | type=traffic | Log type. |
subtype | subtype=slb_rdp | Log subtype: slb_rdp. |
pri | pri=information | Log level. |
vd | vd=root | Virtual domain. |
msg_id | msg_id=1321705 | Message ID. |
duration | duration=2 | Session duration. |
ibytes | ibytes=92 | Bytes in. |
obytes | obytes=400 | Bytes out. |
proto | proto=6 | Protocol. |
service | service=http | Service. |
src | src=192.168.1.1 | Source IP address in traffic received by FortiADC. |
src_port | src_port=37869 | Source port. |
dst | dst=192.168.1.142 | Destination IP address in traffic received by FortiADC (IP address of the virtual server). |
dst_port | dst_port=8080 | Destination port. |
trans_src | trans_src=2.2.2.2 | Source IP address in packet sent from FortiADC. Address might have been translated. |
trans_src_port | trans_src_port=58661 | Source port in packet sent from FortiADC. |
trans_dst | trans_dst=2.2.2.10 | Destination IP address in packet sent from FortiADC (IP address of the real server). |
trans_dst_port | trans_dst_port=80 | Destination port in packet sent from FortiADC. |
policy | policy=vs-l7 | Virtual server name. |
action | action=none | For most logs, action=none. |
srccountry | srccountry=Reserved | Location of the source IP address. |
dstcountry | dstcountry=Reserved | Location of the destination IP address. |
real_server | real_server=r_22210 | Real server configured name. |
Column | Example | Description |
---|---|---|
date | date=2016-01-29 | Log date. |
time | time=18:06:48 | Log time. |
log_id | log_id=0106001134 | Log ID. |
type | type=traffic | Log type. |
subtype | subtype=slb_sip | Log subtype: slb_sip. |
pri | pri=information | Log level. |
vd | vd=root | Virtual domain. |
msg_id | msg_id=154799 | Message ID. |
duration | duration=1 | Session duration. |
ibytes | ibytes=44346 | Bytes in. |
obytes | obytes=2.2.2.10 | Bytes out. |
proto | proto=6 | Protocol. |
service | service=http | Service. |
src | src=N/A | Source IP address in traffic received by FortiADC. |
src_port | src_port=43672 | Source port. |
dst | dst=192.168.1.142 | Destination IP address in traffic received by FortiADC (IP address of the virtual server). |
dst_port | dst_port=8080 | Destination port. |
trans_src | trans_src=2.2.2.2 | Source IP address in packet sent from FortiADC. Address might have been translated. |
trans_src_port | trans_src_port=80 | Source port in packet sent from FortiADC. |
trans_dst | trans_dst=N/A | Destination IP address in packet sent from FortiADC (IP address of the real server). |
trans_dst_port | trans_dst_port=none | Destination port in packet sent from FortiADC. |
policy | policy=invite | Virtual server name. |
action | action=sip: bob@1.1.1.1 v2.0 | Invite sent to. |
sip_method | sip_method=from: alice@2.2.2.2 | Invite sent from. |
sip_uri | sip_uri=to: server@3.3.3.3 | SIP server IP address. |
sip_from | sip_from=callid:1111111 | SIP call ID. |
sip_to | sip_to=200 | |
sip_callid | sip_callid=Reserved | Reserved. |
sip_retcode | sip_retcode=Reserved | Reserved. |
srccountry | srccountry=Reserved | Location of the source IP address. |
dstcountry | dstcountry=Reserved | Location of the destination IP address. |
real_server | real_server=2_2_2_10 | Real server configured name. |
Column | Example | Description |
---|---|---|
date | date=2014-12-01 | Log date. |
time | time=07:50:36 | Log time. |
log_id | log_id=0102007810 | Log ID. |
type | type=traffic | Log type. |
subtype | subtype=dns | Log subtype: dns. |
pri | pri=information | Log severity. |
vd | vd=root | Virtual domain. |
msg_id | msg_id=522030 | Message ID. |
proto | proto=6 | Protocol. |
src | src=31.1.1.103 | Source IP address. |
src_port | src_port=5534 | Source port. |
dst | dst=21.1.1.101 | Destination IP address. |
dst_port | dst_port=443 | Destination port. |
policy | policy=policy | Global load balancing policy name. |
action | action=none | For most logs, action=none. |
fqdn | fqdn=pool.ntp.org | FQDN from client request. |
resip | resip=4.53.160.75 | DNS response IP address. |
srccountry | srccountry=Reserved | Location of the source IP address. |
dstcountry | dstcountry=Reserved | Location of the destination IP address. |