FortiGate Firewall Template

Action	Subaction	Condition
Successful Login	Interactive Login	EventID == 32001
Successful Login	Successful IPsec VPN Login	EventID == 37138
Successful Login	Successful VPN Login	EventID == 39424
Logon Failure	Interactive Logon Failure	EventID == 32002
Logon Failure	IPsec VPN Logon Failure	EventID == 37121
Logon Failure	VPN Logon Failure	EventID == 39426
Logoff	Logoff	EventID == 32003
Logoff	IPsec VPN Logoff	EventID == 37139
Logoff	VPN Logoff	EventID == 39425
User Creation	User Creation	EventID == 44547
User Modification	User Modification	EventID == 44547
User Modification	User Renaming	EventID == 44547
User Deletion	User Deletion	EventID == 44545
Group/Role/Profile Creation	Group Creation	EventID == 44547
Group/Role/Profile Modification	Group Modification	EventID == 44547
Group/Role/Profile Modification	Group Renaming	EventID == 44547
Group/Role/Profile Deletion	Group Deletion	EventID == 44545
Group/Role/Profile Creation	Profile Creation	EventID == 44547
Group/Role/Profile Modification	Profile Modification	EventID == 44547
Group/Role/Profile Modification	Profile Renaming	EventID == 44545
Group/Role/Profile Deletion	Profile Deletion	EventID == 44545
Object Creation	Static Route Creation	EventID == 44547
Object Creation	Policy Route Creation	EventID == 44547
Object Creation	Interface Creation	EventID == 44547
Create Policy Rule	Policy Rule Creation	EventID == 44547
Object Modification	Static Route Modification	EventID == 44547
Object Modification	Policy Route Modification	EventID == 44547
Object Creation	Certificate Creation	EventID == 44547
Object Modification	Certificate Modification	EventID == 44547
Object Deletion	Certificate Deletion	EventID == 44545
Object Modification	Interface Modification	EventID == 44547
Object Modification	Policy Rule Modification	EventID == 44547
Object Deletion	Static Route Deletion	EventID == 44545
Object Deletion	Policy Route Deletion	EventID == 44545
Object Deletion	Interface Deletion	EventID == 44545
Object Deletion	Policy Rule Deletion	EventID == 44545
Object Creation	Authentication Creation	EventID == 44547
Object Modification	Authentication Modification	EventID == 44547
Object Modification	Authentication Renaming	EventID ==44547
Object Deletion	Authentication Deletion	EventID == 44545
Audit Modification	Audit Modification	EventID == 44546
System Start	System Reboot	EventID == 32138
System Shutdown	Systen Shutdown	EventID == 32200
Configuration Rule Modification	Restore Configuration	EventID ==32095
Configuration Rule Modification	Backup Configuration	EventID == 32138
Configuration Rule Modification	Factory Reset Configuration	EventID == 32252

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
Version: 6.9 | April 2024