Cisco Cisco Content Security Management Appliance M1070 用户指南

下载
页码 416
 
14-33
AsyncOS 9.0 for Cisco Content Security Management Appliances User Guide
 
Chapter 14      Common Administrative Tasks
  Managing Alerts
INTERFACE.
FAILOVER.FAILURE_
BACKUP_RECOVERED
Sent when a NIC pair failover is recovered.
Information
INTERFACE.FAILOVER.
FAILURE_DETECTED
Sent when a NIC pairing failover is detected due to an 
interface failure.
Critical
INTERFACE.FAILOVER.
FAILURE_DETECTED_NO_
BACKUP
Sent when a NIC pairing failover is detected due to an 
interface failure, but a backup interface is not available.
Critical
INTERFACE.FAILOVER.
FAILURE_RECOVERED
Sent when a NIC pair failover is recovered.
Information
INTERFACE.FAILOVER.
MANUAL
Sent when a manual failover to another NIC pair is 
detected.
Information
COMMON.INVALID_FILTER
Sent when an invalid filter is encountered.
Warning
IPBLOCKD.HOST_ADDED_T
O_WHITELIST
IPBLOCKD.HOST_ADDED_T
O_BLACKLIST
IPBLOCKD.HOST_REMOVED
_FROM_BLACKLIST
Alert messages: 
The host at <IP address> has been added to the 
blacklist because of an SSH DOS attack.
The host at <IP address> has been permanently 
added to the ssh whitelist. 
The host at <IP address> has been removed from the 
blacklist 
IP addresses that try to connect to the appliance over SSH 
but do not provide valid credentials are added to the SSH 
blacklist if more than 10 failed attempts occur within two 
minutes. 
When a user logs in successfully from the same IP 
address, that IP address is added to the whitelist. 
Addresses on the whitelist are allowed access even if they 
are also on the blacklist. 
Warning
LDAP.GROUP_QUERY_
FAILED_ALERT
Sent when an LDAP group query fails.
Critical
LDAP.HARD_ERROR
Sent when an LDAP query fails completely (after trying 
all servers).
Critical
LOG.ERROR.*
Various logging errors.
Critical
MAIL.PERRCPT.LDAP_
GROUP_QUERY_FAILED
Sent when an LDAP group query fails during 
per-recipient scanning.
Critical
MAIL.QUEUE.ERROR.*
Various mail queue hard errors.
Critical
MAIL.RES_CON_START_
ALERT.MEMORY
Sent when RAM utilization has exceeded the system 
resource conservation threshold.
Critical
MAIL.RES_CON_START_
ALERT.QUEUE_SLOW
Sent when the mail queue is overloaded and system 
resource conservation is enabled.
Critical
MAIL.RES_CON_START_
ALERT.QUEUE
Sent when queue utilization has exceeded the system 
resource conservation threshold.
Critical
MAIL.RES_CON_START_
ALERT.WORKQ
Sent when listeners are suspended because the work 
queue size is too big.
Critical
Alert Name
Description
Severity