Cisco Cisco Email Security Appliance C390 사용자 가이드
31-40
Cisco AsyncOS 8.5 for Email User Guide
Chapter 31 System Administration
Alerts
COMMON.INVALID_FILTER
Invalid $class: $error
‘class’ - Either "Filter",
"SimpleFilter", etc.
"SimpleFilter", etc.
’error’ - Additional
why-filter-is-invalid info.
why-filter-is-invalid info.
Warning. Sent when an invalid filter is encountered.
IPBLOCKD.HOST_ADDED_TO_WHI
TELIST
TELIST
IPBLOCKD.HOST_ADDED_TO_BLA
CKLIST
CKLIST
IPBLOCKD.HOST_REMOVED_FRO
M_BLACKLIST
M_BLACKLIST
The host at $ip has been added to the blacklist because of an
SSH DOS attack.
SSH DOS attack.
The host at $ip has been permanently added to the ssh
whitelist.
whitelist.
The host at $ip has been removed from the blacklist
’ip’ - IP address from which
a login attempt occurred.
a login attempt occurred.
Warning.
IP addresses that try to connect to the appliance over SSH but
do not provide valid credentials are added to the SSH blacklist
if more than 10 failed attempts occur within two minutes.
do not provide valid credentials are added to the SSH blacklist
if more than 10 failed attempts occur within two minutes.
When a user logs in successfully from the same IP address,
that IP address is added to the whitelist.
that IP address is added to the whitelist.
Addresses on the whitelist are allowed access even if they are
also on the blacklist.
also on the blacklist.
Entries are automatically removed from the blacklist after
about a day.
about a day.
LDAP.GROUP_QUERY_
FAILED_ALERT
FAILED_ALERT
LDAP: Failed group query $name, comparison in filter will
evaluate as false
evaluate as false
’name’ - The name of the
query.
query.
Critical. Sent when an LDAP group query fails.
LDAP.HARD_ERROR
LDAP: work queue processing error in $name reason $why
’name’ - The name of the
query.
query.
’why’ - Why the error
happened.
happened.
Critical. Sent when an LDAP query fails completely (after
trying all servers).
trying all servers).
LOG.ERROR.*
Critical. Various logging errors.
MAIL.FILTER.RULE_MATCH_ALERT
MID $mid matched the $rule_name rule. \n Details: $details
‘mid’ - Unique
identification number of the
message.
identification number of the
message.
‘rule_name’ - The name of
the rule that matched.
the rule that matched.
‘details’ - More information
about the message or the
rule.
about the message or the
rule.
Information. Sent every time when a Header Repeats rule
evaluates to
evaluates to
true
.
MAIL.PERRCPT.LDAP_
GROUP_QUERY_FAILED
GROUP_QUERY_FAILED
LDAP group query failure during per-recipient scanning,
possible LDAP misconfiguration or unreachable server.
possible LDAP misconfiguration or unreachable server.
Critical. Sent when an LDAP group query fails during
per-recipient scanning.
per-recipient scanning.
MAIL.QUEUE.ERROR.*
Critical. Various mail queue hard errors.
Table 31-7
Listing of Possible System Alerts (continued)
Alert Name
Message and Description
Parameters