SECURITY
cli_user_login
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2001 |
Event name | cli_user_login |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ logged in |
Cause | A user successfully authenticated for login. |
Effect | A user access session was started. |
Recovery |
No recovery is required |
cli_user_login_failed
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2003 |
Event name | cli_user_login_failed |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ failed authentication |
Cause | A user failed authentication. |
Effect |
The user access session does not begin. The user will be given another opportunity to authenticate himself. |
Recovery | No recovery is required |
cli_user_login_max_attempts
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2004 |
Event name | cli_user_login_max_attempts |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.46 |
Default severity |
minor |
Source stream | security |
Message format string | User $tmnxSecNotifyUserName$ from $tmnxSecNotifyAddr$ attempted more than $tmnxPasswordAttemptsCount$ times to log in, user locked out for $tmnxPasswordAttemptsLockoutPeriod$ min |
Cause | A tmnxUserCliLoginMaxAttempts notification is generated when a user attempting to open a CLI session failed to authenticate for more than a maximum allowed number of times in a period of tmnxPasswordAttemptsTime minutes. The value of the object tmnxPasswordAttemptsCount indicates the maximum number of unsuccessful login attempts allowed. The value of the object tmnxPasswordAttemptsLockoutPeriod indicates the number of minutes the user is locked out if the threshold of unsuccessful login attempts has been exceeded. The value of the object tmnxSecNotifyUserName indicates the name of the user attempting to open a CLI session. The value of the object tmnxSecNotifyAddrType indicates the type of the IP address stored in the object tmnxSecNotifyAddr. The value of the object tmnxSecNotifyAddr indicates the IP address of the user attempting to open a CLI session. |
Effect | The user is locked out for a period of tmnxPasswordAttemptsLockoutPeriod minutes. A remote access session is terminated. |
Recovery | No recovery action is required. |
cli_user_logout
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2002 |
Event name | cli_user_logout |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ logged out |
Cause | A user logged out. |
Effect |
A user access session ended. |
Recovery | No recovery is required |
enable_admin
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2022 |
Event name | enable_admin |
SNMP notification prefix and OID |
N/A |
Default severity | warning |
Source stream | security |
Message format string |
User $userName$ from $srcAddr$ successfully entered into admin enable mode |
Cause | A user successfully entered into the admin enable mode. |
Effect | A user access session is started. |
Recovery |
No recovery is required |
ftp_transfer_failed
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2021 |
Event name | ftp_transfer_failed |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | $appType$ of $fileName$ initiated by $userName$ from $srcAddr$ to $dstAddr$ failed. |
Cause | A FTP/TFTP transfer failed. |
Effect | N/A |
Recovery | No recovery is required |
ftp_transfer_successful
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2020 |
Event name | ftp_transfer_successful |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
$appType$ of $fileName$ initiated by $userName$ from $srcAddr$ to $dstAddr$ completed successfully. |
Cause | A FTP/TFTP transfer completed successfully. |
Effect | N/A |
Recovery | No recovery is required |
ftp_user_login
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2005 |
Event name | ftp_user_login |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ logged in |
Cause | A user was successfully authenticated for login. |
Effect | A user access session was started |
Recovery |
No recovery is required |
ftp_user_login_failed
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2007 |
Event name | ftp_user_login_failed |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ failed authentication |
Cause | A user failed authentication. |
Effect |
The user access session was not started. The user will be given another opportunity to authenticate himself. |
Recovery | No recovery is required |
ftp_user_login_max_attempts
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2008 |
Event name | ftp_user_login_max_attempts |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.47 |
Default severity |
minor |
Source stream | security |
Message format string | User $tmnxSecNotifyUserName$ from $tmnxSecNotifyAddr$ attempted more than $tmnxPasswordAttemptsCount$ times to log in, user locked out for $tmnxPasswordAttemptsLockoutPeriod$ min |
Cause | A tmnxUserFtpLoginMaxAttempts notification is generated when a user attempting to connect via FTP failed to authenticate for more than a maximum allowed number of times in a period of tmnxPasswordAttemptsTime minutes. The value of the object tmnxPasswordAttemptsCount indicates the maximum number of unsuccessful login attempts allowed. The value of the object tmnxPasswordAttemptsLockoutPeriod indicates the number of minutes the user is locked out if the threshold of unsuccessful login attempts has been exceeded. The value of the object tmnxSecNotifyUserName indicates the name of the user attempting to connect via FTP. The value of the object tmnxSecNotifyAddrType indicates the type of the IP address stored in the object tmnxSecNotifyAddr. The value of the object tmnxSecNotifyAddr indicates the IP address of the user attempting to connect via FTP. |
Effect | The user is locked out for a period of tmnxPasswordAttemptsLockoutPeriod minutes. An FTP session is terminated. |
Recovery | No recovery action is required. |
ftp_user_logout
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2006 |
Event name | ftp_user_logout |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ logged out |
Cause | A user logged out. |
Effect |
The user access session ended. |
Recovery | No recovery is required. |
grpc_auth
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2229 |
Event name | grpc_auth |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
User $userName$ from $srcAddr$ port $srcPort$ to port $dstPort$ session $sessionId$: $rpcName$ RPC authorized |
Cause | The user called an authorized RPC in the gRPC interface. |
Effect | The RPC was processed. |
Recovery |
No recovery is required. |
grpc_unauth
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2230 |
Event name | grpc_unauth |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
User $userName$ from $srcAddr$ port $srcPort$ to port $dstPort$ session $sessionId$: $rpcName$ RPC unauthorized |
Cause | The user called an unauthorized RPC in the gRPC interface. |
Effect | The RPC was not processed. |
Recovery |
No recovery is required. |
grpc_user_login
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2117 |
Event name | grpc_user_login |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ logged in |
Cause | A user was successfully authenticated for login. |
Effect | A user access session was started |
Recovery |
No recovery is required |
grpc_user_login_failed
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2119 |
Event name | grpc_user_login_failed |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ failed authentication |
Cause | A user failed authentication. |
Effect |
The user access session was not started. The user will be given another opportunity to authenticate himself. |
Recovery | No recovery is required |
grpc_user_login_max_attempts
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2120 |
Event name | grpc_user_login_max_attempts |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
User from $srcAddr$ attempted more than $maxAttempts$ times to log in, user is locked out |
Cause | A user failed to authenticate in more than the permitted number of retries. |
Effect | The gRPC session was terminated. |
Recovery |
No recovery is required. |
grpc_user_logout
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2118 |
Event name | grpc_user_logout |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ logged out |
Cause | A user logged out. |
Effect |
The user access session ended. |
Recovery | No recovery is required. |
host_snmp_attempts
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2023 |
Event name | host_snmp_attempts |
SNMP notification prefix and OID |
N/A |
Default severity | warning |
Source stream | security |
Message format string |
Host $hostAddress$ is locked out for $lockoutTime$ minutes since it exceeded the configured threshold of unsuccessful SNMP connection attempts. |
Cause | The remote SNMP host exceeded the configured attempts. |
Effect | The remote SNMP host is locked out and the router will not respond to further SNMP requests from the host. |
Recovery | N/A |
mafEntryMatch
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2019 |
Event name | mafEntryMatch |
SNMP notification prefix and OID |
N/A |
Default severity | major |
Source stream | security |
Message format string |
Description: $mafEntryDescription$ .There have been $mafEntryDropped$ matches since the previously logged match. Interface: $sourceInterface$, action: $mafEntryAction$ $mafEntryProtocol$ |
Cause | A match has been found for an entry in the management access filter. |
Effect | N/A |
Recovery | No recovery is necessary. |
md_cli_io
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2223 |
Event name | md_cli_io |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
Possible messages:
|
Cause | The user entered an authorized command in the MD-CLI. |
Effect | The CLI command was processed in the MD-CLI engine. |
Recovery | No recovery is required. |
md_cli_unauth_io
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2224 |
Event name | md_cli_unauth_io |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
Possible messages:
|
Cause | The user entered an unauthorized command in the MD-CLI. |
Effect | The MD-CLI command was not processed. |
Recovery |
No recovery is required. |
netconf_auth
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2227 |
Event name | netconf_auth |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
User $userName$ from $srcAddr$ port $srcPort$ to port $dstPort$ session $sessionId$: $rpcName$ RPC authorized |
Cause | The user called an authorized RPC in the NETCONF interface. |
Effect | The RPC was processed. |
Recovery |
No recovery is required. |
netconf_unauth
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2228 |
Event name | netconf_unauth |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ port $srcPort$ to port $dstPort$ session $sessionId$: $rpcName$ RPC unauthorized |
Cause |
The user called an unauthorized RPC in the NETCONF interface. |
Effect |
The RPC was not processed. |
Recovery | No recovery is required. |
netconf_user_login
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2121 |
Event name | netconf_user_login |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
User $userName$ from $srcAddr$ logged in |
Cause |
A user successfully authenticated for login. |
Effect |
A user access session was started. |
Recovery | No recovery is required |
netconf_user_login_failed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2123 |
Event name | netconf_user_login_failed |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
User $userName$ from $srcAddr$ failed authentication |
Cause |
A user failed authentication. |
Effect | The user access session does not begin. The user will be given another opportunity to authenticate himself. |
Recovery | No recovery is required |
netconf_user_login_max_attempts
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2124 |
Event name | netconf_user_login_max_attempts |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.55 |
Default severity |
minor |
Source stream | security |
Message format string | User $tmnxSecNotifyUserName$ from $tmnxSecNotifyAddr$ attempted more than $tmnxPasswordAttemptsCount$ times to log in, user locked out for $tmnxPasswordAttemptsLockoutPeriod$ min |
Cause | A tmnxUserNetconfLoginMaxAttempts notification is generated when a user attempting to open a netconf session failed to authenticate for more than a maximum allowed number of times in a period of tmnxPasswordAttemptsTime minutes. The value of the object tmnxPasswordAttemptsCount indicates the maximum number of unsuccessful login attempts allowed. The value of the object tmnxPasswordAttemptsLockoutPeriod indicates the number of minutes the user is locked out if the threshold of unsuccessful login attempts has been exceeded. The value of the object tmnxSecNotifyUserName indicates the name of the user attempting to open a netconf session. The value of the object tmnxSecNotifyAddrType indicates the type of the IP address stored in the object tmnxSecNotifyAddr. The value of the object tmnxSecNotifyAddr indicates the IP address of the user attempting to open a netconf session. |
Effect | The user is locked out for a period of tmnxPasswordAttemptsLockoutPeriod minutes. A remote access session is terminated. |
Recovery | No recovery action is required. |
netconf_user_logout
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2122 |
Event name | netconf_user_logout |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
User $userName$ from $srcAddr$ logged out |
Cause |
A user logged out. |
Effect | A user access session ended. |
Recovery | No recovery is required |
radiusInetServerOperStatusChange
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2026 |
Event name | radiusInetServerOperStatusChange |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.36 |
Default severity |
minor |
Source stream | security |
Message format string | RADIUS server $radiusServerInetAddress$ operational status changed to $radiusServerOperStatus$. |
Cause | The operational status of a RADIUS server has transitioned either from 'up' to 'down' or from 'down' to 'up'. |
Effect | N/A |
Recovery | No recovery is necessary. |
radiusOperStatusChange
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2014 |
Event name | radiusOperStatusChange |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.7 |
Default severity |
minor |
Source stream | security |
Message format string | RADIUS operational status changed to $radiusOperStatus$ |
Cause | The radiusOperStatus has transitioned either from 'up' to 'down' or from 'down' to 'up'. |
Effect | N/A |
Recovery | No recovery is necessary. |
radiusSystemIpAddrNotSet
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2016 |
Event name | radiusSystemIpAddrNotSet |
SNMP notification prefix and OID |
N/A |
Default severity | major |
Source stream | security |
Message format string |
System IP address is not configured |
Cause | A user attempted authentication through RADIUS but the system IP address is not configured. |
Effect | Cannot authenticate the user using RADIUS. |
Recovery | Configure the system IP address. |
radiusUserProfileInvalid
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2220 |
Event name | radiusUserProfileInvalid |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
Invalid $attrType$ '$attrValue$' received from RADIUS server for user '$userName$' |
Cause | The RADIUS server provided invalid user profile entry. |
Effect | The RADIUS user will not be authorized to execute any commands. |
Recovery | The RADIUS server configuration needs to be updated to contain only valid user profile entries. |
sapDcpDynamicConform
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2059 |
Event name | sapDcpDynamicConform |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.46 |
Default severity | warning |
Source stream | security |
Message format string |
Sap $sapEncapValue$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ newly conformant at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. Policer=$sapDcpFpProtocol$(dynamic). Excd count=$sapDcpFpDynExcdCount$ |
Cause | The sapDcpDynamicConform notification is generated when the protocol for a particular SAP has been detected as conformant for a period of the configured detection-time after having been previously detected as exceeding and completed any hold-down period. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtStaticPlcrLogEvent is configured to 'enable' or 'verbose'. |
Effect | The affected SAP is now in conformance with the parameters configured for the associated distributed CPU protection policy. |
Recovery | There is no recovery required for this notification. |
sapDcpDynamicEnforceAlloc
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2064 |
Event name | sapDcpDynamicEnforceAlloc |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.51 |
Default severity | warning |
Source stream | security |
Message format string |
Dynamic $sapDcpFpProtocol$ policers allocated for sap $sapEncapValue$ on fp $tmnxCardSlotNum$/ $tmnxFPNum$ at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. |
Cause | The sapDcpDynamicEnforceAlloc notification is generated when a dynamic enforcement policer is allocated on a particular SAP. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtProtocolDynLogEvent is configured to 'verbose'. |
Effect | The affected SAP is not in conformance with the configured parameters of the associated distributed CPU protection policy and may be using more resources than expected and cause the system to under-perform. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected SAP may be required. |
sapDcpDynamicEnforceFreed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2065 |
Event name | sapDcpDynamicEnforceFreed |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.52 |
Default severity | warning |
Source stream | security |
Message format string |
Dynamic $sapDcpFpProtocol$ policers freed for sap $sapEncapValue$ on fp $tmnxCardSlotNum$/ $tmnxFPNum$ at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. Excd count=$sapDcpFpDynExcdCount$ |
Cause | The sapDcpDynamicEnforceFreed notification is generated when a dynamic enforcement policer is freed on a particular SAP. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtProtocolDynLogEvent is configured to 'verbose'. |
Effect | The affected SAP is now in conformance with the configured parameters of the associated distributed CPU protection policy. |
Recovery | There is no recovery required for this notification. |
sapDcpDynamicExcd
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2053 |
Event name | sapDcpDynamicExcd |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.40 |
Default severity | warning |
Source stream | security |
Message format string |
Non conformant sap $sapEncapValue$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ detected at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. Policer=$sapDcpFpProtocol$(dynamic). Excd count= $sapDcpFpDynExcdCount$ |
Cause | The sapDcpDynamicExcd notification is generated when the protocol on a particular SAP has been detected as non-conformant to the associated distributed CPU protection policy parameters. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtProtocolDynLogEvent is configured to 'enable' or 'verbose'. |
Effect | The affected SAP may be using more resources than expected and cause the system to under-perform. This notification may indicate a Denial of Service attack or a misconfiguration in the network. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected SAP may be required. |
sapDcpDynamicHoldDownEnd
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2057 |
Event name | sapDcpDynamicHoldDownEnd |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.44 |
Default severity | warning |
Source stream | security |
Message format string |
Hold-down completed for sap $sapEncapValue$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. Policer=$sapDcpFpProtocol$(dynamic). Excd count= $sapDcpFpDynExcdCount$ |
Cause | The sapDcpDynamicHoldDownEnd notification is generated when a particular SAP completes hold-down period for an exceeding protocol. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtProtocolDynLogEvent is configured to 'verbose'. |
Effect | The protocol for an affected SAP will transition to a detection-time countdown after the hold-down period is complete. |
Recovery | There is no recovery required for this notification. |
sapDcpDynamicHoldDownStart
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2055 |
Event name | sapDcpDynamicHoldDownStart |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.42 |
Default severity | warning |
Source stream | security |
Message format string |
Hold-down started for sap $sapEncapValue$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. Policer=$sapDcpFpProtocol$(dynamic). Excd count= $sapDcpFpDynExcdCount$ |
Cause | The sapDcpDynamicHoldDownStart notification is generated when a particular SAP starts hold-down period for an exceeding protocol. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtProtocolDynLogEvent is configured to 'verbose'. |
Effect | The protocol will treat all packets as non-conformant during the hold-down period. |
Recovery | There is no recovery required for this notification. |
sapDcpLocMonExcd
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2060 |
Event name | sapDcpLocMonExcd |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.47 |
Default severity | warning |
Source stream | security |
Message format string |
Local monitor $sapDcpFpLocMonPlcrName$ for sap $sapEncapValue$ on fp $tmnxCardSlotNum$/ $tmnxFPNum$ detected as non-conformant at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. Excd count= $sapDcpFpLocMonExcdCount$ |
Cause | The sapDcpLocMonExcd notification is generated when the local-monitoring-policer for a particular SAP has transitioned from a conformant state to a non-conformant state and the system will attempt to allocate dynamic enforcement policers. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtLocMonPlcrLogEvent is configured to 'verbose'. |
Effect | The affected SAP may be using more resources than expected and cause the system to under-perform. This notification may indicate a Denial of Service attack or a misconfiguration in the network. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected SAP may be required. |
sapDcpLocMonExcdAllDynAlloc
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2062 |
Event name | sapDcpLocMonExcdAllDynAlloc |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.49 |
Default severity | warning |
Source stream | security |
Message format string |
All dynamic policers allocated for local monitor $sapDcpFpLocMonPlcrName$ for sap $sapEncapValue$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. Excd count= $sapDcpFpLocMonExcdCount$ |
Cause | The sapDcpLocMonExcdAllDynAlloc notification is generated when all dynamic enforcement policers associated with a non-conformant local-monitoring-policer have been successfully allocated for a particular SAP. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtLocMonPlcrLogEvent is configure to 'verbose'. |
Effect | The affected SAP may be using more resources than expected and cause the system to under-perform. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected SAP may be required. |
sapDcpLocMonExcdAllDynFreed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2063 |
Event name | sapDcpLocMonExcdAllDynFreed |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.50 |
Default severity | warning |
Source stream | security |
Message format string |
All dynamic policers freed for local monitor $sapDcpFpLocMonPlcrName$ for sap $sapEncapValue$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. |
Cause | The sapDcpLocMonExcdAllDynFreed notification is generated for a particular SAP when all the previously allocated dynamic enforcement policers for a particular local-monitoring-policer on the associated distributed CPU protection policy have been freed up and all the protocols are once again being monitored by local-monitor. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtLocMonPlcrLogEvent is configured to 'verbose'. |
Effect | The affected SAP may be using more resources than expected and cause the system to under-perform. |
Recovery | There is no recovery required for this notification. |
sapDcpLocMonExcdDynResource
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2061 |
Event name | sapDcpLocMonExcdDynResource |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.48 |
Default severity | warning |
Source stream | security |
Message format string |
Local monitor $sapDcpFpLocMonPlcrName$ for sap $sapEncapValue$ on fp $tmnxCardSlotNum$/ $tmnxFPNum$ detected as non-conformant at $sapDcpTimeEventOccured$ and cannot allocate dynamic policers. Policy $sapDCpuProtPolicy$. Excd count=$sapDcpFpLocMonExcdCount$ |
Cause |
The sapDcpLocMonExcdDynResource notification is generated when the local-monitoring-policer for a particular SAP has transitioned from a conformant state to a non-conformant state and the system cannot allocate all the dynamic enforcements policers associated with the distributed CPU protection policy . This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtLocMonPlcrLogEvent is configured to 'enable' or 'verbose'. |
Effect | The affected SAP may be using more resources than expected and cause the system to under-perform. This notification may indicate a Denial of Service attack or a misconfiguration in the network. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected SAP or to the dynamic enforcement policer pool(TIMETRA-CHASSIS-MIB.mib::tmnxFPDCpuProtDynEnfrcPlcrPool). |
sapDcpStaticConform
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2058 |
Event name | sapDcpStaticConform |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.45 |
Default severity | warning |
Source stream | security |
Message format string |
Sap $sapEncapValue$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ newly conformant at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. Policer=$sapDcpFpStaticPlcrName$(static). Excd count=$sapDcpFpStaticExcdCount$ |
Cause | The sapDcpStaticConform notification is generated when the static-policer for a particular SAP has been detected as conformant for a period of the configured detection-time after having been previously detected as exceeding and completed any hold-down period. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtStaticPlcrLogEvent is configured to 'enable' or 'verbose'. |
Effect | The affected SAP is now in conformance with the parameters configured for the associated distributed CPU protection policy. |
Recovery | There is no recovery required for this notification. |
sapDcpStaticExcd
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2052 |
Event name | sapDcpStaticExcd |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.39 |
Default severity | warning |
Source stream | security |
Message format string |
Non conformant sap $sapEncapValue$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ detected at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. Policer=$sapDcpFpStaticPlcrName$(static). Excd count= $sapDcpFpStaticExcdCount$ |
Cause | The sapDcpStaticExcd notification is generated when the static-policer on a particular SAP has been detected as non-conformant to the associated distributed CPU protection policy parameters. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtStaticPlcrLogEvent is configured to 'enable' or 'verbose'. |
Effect | The affected SAP may be using more resources than expected and cause the system to under-perform. This notification may indicate a Denial of Service attack or a misconfiguration in the network. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected SAP may be required. |
sapDcpStaticHoldDownEnd
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2056 |
Event name | sapDcpStaticHoldDownEnd |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.43 |
Default severity | warning |
Source stream | security |
Message format string |
Hold-down completed for sap $sapEncapValue$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. Policer=$sapDcpFpStaticPlcrName$(static). Excd count= $sapDcpFpStaticExcdCount$ |
Cause | The sapDcpStaticHoldDownEnd notification is generated when a particular SAP completes hold-down period for an exceeding static-policer. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtStaticPlcrLogEvent is configured to 'verbose'. |
Effect | The static-policer for an affected SAP will transition to a detection-time countdown after the hold-down period is complete. |
Recovery | There is no recovery required for this notification. |
sapDcpStaticHoldDownStart
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2054 |
Event name | sapDcpStaticHoldDownStart |
SNMP notification prefix and OID |
TIMETRA-SAP-MIB.sapTraps.41 |
Default severity | warning |
Source stream | security |
Message format string |
Hold-down started for sap $sapEncapValue$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $sapDcpTimeEventOccured$. Policy $sapDCpuProtPolicy$. Policer=$sapDcpFpStaticPlcrName$(static). Excd count= $sapDcpFpStaticExcdCount$ |
Cause | The sapDcpStaticHoldDownStart notification is generated when a particular SAP starts hold-down period for an exceeding static-policer. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtStaticPlcrLogEvent is configured to 'verbose'. |
Effect | The static-policer will treat all packets as non-conformant during the hold-down period. |
Recovery | There is no recovery required for this notification. |
SSH_server_preserve_key_fail
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2024 |
Event name | SSH_server_preserve_key_fail |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.1 |
Default severity |
minor |
Source stream | security |
Message format string | Persistence of SSH server host key failed on $tmnxCpmFlashHwIndex$ with operational status $tmnxCpmFlashOperStatus$. |
Cause | Persistence of the SSH server host keys failed. |
Effect | The SSH server host key will differ after reboot. The remote server host key will not be stored across reboots. |
Recovery | N/A |
ssh_user_login
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2009 |
Event name | ssh_user_login |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ logged in |
Cause | A user was successfully authenticated for login. |
Effect | The user access session was started. |
Recovery |
No recovery is required |
ssh_user_login_failed
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2011 |
Event name | ssh_user_login_failed |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ failed authentication |
Cause | A user failed authentication. |
Effect |
The user access session was not started. The user will be given another opportunity to authenticate himself. |
Recovery | No recovery is required |
ssh_user_login_max_attempts
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2012 |
Event name | ssh_user_login_max_attempts |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.48 |
Default severity |
minor |
Source stream | security |
Message format string | User $tmnxSecNotifyUserName$ from $tmnxSecNotifyAddr$ attempted more than $tmnxPasswordAttemptsCount$ times to log in, user locked out for $tmnxPasswordAttemptsLockoutPeriod$ min |
Cause | A tmnxUserSshLoginMaxAttempts notification is generated when a user attempting to connect via SSH failed to authenticate for more than a maximum allowed number of times in a period of tmnxPasswordAttemptsTime minutes. The value of the object tmnxPasswordAttemptsCount indicates the maximum number of unsuccessful login attempts allowed. The value of the object tmnxPasswordAttemptsLockoutPeriod indicates the number of minutes the user is locked out if the threshold of unsuccessful login attempts has been exceeded. The value of the object tmnxSecNotifyUserName indicates the name of the user attempting to connect via SSH. The value of the object tmnxSecNotifyAddrType indicates the type of the IP address stored in the object tmnxSecNotifyAddr. The value of the object tmnxSecNotifyAddr indicates the IP address of the user attempting to connect via SSH. |
Effect | The user is locked out for a period of tmnxPasswordAttemptsLockoutPeriod minutes. An SSH session is terminated. |
Recovery | No recovery action is required. |
ssh_user_logout
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2010 |
Event name | ssh_user_logout |
SNMP notification prefix and OID | N/A |
Default severity |
minor |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ logged out |
Cause | A user logged out. |
Effect |
The user access session ended. |
Recovery | No recovery is required. |
sysDNSSecFailedAuthentication
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2086 |
Event name | sysDNSSecFailedAuthentication |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.57 |
Default severity |
warning |
Source stream | security |
Message format string | Possible messages:
|
Cause | The sysDNSSecFailedAuthentication notification is generated when a DNS response PDU is received with an unset AD-bit and sysDNSSecAdValidation is set to 'true (1)'. |
Effect | This notification is informational only. The message will vary depending on the state of sysDNSSecRespCtrl. |
Recovery | There is no recovery required for this notification. |
tacplusInetSrvrOperStatusChange
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2025 |
Event name | tacplusInetSrvrOperStatusChange |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.35 |
Default severity |
minor |
Source stream | security |
Message format string | TACACS+ server $tacPlusServerInetAddress$ operational status changed to $tacplusServerOperStatus$. |
Cause | The operational status of a TACACS+ server has transitioned either from 'up' to 'down' or from 'down' to 'up'. |
Effect | N/A |
Recovery | No recovery is necessary. |
tacplusOperStatusChange
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2018 |
Event name | tacplusOperStatusChange |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.20 |
Default severity |
minor |
Source stream | security |
Message format string | TACACS+ operational status changed to $tacplusOperStatus$. |
Cause | The TACACS+ operational status has transitioned either from 'up' to 'down' or from 'down' to 'up'. |
Effect | N/A |
Recovery | No recovery is necessary. |
tmnxAppPkiCertVerificationFailed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2116 |
Event name | tmnxAppPkiCertVerificationFailed |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.54 |
Default severity |
minor |
Source stream | security |
Message format string | $tmnxSecNotifClientAppName$ : Certificate $tmnxSecNotifCert$ verification failed due to $tmnxSecNotifFailureReason$ |
Cause | The tmnxAppPkiCertVerificationFailed notification is generated when an attempt to verify the certificate fails for a non-IPsec application. |
Effect | Fail to establish a secured connection with the remote entity. |
Recovery | Make sure the certificate specified in tmnxSecNotifCert is a valid certificate and an appropriate trust anchor is configured. |
tmnxCAProfileStateChange
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2045 |
Event name | tmnxCAProfileStateChange |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.18 |
Default severity |
minor |
Source stream | security |
Message format string | CA profile $tmnxPkiCAProfile$ changed state to $tmnxPkiCAProfileOperState$ $tmnxSecNotifFailureReason$ |
Cause | The tmnxCAProfileStateChange notification is generated when Certificate Authority profile changes state to 'down' due to tmnxSecNotifFailureReason. |
Effect | Certificate Authority profile will remain in this state until a corrective action is taken. |
Recovery | Depending on the reason indicated by tmnxSecNotifFailureReason, corrective action should be taken. |
tmnxCAProfUpDueToRevokeChkCrlOpt
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2094 |
Event name | tmnxCAProfUpDueToRevokeChkCrlOpt |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.27 |
Default severity |
minor |
Source stream | security |
Message format string | CA profile $tmnxPkiCAProfile$ changed state to $tmnxPkiCAProfileOperState$ regardless of $tmnxSecNotifFailureReason$ due to crl-optional is set |
Cause |
The tmnxCAProfUpDueToRevokeChkCrlOpt notification is generated when Certificate Authority profile changes state to 'up' due to tmnxPkiCAProfRevokeChk set to 'crlOptional' even with the errors in tmnxSecNotifFailureReason. |
Effect | Certificate Authority profile will remain up. |
Recovery | Errors described in tmnxSecNotifFailureReason should still be corrected. |
tmnxCertExport
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2233 |
Event name | tmnxCertExport |
SNMP notification prefix and OID | TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.58 |
Default severity | minor |
Source stream |
security |
Message format string | admin certificate export type $tmnxSecNotifyImportExportType$ input $tmnxSecNotifyUrl$ output $tmnxSecNotifFile$ format $tmnxSecNotifyImportExportFormat$ : $tmnxSecEventOutcome$ |
Cause |
A tmnxCertExport notification is generated when a user exports a cryptographic key, certificate, or CRL with the admin certificate command |
Effect | N/A |
Recovery | N/A |
tmnxCertImport
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2232 |
Event name | tmnxCertImport |
SNMP notification prefix and OID | TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.57 |
Default severity | minor |
Source stream |
security |
Message format string | admin certificate import type $tmnxSecNotifyImportExportType$ input $tmnxSecNotifyUrl$ output $tmnxSecNotifFile$ format $tmnxSecNotifyImportExportFormat$ : $tmnxSecEventOutcome$ |
Cause |
A tmnxCertImport notification is generated when a user imports a cryptographic key, certificate, or CRL with the admin certificate command |
Effect | N/A |
Recovery | N/A |
tmnxCertKeyPairGen
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2231 |
Event name | tmnxCertKeyPairGen |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.56 |
Default severity |
minor |
Source stream | security |
Message format string | Possible messages:
|
Cause | A tmnxCertKeyPairGen notification is generated when a user generates a cryptographic key with the admin certificate command |
Effect | N/A |
Recovery | N/A |
tmnxCliGroupSessionLimitExceeded
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2112 |
Event name | tmnxCliGroupSessionLimitExceeded |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.44 |
Default severity |
minor |
Source stream | security |
Message format string | $tmnxSessionLimitExceededType$ of CLI session group ' $tmnxSessionLimitExceededName$' has been exceeded |
Cause |
The tmnxCliGroupSessionLimitExceeded notification is generated when an attempt to establish a new user access session is not successful because any of SSH / Telnet / Total session limits defined for the CLI session group of which the user is an indirect member (as a member of a user profile that is a member of the CLI session group) has been exceeded. The value of the object tmnxSessionLimitExceededName indicates the name of the CLI session group of which the session limit has been exceeded. The value of the object tmnxSessionLimitExceededType indicates the type of the session limit that has been exceeded. |
Effect | The user access session has not been established. |
Recovery | An administrator may execute one of the following actions in order to allow a successful session establishment: 1) force disconnection of an existing session(s) using 'admin disconnect' CLI command 2) increase the value of the session limit using CLI or SNMP SET operation on the corresponding object in tmnxCliSessionGroupTable 3) revoke the profile membership for the particular user (beware that this action may have impact on user's privileges) 4) revoke the session group membership for the particular profile |
tmnxConfigCreate
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2207 |
Event name | tmnxConfigCreate |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.9 |
Default severity |
warning |
Source stream | security |
Message format string | $tmnxNotifyObjectName$ managed object created |
Cause | A new row entry was created in one of the MIB tables. This event can be used by an NMS to trigger maintenance polls of the configuration information. Although this log event is primarily associated with classic management interfaces (for example, Classic CLI or SNMP), it is also generated when configuration changes are committed using model driven interfaces (for example, MD-CLI or NETCONF). |
Effect | N/A |
Recovery | No recovery is necessary. |
tmnxConfigDelete
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2208 |
Event name | tmnxConfigDelete |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.10 |
Default severity |
warning |
Source stream | security |
Message format string | $tmnxNotifyObjectName$ managed object deleted |
Cause | An existing row entry in one of the MIB tables is deleted. This event can be used by an NMS to trigger maintenance polls of the configuration information. Although this log event is primarily associated with classic management interfaces (for example, Classic CLI or SNMP), it is also generated when configuration changes are committed using model driven interfaces (for example, MD-CLI or NETCONF). |
Effect | N/A |
Recovery | No recovery is necessary. |
tmnxConfigModify
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2206 |
Event name | tmnxConfigModify |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.8 |
Default severity |
warning |
Source stream | security |
Message format string | $tmnxNotifyObjectName$ configuration modified |
Cause | A configuration attribute associated with a row entry in a MIB table was modified. this event can be used by an NMS to trigger maintenance polls of the configuration information. Although this log event is primarily associated with classic management interfaces (for example, Classic CLI or SNMP), it is also generated when configuration changes are committed using model driven interfaces (for example, MD-CLI or NETCONF). |
Effect | N/A |
Recovery | No recovery is necessary. |
tmnxCpmProtDefPolModified
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2037 |
Event name | tmnxCpmProtDefPolModified |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.11 |
Default severity |
minor |
Source stream | security |
Message format string | Default policy $tmnxCpmProtPolId$ being modified by user. |
Cause | User modifies default access or default network policy. |
Effect | N/A |
Recovery | No recovery is necessary. |
tmnxCpmProtExcdSapEcm
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2041 |
Event name | tmnxCpmProtExcdSapEcm |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.14 |
Default severity |
warning |
Source stream | security |
Message format string | Eth-CFM packet arrival rate exceeded for Eth-CFM opcode $tmnxCpmProtExcdSapEcmOpCode$ domain level $tmnxCpmProtExcdSapEcmLevel$ MAC $tmnxCpmProtExcdSapEcmMac$ SAP $sapEncapValue$ in service $svcId$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | The tmnxCpmProtExcdSapEcm notification is generated when an Eth-CFM packet stream (identified by a source MAC address, domain level, and Eth-CFM opcode) arrives at a local SAP at a rate which exceeds the configured Eth-CFM rate limit for the stream. |
Effect | One or more Eth-CFM packets arriving at the SAP was discarded. |
Recovery | Reduce the packet transmission rate at the far end, or increase the locally configured Eth-CFM rate limit for the stream. |
tmnxCpmProtExcdSapIp
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2046 |
Event name | tmnxCpmProtExcdSapIp |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.19 |
Default severity |
warning |
Source stream | security |
Message format string | Per-source packet arrival rate exceeded for IP $tmnxCpmProtExcdSapIpAddr$ SAP $sapEncapValue$ in service $svcId$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | The tmnxCpmProtExcdSapIp notification is generated when a source (identified by an IP address) sends a packet stream to a local SAP at a rate which exceeds the SAP's configured per-source-rate. [EFFECT] One or more packets arriving at the SAP was discarded. [RECOVERY] Reduce the packet transmission rate at the far end, OR increase the locally configured per-source-rate for the SAP, OR disable per-IP-source rate limiting on the SAP by setting TIMETRA-SAP-MIB::sapCpmProtMonitorIP to 'false'. |
Effect | N/A |
Recovery | N/A |
tmnxCpmProtExcdSdpBind
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2040 |
Event name | tmnxCpmProtExcdSdpBind |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.13 |
Default severity |
warning |
Source stream | security |
Message format string | Per-source packet arrival rate exceeded for MAC $tmnxCpmProtExcdSdpBindMac$ SDP Bind $sdpBindId$ in service $svcId$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | The tmnxCpmProtExcdSdpBind notification is generated when a source (identified by a MAC address) sends a packet stream to a local mesh-sdp or spoke-sdp at a rate which exceeds the SDP's configured per-source-rate. |
Effect | One or more packets arriving at the mesh-sdp or spoke-sdp was discarded. |
Recovery | Reduce the packet transmission rate at the far end, or increase the locally configured per-source-rate for the SDP. |
tmnxCpmProtExcdSdpBindEcm
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2042 |
Event name | tmnxCpmProtExcdSdpBindEcm |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.15 |
Default severity |
warning |
Source stream | security |
Message format string | Eth-CFM packet arrival rate exceeded for Eth-CFM opcode $tmnxCpmProtExcdSdpBindEcmOpCode$ domain level $tmnxCpmProtExcdSdpBindEcmLevel$ MAC $tmnxCpmProtExcdSdpBindEcmMac$ SDP Bind $sdpBindId$ in service $svcId$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | The tmnxCpmProtExcdSdpBindEcm notification is generated when an Eth-CFM packet stream (identified by a source MAC address, domain level, and Eth-CFM opcode) arrives at a local mesh-sdp or spoke-sdp at a rate which exceeds the configured Eth-CFM rate limit for the stream. |
Effect | One or more Eth-CFM packets arriving at the mesh-sdp or spoke-sdp was discarded. |
Recovery | Reduce the packet transmission rate at the far end, or increase the locally configured Eth-CFM rate limit for the stream. |
tmnxCpmProtExcdSdpBindIp
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2087 |
Event name | tmnxCpmProtExcdSdpBindIp |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.23 |
Default severity |
warning |
Source stream | security |
Message format string | Per-source packet arrival rate exceeded for IP $tmnxCpmProtExcdSdpBindIpAddr$ SDP Bind $sdpBindId$ in service $svcId$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | The tmnxCpmProtExcdSdpBindIp notification is generated when a source (identified by an IP address) sends a packet stream to a local mesh-sdp or spoke-sdp at a rate which exceeds the SDP's configured per-source-rate. |
Effect | One or more packets arriving at the mesh-sdp or spoke-sdp was discarded. |
Recovery | Reduce the packet transmission rate at the far end, or increase the locally configured per-source-rate for the SDP. |
tmnxCpmProtViolIf
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2030 |
Event name | tmnxCpmProtViolIf |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.5 |
Default severity |
warning |
Source stream | security |
Message format string | Overall packet arrival rate exceeded for interface $vRtrIfIndex$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | A overall packet arrival rate limit violation was detected for an interface and notifications are enabled. The overall packet arrival rate limit is specified by the managed object tmnxCpmProtPolOverallRateLimit of the interface protection policy specified by the managed object TIMETRA-VRTR-MIB::vRtrIfCpmProtPolicyId. Notifications are enabled if the value of the managed object tmnxCpmProtPolAlarm of the interface protection policy specified by the managed object TIMETRA-VRTR-MIB::vRtrIfCpmProtPolicyId is equal to 'true'. The notification may indicate either a Denial-Of-Service Attack or an inappropriate configuration of the managed object tmnxCpmProtPolOverallRateLimit. Additional information can be retrieved in the SNMP table tmnxCpmProtViolIfTable. |
Effect | While the overall packet arrival rate limit is being exceeded, some protocol packets are dropped. |
Recovery | No recovery is necessary. |
tmnxCpmProtViolIfOutProf
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2085 |
Event name | tmnxCpmProtViolIfOutProf |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.22 |
Default severity |
warning |
Source stream | security |
Message format string | Out-of-Profile control packets rate exceeded for interface $vRtrIfIndex$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | The tmnxCpmProtViolIfOutProf notification is generated when the rate at which incoming control packets are marked as out-of-profile specified by tmnxCpmProtPolOutProfileRate is exceeded. This notification is generated when tmnxCpmProtPolOutProfRateLogEvnt is set to 'true'. |
Effect | One or more control packets being marked as out-of-profile will be discarded. |
Recovery | Reduce the packet transmission rate at the far end, or increase the out-of-profile rate, tmnxCpmProtPolOutProfileRate for this interface. |
tmnxCpmProtViolMac
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2032 |
Event name | tmnxCpmProtViolMac |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.7 |
Default severity |
warning |
Source stream | security |
Message format string | Per-source packet arrival rate exceeded for MAC $tmnxCpmProtViolMacAddress$ SAP $sapEncapValue$ in service $svcId$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | A per-source rate limit violation was detected for a source, and notifications are enabled. The per-source rate limit is specified by the object tmnxCpmProtPolPerSrcRateLimit of the SAP protection policy specified by the object TIMETRA-SAP-MIB::sapCpmProtPolicyId. Notifications are enabled if the value of the object tmnxCpmProtPolAlarm of the SAP protection policy specified by the object TIMETRA-SAP-MIB::sapCpmProtPolicyId is equal to 'true'. The notification may indicate either a Denial-Of-Service Attack or an inappropriate configuration of the tmnxCpmProtPolPerSrcRateLimit Additional information can be retrieved in the table tmnxCpmProtExcdTable. |
Effect | While the per-source rate limit is being exceeded, some protocol packets are dropped. |
Recovery | No recovery is necessary. |
tmnxCpmProtViolPort
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2028 |
Event name | tmnxCpmProtViolPort |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.3 |
Default severity |
warning |
Source stream | security |
Message format string | Link-specific packet arrival rate limit exceeded for port $tmnxPortPortID$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | A link-specific packet arrival rate limit violation was detected for a port. The link-specific packet arrival rate limit is specified by the managed object tmnxCpmProtLinkRateLimit. This event may indicate either a Denial-Of-Service Attack or an inappropriate configuration of the managed object tmnxCpmProtLinkRateLimit. Additional information can be retrieved from the SNMP table tmnxCpmProtViolPortTable. |
Effect | While the link-specific packet arrival rate limit is being exceeded, some packets from link-specific protocols are dropped. |
Recovery | No recovery is necessary. |
tmnxCpmProtViolPortAgg
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2029 |
Event name | tmnxCpmProtViolPortAgg |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.4 |
Default severity |
warning |
Source stream | security |
Message format string | Per-port overall packet rate limit exceeded for port $tmnxPortPortID$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | A per-port overall packet rate limit violation was detected for a port. The per-port overall packet rate limit is specified by the managed object tmnxCpmProtPortOverallRateLimit. This event may indicate either a Denial-Of-Service Attack or an inappropriate configuration of the managed object tmnxCpmProtPortOverallRateLimit. Additional information can be retrieved from the SNMP table tmnxCpmProtViolPortTable. |
Effect | While the link-specific packet arrival rate limit is being exceeded, some protocol packets are dropped. |
Recovery | No recovery is necessary. |
tmnxCpmProtViolSap
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2031 |
Event name | tmnxCpmProtViolSap |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.6 |
Default severity |
warning |
Source stream | security |
Message format string | Overall packet arrival rate exceeded for SAP $sapEncapValue$ in service $svcId$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause |
A overall packet arrival rate limit violation was detected for a SAP and notifications are enabled. The overall packet arrival rate limit is specified by the object tmnxCpmProtPolOverallRateLimit of the SAP protection policy specified by the object TIMETRA-SAP-MIB::sapCpmProtPolicyId. Notifications are enabled if the value of the object tmnxCpmProtPolAlarm of the SAP protection policy specified by the object TIMETRA-SAP-MIB::sapCpmProtPolicyId is equal to 'true'. The notification may indicate either a Denial-Of-Service Attack or an inappropriate configuration of the tmnxCpmProtPolOverallRateLimit Additional information can be retrieved in the table tmnxCpmProtViolSapTable. |
Effect | While the overall packet arrival rate limit is being exceeded, some protocol packets are dropped. |
Recovery | No recovery is necessary. |
tmnxCpmProtViolSapOutProf
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2084 |
Event name | tmnxCpmProtViolSapOutProf |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.21 |
Default severity |
warning |
Source stream | security |
Message format string | Out-of-Profile control packets rate exceeded for SAP $sapEncapValue$ in service $svcId$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | The tmnxCpmProtViolSapOutProf notification is generated when the rate at which incoming control packets are marked as out-of-profile specified by tmnxCpmProtPolOutProfileRate is exceeded. This notification is generated when tmnxCpmProtPolOutProfRateLogEvnt is set to 'true'. |
Effect | One or more control packets being marked as out-of-profile will be discarded. |
Recovery | Reduce the packet transmission rate at the far end, or increase the out-of-profile rate, tmnxCpmProtPolOutProfileRate for this SAP. |
tmnxCpmProtViolSdpBind
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2039 |
Event name | tmnxCpmProtViolSdpBind |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.12 |
Default severity |
warning |
Source stream | security |
Message format string | Overall packet arrival rate exceeded for SDP Bind $sdpBindId$ in service $svcId$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause |
The tmnxCpmProtViolSdpBind notification is generated when the packet arrival rate at a mesh-sdp or spoke-sdp exceeds the SDP's configured overall-rate. |
Effect | One or more packets arriving at the mesh-sdp or spoke-sdp was discarded. |
Recovery | Reduce the packet transmission rate at the far end, or increase the locally configured overall-rate for the SDP. |
tmnxCpmProtViolSdpBindOutProf
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2089 |
Event name | tmnxCpmProtViolSdpBindOutProf |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.25 |
Default severity |
warning |
Source stream | security |
Message format string | Out-of-Profile control packets rate exceeded for SDP Bind $sdpBindId$ in service $svcId$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | The tmnxCpmProtViolSdpBindOutProf notification is generated when the rate at which incoming control packets are marked as out-of-profile specified by tmnxCpmProtPolOutProfileRate is exceeded. This notification is generated when tmnxCpmProtPolOutProfRateLogEvnt is set to 'true'. |
Effect | One or more control packets being marked as out-of-profile will be discarded. |
Recovery | Reduce the packet transmission rate at the far end, or increase the out-of-profile rate, tmnxCpmProtPolOutProfileRate for this SDP binding. |
tmnxCpmProtViolVdoSvcClient
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2033 |
Event name | tmnxCpmProtViolVdoSvcClient |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.8 |
Default severity |
warning |
Source stream | security |
Message format string | Per-source rate limit exceeded for source $tmnxCpmProtViolVdoSvcCltAddr$ in service $svcId$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause |
N/A |
Effect | N/A |
Recovery |
N/A |
tmnxCpmProtViolVdoVrtrClient
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2034 |
Event name | tmnxCpmProtViolVdoVrtrClient |
SNMP notification prefix and OID | TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.9 |
Default severity | warning |
Source stream |
security |
Message format string | Per-source rate limit exceeded for source $tmnxCpmProtViolVdoVrtrCltAddr$. Hex Dump(First 64 bytes): $tmnxCpmProtViolExcdPktHexDump$ |
Cause | N/A |
Effect | N/A |
Recovery | N/A |
tmnxDcpCardFpEventOvrflw
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2080 |
Event name | tmnxDcpCardFpEventOvrflw |
SNMP notification prefix and OID | TIMETRA-CHASSIS-MIB.tmnxChassisNotification.72 |
Default severity | warning |
Source stream |
security |
Message format string | Distributed CPU Protection FP log event overflow occurred on card $tmnxChassisNotifyCardSlotNum$ at $tmnxDcpTimeEventOccured$ |
Cause |
The tmnxDcpCardFpEventOvrflw notification is generated when a flood of distributed CPU protection events occur on a particular card and some of the events are lost due to event throttling mechanism. |
Effect | Some notifications configured on the card may not be received. |
Recovery | Notifications will resume once the event throttling ends. |
tmnxDcpCardFpEventOvrflwClr
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2049 |
Event name | tmnxDcpCardFpEventOvrflwClr |
SNMP notification prefix and OID |
TIMETRA-CHASSIS-MIB.tmnxChassisNotification.77 |
Default severity |
warning |
Source stream | security |
Message format string | $tmnxDcpMissingNotificationCount$ Distributed CPU Protection FP log events were dropped in the last event throttling interval on card $tmnxChassisNotifyCardSlotNum$ at $tmnxDcpTimeEventOccured$ |
Cause |
The tmnxDcpCardFpEventOvrflwClr notification is generated when the event throttling has ended for distributed CPU protection FP events on a particular card. |
Effect | Notifications are received again since the event throttling has ended. |
Recovery | There is no recovery for this notification. |
tmnxDcpCardSapEventOvrflw
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2081 |
Event name | tmnxDcpCardSapEventOvrflw |
SNMP notification prefix and OID |
TIMETRA-CHASSIS-MIB.tmnxChassisNotification.73 |
Default severity |
warning |
Source stream | security |
Message format string | Distributed CPU Protection SAP log event overflow occurred on card $tmnxChassisNotifyCardSlotNum$ at $tmnxDcpTimeEventOccured$ |
Cause |
The tmnxDcpCardSapEventOvrflw notification is generated when a flood of distributed CPU protection SAP events occur on a particular card and some of the events are lost due to event throttling mechanism. |
Effect | Some SAP notifications configured on the card may not be received. |
Recovery | Notifications will resume once the event throttling ends. |
tmnxDcpCardSapEventOvrflwClr
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2050 |
Event name | tmnxDcpCardSapEventOvrflwClr |
SNMP notification prefix and OID |
TIMETRA-CHASSIS-MIB.tmnxChassisNotification.78 |
Default severity |
warning |
Source stream | security |
Message format string | $tmnxDcpMissingNotificationCount$ Distributed CPU Protection SAP log events were dropped in the last event throttling interval on card $tmnxChassisNotifyCardSlotNum$ at $tmnxDcpTimeEventOccured$ |
Cause |
The tmnxDcpCardSapEventOvrflwClr notification is generated when the event throttling has ended for distributed CPU protection SAP events on a particular card. |
Effect | Notifications are received again since the event throttling has ended. |
Recovery | There is no recovery for this notification. |
tmnxDcpCardVrtrIfEventOvrflw
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2082 |
Event name | tmnxDcpCardVrtrIfEventOvrflw |
SNMP notification prefix and OID |
TIMETRA-CHASSIS-MIB.tmnxChassisNotification.74 |
Default severity |
warning |
Source stream | security |
Message format string | Distributed CPU Protection Network_if log event overflow occurred on card $tmnxChassisNotifyCardSlotNum$ at $tmnxDcpTimeEventOccured$ |
Cause |
The tmnxDcpCardVrtrIfEventOvrflw notification is generated when a flood of distributed CPU protection network-interface events occur on a particular card and some of the events are lost due to event throttling mechanism. |
Effect | Some network-interface notifications configured on the card may not be received. |
Recovery | Notifications will resume once the event throttling ends. |
tmnxDcpCardVrtrIfEventOvrflwClr
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2051 |
Event name | tmnxDcpCardVrtrIfEventOvrflwClr |
SNMP notification prefix and OID |
TIMETRA-CHASSIS-MIB.tmnxChassisNotification.79 |
Default severity |
warning |
Source stream | security |
Message format string | $tmnxDcpMissingNotificationCount$ Distributed CPU Protection Netwk_if log events were dropped in the last event throttling interval on card $tmnxChassisNotifyCardSlotNum$ at $tmnxDcpTimeEventOccured$ |
Cause |
The tmnxDcpCardVrtrIfEventOvrflwClr notification is generated the when event throttling has ended for distributed CPU protection network-interface events on a particular card. |
Effect | Notifications are received again since the event throttling has ended. |
Recovery | There is no recovery for this notification. |
tmnxDcpFpDynPoolUsageHiAlmClear
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2048 |
Event name | tmnxDcpFpDynPoolUsageHiAlmClear |
SNMP notification prefix and OID |
TIMETRA-CHASSIS-MIB.tmnxChassisNotification.76 |
Default severity |
warning |
Source stream | security |
Message format string | Dynamic Enforcement Pool OK again on fp $tmnxCardSlotNum$/ $tmnxFPNum$ at $tmnxDcpTimeEventOccured$ |
Cause |
The tmnxDcpFpDynPoolUsageHiAlmClear notification is generated when the dynamic enforcement policer pool usage on the forwarding plane is no longer exhausted. |
Effect | Dynamic enforcement policers are available in the free pool to be allocated when needed. |
Recovery | There is no recovery required for this notification. |
tmnxDcpFpDynPoolUsageHiAlmRaise
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2047 |
Event name | tmnxDcpFpDynPoolUsageHiAlmRaise |
SNMP notification prefix and OID |
TIMETRA-CHASSIS-MIB.tmnxChassisNotification.75 |
Default severity |
warning |
Source stream | security |
Message format string | Dynamic Enforcement Pool nearly (or fully) exhausted on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $tmnxDcpTimeEventOccured$ |
Cause |
The tmnxDcpFpDynPoolUsageHiAlmRaise notification is generated when the dynamic enforcement policer pool usage on the forwarding plane is nearly exhausted. |
Effect | Dynamic enforcement policers may not get allocated on the forwarding plane. |
Recovery | This notification will be cleared when either the dynamic enforcement policer pool is increased or the usage drops. |
tmnxFileCopied
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2236 |
Event name | tmnxFileCopied |
SNMP notification prefix and OID | TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.61 |
Default severity | minor |
Source stream |
security |
Message format string | File $tmnxSecNotifyUrl$ copy to $tmnxSecNotifyNewUrl$ : $tmnxSecEventOutcome$ |
Cause |
A tmnxFileCopied notification is generated when a user copies a file through the file command |
Effect | N/A |
Recovery | N/A |
tmnxFileDeleted
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2234 |
Event name | tmnxFileDeleted |
SNMP notification prefix and OID | TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.59 |
Default severity | minor |
Source stream |
security |
Message format string | File $tmnxSecNotifyUrl$ delete : $tmnxSecEventOutcome$ |
Cause | A tmnxFileDeleted notification is generated when a user deletes a file through the file command |
Effect | N/A |
Recovery | N/A |
tmnxFileMoved
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2235 |
Event name | tmnxFileMoved |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.60 |
Default severity |
minor |
Source stream | security |
Message format string | File $tmnxSecNotifyUrl$ move to $tmnxSecNotifyNewUrl$ : $tmnxSecEventOutcome$ |
Cause | A tmnxFileMoved notification is generated when a user moves a file through the file command |
Effect | N/A |
Recovery | N/A |
tmnxFileUnzip
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2237 |
Event name | tmnxFileUnzip |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.62 |
Default severity |
minor |
Source stream | security |
Message format string | File unzip operation completed with source $tmnxSecNotifyUrl$ destination $tmnxSecNotifyDestUrl$ and result $tmnxSecNotifFileUnzipResult$ |
Cause |
The tmnxFileUnzip notification is generated upon the completion of an unzip operation of the source ZIP file specified by tmnxSecNotifyUrl to the destination location specified by tmnxSecNotifyDestUrl. |
Effect | The result is indicated by the value of tmnxSecNotifFileUnzipResult as follows: success (0) - unzip is successful. partialSuccess (1) - unzip is partially successful, skipped some files. sourceNotFound (2) - failed - cannot find the ZIP file. sourceNotSupported (3) - failed - ZIP file is not supported. destNotFound (4) - failed - cannot find the destination URL. destFull (5) - failed - destination storage is full. fileTooBig (6) - failed - file size exceeds limit. otherFailure (7) - failed - another reason. |
Recovery | No recovery action if tmnxSecNotifFileUnzipResult is success (0). Otherwise, depending on the indicated failure, corrective action should be taken before attempting another unzip operation. |
tmnxKeyChainAuthFailure
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2027 |
Event name | tmnxKeyChainAuthFailure |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.2 |
Default severity |
minor |
Source stream | security |
Message format string | Incoming packet from source address $tmnxKeyChainAuthAddress$ virtual router $vRtrID$ dropped due to key chain authentication failure and possible reason is $tmnxKeyChainAuthFailReason$. |
Cause | The incoming packet was dropped due to key chain authentication failure. Failure could be due to the following reasons or more: - Send packet had no auth keychain but recv side had keychain enabled. - Keychain key id's did not match. - Keychain key digest mismatch. - Received packet with and invalid enhanced authentication option length. - For other causes of failure refer to 'draft-bonica-tcp-auth-05.txt'. |
Effect | N/A |
Recovery | No recovery is necessary. |
tmnxMD5AuthFailure
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2036 |
Event name | tmnxMD5AuthFailure |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.10 |
Default severity |
minor |
Source stream | security |
Message format string | Incoming packet from source address $tmnxMD5AuthAddr$ virtual router $vRtrID$ dropped due to MD5 authentication failure and possible reason is $tmnxMD5AuthFailReason$. |
Cause | The incoming packet was dropped due to MD5 authentication failure. Failure is due to digest mismatch. |
Effect | N/A |
Recovery | No recovery is necessary. |
tmnxPasswordHashingChanged
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2238 |
Event name | tmnxPasswordHashingChanged |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.63 |
Default severity |
minor |
Source stream | security |
Message format string | Password hashing changed from $tmnxSecNotifOldPasswordHashing$ to $tmnxSecNotifNewPasswordHashing$ |
Cause | The tmnxPasswordHashingChanged notification is generated upon the change of password hashing algorithm (tmnxPasswordHashing). The value of the object tmnxSecNotifNewPasswordHashing indicates the new password hashing algorithm. The value of the object tmnxSecNotifOldPasswordHashing indicates the new password hashing algorithm. |
Effect | Users will be prompted to change their password upon log in to the system. All newly stored user passwords will be hashed by the algorithm defined by tmnxPasswordHashing. |
Recovery | No recovery action is required. |
tmnxPkiCAProfActnStatusChg
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2083 |
Event name | tmnxPkiCAProfActnStatusChg |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.20 |
Default severity |
minor |
Source stream | security |
Message format string | $tmnxPkiCAProfActnType$ for ca-profile ($tmnxPkiCAProfile$) $tmnxPkiCAProfActnStatus$. ca-response: $tmnxCAProfActnStatusCode$. $tmnxPkiCAProfActnStatusString$ |
Cause | The tmnxPkiCAProfActnStatusChg notification is generated when tmnxPkiCAProfActnStatus changes status. More information is available through tmnxPkiCAProfActnStatusString and tmnxPkiCAProfActnStatusCode. |
Effect | This is due to the action performed using tmnxPkiCAProfActnTable. |
Recovery | Depending on the information available in this trap, another tmnxPkiCAProfActnType request may be issued by correcting the parameters in the tmnxPkiCAProfActnTable. |
tmnxPkiCAProfCrlUpdAllUrlsFail
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2108 |
Event name | tmnxPkiCAProfCrlUpdAllUrlsFail |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.40 |
Default severity |
minor |
Source stream | security |
Message format string | Failed to update the CRL file from $tmnxPkiCAProfUrl$ ( $tmnxPkiCAProfUrlId$), the last of all the URLs for CA profile $tmnxPkiCAProfile$, due to $tmnxSecNotifFailureReason$ |
Cause | A tmnxPkiCAProfCrlUpdAllUrlsFail notification is generated when the CRL update operation failed after attempting all URLs for an existing CA Profile. The CA Profile is configured via tmnxPkiCAProfileTable. URLs for an existing CA Profile are configured via tmnxPkiCAProfUrlTable. |
Effect | When tmnxPkiCAProfAtCrlUpdScheduleT is 'nextUpdateBased (1)' and tmnxPkiCAProfAtCrlUpdRetryIntv is zero, the system will stop attempting to update the CRL file. The system will attempt to download the same CRL file starting from the first URL in the URL list again after 1) tmnxPkiCAProfAtCrlUpdRetryIntv (>0) seconds, when tmnxPkiCAProfAtCrlUpdScheduleT is 'nextUpdateBased (1)', or 2) tmnxPkiCAProfAtCrlUpdPrdcUpdIntv seconds, when tmnxPkiCAProfAtCrlUpdScheduleT is 'periodic (2)'. |
Recovery | Make sure the URLs specified in tmnxPkiCAProfUrlTable are correct. |
tmnxPkiCAProfCrlUpdateStart
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2105 |
Event name | tmnxPkiCAProfCrlUpdateStart |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.37 |
Default severity |
minor |
Source stream | security |
Message format string | Started updating the CRL file for CA profile $tmnxPkiCAProfileNameForNotify$ |
Cause | A tmnxPkiCAProfCrlUpdateStart notification is generated when a CRL update operation is started for an existing CA Profile. The CA Profile is configured via tmnxPkiCAProfileTable. |
Effect | The system is downloading the CRL file from a URL, which is configured via tmnxPkiCAProfUrlTable. |
Recovery | No recovery is required for this notification. |
tmnxPkiCAProfCrlUpdateSuccess
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2106 |
Event name | tmnxPkiCAProfCrlUpdateSuccess |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.38 |
Default severity |
minor |
Source stream | security |
Message format string | A CRL file was successfully updated from $tmnxPkiCAProfUrl$ ( $tmnxPkiCAProfUrlId$) for CA profile $tmnxPkiCAProfile$ |
Cause |
A tmnxPkiCAProfCrlUpdateSuccess notification is generated when a new valid CRL file is successfully updated for an existing CA Profile. The CA Profile is configured via tmnxPkiCAProfileTable. |
Effect | tmnxPkiCAProfileCRLFile will be replaced if the downloaded CRL file qualified. The cases that a downloaded CRL does not qualify are explained in the description clause of tmnxPkiCAProfAtCrlUpdScheduleT. |
Recovery | No recovery is required for this notification. |
tmnxPkiCAProfCrlUpdateUrlFail
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2107 |
Event name | tmnxPkiCAProfCrlUpdateUrlFail |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.39 |
Default severity |
minor |
Source stream | security |
Message format string | Failed to update the CRL file from $tmnxPkiCAProfUrl$ ( $tmnxPkiCAProfUrlId$) due to $tmnxSecNotifFailureReason$ |
Cause |
A tmnxPkiCAProfCrlUpdateUrlFail notification is generated when the CRL update operation has failed after attempting the indicated URL for an existing CA Profile. The CA Profile is configured via tmnxPkiCAProfileTable. URLs for an existing CA Profile are configured via tmnxPkiCAProfUrlTable. A tmnxPkiCAProfCrlUpdateUrlFail will not be sent when the URL is the last one in the URL list for an existing CA Profile. In such case, a tmnxPkiCAProfCrlUpdAllUrlsFail notification will be sent. |
Effect | The system will attempt to download the CRL file from the next URL in the URL list. |
Recovery | Make sure the URLs specified in tmnxPkiCAProfUrlTable are correct. |
tmnxPkiCAProfCrlUpdLargPreUpdTm
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2113 |
Event name | tmnxPkiCAProfCrlUpdLargPreUpdTm |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.45 |
Default severity |
minor |
Source stream | security |
Message format string | The CRL pre-update time for CA profile $tmnxPkiCAProfileNameForNotify$ might be too large |
Cause | A tmnxPkiCAProfCrlUpdLargPreUpdTm notification is generated when the 'nextUpdate' time of a newly downloaded CRL is earlier than the last successful update time or the time of setting tmnxPkiCAProfAtCrlUpdAdminState to 'inService (2)' plus the pre-update time. The last successful update time is stored in tmnxPkiCAProfAtCrlUpdLstSucsTmSt. The pre-update time is configured via tmnxPkiCAProfAtCrlUpdPreUpdTime. |
Effect | The system will update the CRL again in tmnxPkiCAProfAtCrlUpdRetryIntv seconds rather than immediately. |
Recovery | Configure tmnxPkiCAProfAtCrlUpdPreUpdTime to a value less than (the 'nextUpdate' value of the newly downloaded CRL - the last successful update time). The ideal value would be a value slightly lower than the CRL overlap period to avoid unnecessary download attempts. No recovery is needed for if the notification is generated in case of setting tmnxPkiCAProfAtCrlUpdAdminState to 'inService (2)'. |
tmnxPkiCAProfCrlUpdNoNxtUpdTime
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2110 |
Event name | tmnxPkiCAProfCrlUpdNoNxtUpdTime |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.42 |
Default severity |
minor |
Source stream | security |
Message format string | No further scheduled CRL update for CA profile $tmnxPkiCAProfileNameForNotify$ since either 1) the CRL update retry interval is not configured, or 2) 'nextUpdate' field is missing from the CRL, or 3) the 'nextUpdate' value is beyond the limit of the system |
Cause | A tmnxPkiCAProfCrlUpdNoNxtUpdTime notification is generated when tmnxPkiCAProfAtCrlUpdScheduleT is 'nextUpdateBased (1)' and one of the following conditions is true: 1) The 'nextUpdate' field is missing from the CRL file or contains a value that is beyond the limit of the system 2) tmnxPkiCAProfAtCrlUpdRetryIntv is zero, and none of the configured URLs work or contain a CRL that qualifies from the first scheduled update. |
Effect | The system will not download a new CRL file. |
Recovery | Change tmnxPkiCAProfAtCrlUpdScheduleT to 'periodic (2)' if the system is to check for an updated CRL every tmnxPkiCAProfAtCrlUpdPrdcUpdIntv seconds. Otherwise, configure the tmnxPkiCAProfAtCrlUpdAdminState to 'outOfService (3)'. |
tmnxPkiCAProfRevokeChkWarning
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2093 |
Event name | tmnxPkiCAProfRevokeChkWarning |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
$tmnxSecNotifTunnelName$ : CRL check skipped for $skippedCert$ issued by ca-profile $tmnxPkiCAProfile$ while verifying EE cert $eeCertSubject$ due to $tmnxSecNotifFailureReason$ |
Cause |
The tmnxPkiCAProfRevokeChkWarning notification is generated whenever a CRL verification is skipped during chain/ee certificate verification. This event is throttled. |
Effect | System did not verify revocation status on the subject certificate. |
Recovery | Check the value of tmnxPkiCAProfRevokeChk object for this CA profile if it is not expected. |
tmnxPkiCertAfterExpWarning
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2096 |
Event name | tmnxPkiCertAfterExpWarning |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.29 |
Default severity |
minor |
Source stream | security |
Message format string | Certificate $tmnxSecNotifFile$ used by $tmnxSecNotifClientAppName$ has expired. |
Cause | The tmnxPkiCertAfterExpWarning notification is generated when the certificate indicated in tmnxSecNotifFile has expired. |
Effect | The indicated certificate has expired. |
Recovery | Replace the indicated file with an updated certificate. |
tmnxPkiCertBeforeExpWarning
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2095 |
Event name | tmnxPkiCertBeforeExpWarning |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.28 |
Default severity |
minor |
Source stream | security |
Message format string | Certificate $tmnxSecNotifFile$ used by $tmnxSecNotifClientAppName$ will expire in $tmnxPkiExpRemainingHours$ hour(s) and $tmnxPkiExpRemainingMinutes$ minute(s). |
Cause | The tmnxPkiCertBeforeExpWarning notification is generated when the certificate indicated in tmnxSecNotifFile will expire in the time period indicated by tmnxPkiExpRemainingHours and tmnxPkiExpRemainingMinutes. |
Effect | The indicated certificate will expire. |
Recovery | Replace the indicated file with an updated certificate. |
tmnxPkiCertChainCompareCaNoMatch
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2251 |
Event name | tmnxPkiCertChainCompareCaNoMatch |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.74 |
Default severity |
minor |
Source stream | main |
Message format string | Compute chain for certificate file '$tmnxPkiCertFileNameNotif$': No chain contains certificate with subject DN ' $tmnxPkiCertSubjectNotif$', serial '$tmnxPkiCertSerialNumberNotif$'. Returning the first valid chain. |
Cause | The tmnxPkiCertChainCompareCaNoMatch notification is generated when a compute chain for a certificate file does not include the expected (configured) CA. |
Effect | The first valid chain was selected. |
Recovery |
Check compare chain include CA configuration (tIPsecCertProfEntryIdCompChainCa). |
tmnxPkiCertExpWarningCleared
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2097 |
Event name | tmnxPkiCertExpWarningCleared |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.30 |
Default severity |
minor |
Source stream | security |
Message format string | Expiration warning for certificate $tmnxSecNotifFile$ used by $tmnxSecNotifClientAppName$ is no longer applicable because of the following reason: $tmnxPkiExpReason$. |
Cause | The tmnxPkiCertExpWarningCleared notification is generated when the expiration warning for the certificate indicated in tmnxSecNotifFile no longer applies because of the reason indicated in tmnxPkiExpReason. |
Effect | The indicated certificate is no longer going to expire. |
Recovery | None needed. |
tmnxPkiCertNotYetValid
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2114 |
Event name | tmnxPkiCertNotYetValid |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.49 |
Default severity |
minor |
Source stream | security |
Message format string | Certificate $tmnxSecNotifFile$ used by $tmnxSecNotifClientAppName$ is not yet valid. |
Cause | The tmnxPkiCertNotYetValid notification is generated when the certificate indicated in tmnxSecNotifFile is not yet valid. |
Effect | The indicated certificate is not usable until the 'notBefore' time is reached. If the certificate is specified in a CA-profile, then the operational state of the CA-profile (i.e., tmnxPkiCAProfileOperState) remains down until the 'notBefore' time is reached. |
Recovery | Replace tmnxSecNotifFile with a certificate file that is still valid, or wait until the 'notBefore' time specified in the certificate is reached for the system to recover itself. |
tmnxPkiCertUpdUpdateFailed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2247 |
Event name | tmnxPkiCertUpdUpdateFailed |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.72 |
Default severity |
minor |
Source stream | security |
Message format string | Certificate file: $tmnxPkiCertUpdCertFileNameNotif$ - Update failed - Reason: $tmnxPkiCertUpdFailureReasonNotif$ |
Cause | The tmnxPkiCertUpdUpdateStarted notification is sent when an X509 certificate update fails. |
Effect | The certificate was not updated. Update attempts will continually repeat if the failure was caused by an external server. |
Recovery | Check certificate update profile and auto update configuration and attempt to update again. |
tmnxPkiCertUpdUpdateFinished
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2246 |
Event name | tmnxPkiCertUpdUpdateFinished |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.71 |
Default severity |
minor |
Source stream | security |
Message format string | Certificate file: $tmnxPkiCertUpdCertFileNameNotif$ - Update finished - Serial number: $tmnxPkiCertUpdSerialNumberNotif$ - Subject: $tmnxPkiCertUpdSubjectNotif$ |
Cause | The tmnxPkiCertUpdUpdateStarted notification is sent when an X509 certificate update finishes. |
Effect | The certificate was updated. |
Recovery |
Check certificate update profile configuration and attempt to update again. |
tmnxPkiCertUpdUpdateStarted
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2245 |
Event name | tmnxPkiCertUpdUpdateStarted |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.70 |
Default severity |
minor |
Source stream | security |
Message format string | Certificate file: $tmnxPkiCertUpdCertFileNameNotif$ - Update started |
Cause | The tmnxPkiCertUpdUpdateStarted notification is sent when an X509 certificate update starts as specified by a tmnxPkiCertUpdProfileName. |
Effect | The certificate will attempt to update. |
Recovery | No recovery action is required. |
tmnxPkiCertVerificationFailed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2044 |
Event name | tmnxPkiCertVerificationFailed |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.17 |
Default severity |
minor |
Source stream | security |
Message format string | IPsec Tunnel $tmnxSecNotifTunnelName$ : Certificate $tmnxSecNotifCert$ verification failed due to $tmnxSecNotifFailureReason$ |
Cause | The tmnxPkiCertVerificationFailed notification is generated when an attempt to verify the certificate fails. |
Effect | Authentication of the tunnel configured with the certificate will start to fail. |
Recovery | Make sure the certificate specified in tmnxSecurityNotifCert exists and is a valid certificate. |
tmnxPkiCRLAfterExpWarning
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2099 |
Event name | tmnxPkiCRLAfterExpWarning |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.32 |
Default severity |
minor |
Source stream | security |
Message format string | CRL $tmnxSecNotifFile$ has expired. |
Cause | The tmnxPkiCRLAfterExpWarning notification is generated when the CRL (certificate revocation list) indicated in tmnxSecNotifFile has expired. |
Effect | The indicated CRL (certificate revocation list) has expired. |
Recovery | Replace the indicated file with an updated CRL (certificate revocation list). |
tmnxPkiCRLBeforeExpWarning
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2098 |
Event name | tmnxPkiCRLBeforeExpWarning |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.31 |
Default severity |
minor |
Source stream | security |
Message format string | CRL $tmnxSecNotifFile$ will expire in $tmnxPkiExpRemainingHours$ hour(s) and $tmnxPkiExpRemainingMinutes$ minute(s). |
Cause | The tmnxPkiCRLBeforeExpWarning notification is generated when the CRL (certificate revocation list) indicated in tmnxSecNotifFile will expire in the time period indicated by tmnxPkiExpRemainingHours and tmnxPkiExpRemainingMinutes. |
Effect | The indicated CRL (certificate revocation list) will expire. |
Recovery | Replace the indicated file with an updated CRL (certificate revocation list). |
tmnxPkiCRLExpWarningCleared
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2100 |
Event name | tmnxPkiCRLExpWarningCleared |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.33 |
Default severity |
minor |
Source stream | security |
Message format string | Expiration warning for CRL $tmnxSecNotifFile$ is no longer applicable because of the following reason: $tmnxPkiExpReason$ |
Cause | The tmnxPkiCRLExpWarningCleared notification is generated when the expiration warning for the CRL (certificate revocation list) indicated in tmnxSecNotifFile no longer applies because of the reason indicated in tmnxPkiExpReason. |
Effect | The indicated CRL (certificate revocation list) is no longer going to expire. |
Recovery | None needed. |
tmnxPkiCRLNotYetValid
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2115 |
Event name | tmnxPkiCRLNotYetValid |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.50 |
Default severity |
minor |
Source stream | security |
Message format string | CRL $tmnxSecNotifFile$ is not yet valid. |
Cause | The tmnxPkiCRLNotYetValid notification is generated when the CRL (Certificate Revocation List) indicated in tmnxSecNotifFile is not yet valid. |
Effect | The CRL is not usable until the 'thisUpdate' time is reached. Unless tmnxPkiCAProfRevokeChk is configured to 'crlOptional (2)', the operational state of the CA-profile (i.e., tmnxPkiCAProfileOperState) remains down until the 'thisUpdate' time is reached. |
Recovery | Replace tmnxSecNotifFile with a CRL that is still valid, or wait until the 'thisUpdate' time specified in the CRL is reached for the system to recover itself. |
tmnxPkiFileReadFailed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2043 |
Event name | tmnxPkiFileReadFailed |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.16 |
Default severity |
minor |
Source stream | security |
Message format string | File $tmnxSecNotifFile$ read failed due to $tmnxSecNotifFailureReason$ |
Cause | The tmnxPkiFileReadFailed notification is generated when an attempt to read the file fails. Reason of the failure is indicated by the tmnxSecNotifFailureReason object. |
Effect | Operational status of tunnels configured to use this certificate will be set to 'down'. |
Recovery | Make sure the path specified in tmnxSecNotifFile is correct and the file exists. |
tmnxPkiFileWriteFailed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2109 |
Event name | tmnxPkiFileWriteFailed |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.41 |
Default severity |
minor |
Source stream | security |
Message format string | File $tmnxSecNotifFile$ write failed due to $tmnxSecNotifFailureReason$ |
Cause | The tmnxPkiFileWriteFailed notification is generated when an attempt to write the file fails. Reason for the failure is indicated by the tmnxSecNotifFailureReason object. |
Effect | The downloaded file is not saved to disk. |
Recovery | Make sure the path specified in tmnxSecNotifFile is correct, file permission is writable and there is sufficient disk space. |
tmnxSecComputeCertChainFailure
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2088 |
Event name | tmnxSecComputeCertChainFailure |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.24 |
Default severity |
warning |
Source stream | security |
Message format string | Certificate chain of cert file $tmnxSecNotifFile$ is incomplete due to $tmnxSecNotifFailureReason$ |
Cause | The tmnxSecComputeCertChainFailure notification is generated when a compute chain-failure has occurred. |
Effect | The chain cannot be built for a configured certificate and the corresponding chain will be empty. |
Recovery | Depending on the reason indicated by tmnxSecNotifFailureReason, corrective action should be taken. |
tmnxSecNotifFileReloaded
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2101 |
Event name | tmnxSecNotifFileReloaded |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.34 |
Default severity |
minor |
Source stream | security |
Message format string | $tmnxSecNotifFileType$ file "$tmnxSecNotifFile$" has been reloaded. |
Cause | The tmnxSecNotifFileReloaded notification is generated when the certificate or key indicated in tmnxSecNotifFile is reloaded. tmnxSecNotifFileType indicates whether a certificate or key has been reloaded. |
Effect | The indicated certificate or key has been reloaded. |
Recovery | None needed. |
tmnxSecNotifKeyChainExpired
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2090 |
Event name | tmnxSecNotifKeyChainExpired |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.26 |
Default severity |
minor |
Source stream | security |
Message format string | Keychain $tmnxKeyChainName$: last entry has expired; called by $tmnxSecNotifOrigProtocol$ |
Cause | The tmnxSecNotifKeyChainExpired notification is generated when a protocol instance tries to use a keychain, for which the last key entry has expired. |
Effect | N/A |
Recovery | N/A |
tmnxSecPwdHistoryFileLoadFailed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2103 |
Event name | tmnxSecPwdHistoryFileLoadFailed |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.35 |
Default severity |
minor |
Source stream | main |
Message format string | Failed to load the password history |
Cause | The tmnxSecPwdHistoryFileLoadFailed notification is generated when the password history is enabled (tmnxPasswordHistory is not 0) for the first time and the system was unable to load and process the password history. Failure could be due to the following reasons or more: - This is the first time the password history is enabled on this system. - A previous attempt to store the password history failed. - Somebody removed or modified the password history file. |
Effect | The system might not be able to compare the new user password with the user's password history from before the last reboot. If tmnxSecPwdHistLoadFailReason is set to 'notFound(1)', a new, empty history file will be created. |
Recovery | Investigation might be warranted. |
tmnxSecPwdHistoryFileWriteFailed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2104 |
Event name | tmnxSecPwdHistoryFileWriteFailed |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.36 |
Default severity |
minor |
Source stream | main |
Message format string | Failed to write the password history to disk |
Cause | The tmnxSecPwdHistoryFileWriteFailed notification is generated when the system is unable to store the password history when an user's password is changed. |
Effect | After a reboot, the system might not be able to compare the new user password with the user's password history. |
Recovery | Ensure the compact flash is present, and all file permissions are correct. |
tmnxSecSignedSwCpmBootEvent
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2241 |
Event name | tmnxSecSignedSwCpmBootEvent |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.66 |
Default severity |
major |
Source stream | main |
Message format string | CPM $tmnxChassisNotifyCpmCardSlotNum$ has booted with a secure-boot status of $tmnxCpmSecureBootEnabled$ |
Cause | The tmnxSecSignedSwCpmBootEvent is sent when a CPM element reboots, regardless of its secure boot configuration. The event will include relevant information about the state of secure boot on the CPM. |
Effect | The indicated CPM has rebooted. |
Recovery |
No recovery action is required. |
tmnxSecSignedSwImgValFail
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2243 |
Event name | tmnxSecSignedSwImgValFail |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.68 |
Default severity |
major |
Source stream | main |
Message format string | The signed software image located at $tmnxSecureBootValdImgUrl$, for CPM $tmnxChassisNotifyCpmCardSlotNum$, failed to be validated. As a result, the CPM will not boot |
Cause | The tmnxSecSignedSwImgValFail notification is sent when the secure boot validation process fails for any reason to approve an image at a given URL. This event is only applicable to CPMs with secure boot enabled. |
Effect | The affected CPM will not boot. |
Recovery |
The CPM should be examined for availability and correct configuration of its signed software image(s). A reboot will be required to attempt to validate the software again. |
tmnxSecSignedSwImgValPass
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2244 |
Event name | tmnxSecSignedSwImgValPass |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.69 |
Default severity |
major |
Source stream | main |
Message format string | The signed software image located at $tmnxSecureBootValdImgUrl$, for CPM $tmnxChassisNotifyCpmCardSlotNum$, was validated successfully. Its boot process will continue |
Cause | The tmnxSecSignedSwImgValPass notification is sent when a URL is successfully processed as an SROS image during the secure-boot process. This event is only applicable to CPMs with secure boot enabled. |
Effect | The indicated CPM will continue to boot normally. |
Recovery | No recovery action is required. |
tmnxSSHSessionFailed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2240 |
Event name | tmnxSSHSessionFailed |
SNMP notification prefix and OID |
N/A |
Default severity | minor |
Source stream | security |
Message format string |
SSH session failed from client $tmnxSecNotifyAddr$, reason '$tmnxSecSSHSessionFailedReason$' |
Cause | The tmnxSSHSessionFailed notification is generated upon the failure of an SSH session establishment. The value of the object tmnxSecNotifyAddrType indicates the type of the IP address stored in the object tmnxSecNotifyAddr. The value of the object tmnxSecNotifyAddr indicates the source IP address of the user attempting to establish the SSH session. The value of the object tmnxSecSSHSessionFailedReason indicates the reason of the establishment failure. |
Effect | SSH session is not established and connection is closed. |
Recovery | No recovery action is required. |
tmnxStateChange
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2209 |
Event name | tmnxStateChange |
SNMP notification prefix and OID | TIMETRA-SYSTEM-MIB.tmnxSysNotifications.11 |
Default severity | warning |
Source stream |
security |
Message format string | Status of $tmnxNotifyObjectName$ changed administrative state: $tmnxNotifyRowAdminState$, operational state: $tmnxNotifyRowOperState$ |
Cause | There was a change in either the administrative or operational state of a MIB table entry. |
Effect | N/A |
Recovery | No recovery is necessary. |
tmnxSysAppLicenseInsufficient
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2225 |
Event name | tmnxSysAppLicenseInsufficient |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.81 |
Default severity |
major |
Source stream | main |
Message format string | License $tmnxSysAppLicenseState$ for $tmnxSysLicensingNotifyGroup$ feature ' $tmnxSysLicensedNotifyAppName$': $tmnxSysLicenseErrorReason$ |
Cause |
The tmnxSysAppLicenseInsufficient notification is generated periodically when licensing for an application is detected to be insufficient. The details of the error is specified in tmnxSysLicenseErrorReason. This notification cannot be suppressed. |
Effect | Notification generated periodically while the application remains in this condition. |
Recovery | Activate a system license containing sufficient license entitlements for this application. |
tmnxSysLicenseActivated
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2125 |
Event name | tmnxSysLicenseActivated |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.75 |
Default severity |
warning |
Source stream | security |
Message format string | $tmnxHwIndex$ is running with a valid license. |
Cause | The tmnxSysLicenseActivated notification is generated each time a license is activated on the system. |
Effect | The system is running with the license specified in tmnxSysLicenseName. |
Recovery | No recovery. |
tmnxSysLicenseCleared
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2249 |
Event name | tmnxSysLicenseCleared |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.95 |
Default severity |
warning |
Source stream | security |
Message format string | $tmnxHwIndex$ is no longer running with a license. |
Cause | The tmnxSysLicenseCleared notification is generated each time a license is cleared from the system. |
Effect | The system is no longer running with a license. |
Recovery | No recovery. |
tmnxSysLicenseExpiresSoon
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2092 |
Event name | tmnxSysLicenseExpiresSoon |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.60 |
Default severity |
major |
Source stream | security |
Message format string | The license installed on $tmnxHwIndex$ expires $tmnxSysLicenseTimeLeft$. |
Cause | The tmnxSysLicenseExpiresSoon notification is generated when the license is due to expire soon. |
Effect | The system will reboot at the end of the time remaining, as specified by tmnxSysLicenseTimeLeft. |
Recovery | Configure a valid license file location and file name. |
tmnxSysLicenseInvalid
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2091 |
Event name | tmnxSysLicenseInvalid |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.59 |
Default severity |
major |
Source stream | security |
Message format string | Error - $tmnxSysLicenseErrorReason$ record. $tmnxHwIndex$ will $tmnxSysLicenseErrorAction$ $tmnxSysLicenseTimeLeft$. |
Cause |
Generated when the license becomes invalid for the reason specified in tmnxSysLicenseErrorReason. |
Effect | The CPM or system will reboot at the end of the time remaining, as specified by tmnxSysLicenseTimeLeft and tmnxSysLicenseErrorAction. |
Recovery | Configure a valid license file location and file name, given the value of tmnxSysLicenseErrorReason. |
tmnxSysLicenseUpdateRequired
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2226 |
Event name | tmnxSysLicenseUpdateRequired |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.84 |
Default severity |
major |
Source stream | security |
Message format string | System license update is required. |
Cause | The tmnxSysLicenseUpdateRequired notification is generated once after the system boots up and the license is determined by the system to be valid, but requires to be updated to the correct software version. |
Effect | The system will use the license until it is updated. |
Recovery | Update and activate the updated license. |
tmnxSysLicenseValid
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2102 |
Event name | tmnxSysLicenseValid |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.67 |
Default severity |
warning |
Source stream | security |
Message format string | $tmnxHwIndex$ is running with a valid license. |
Cause | The tmnxSysLicenseValid notification is generated once after the system boots up and the license is determined by the system to be valid. |
Effect | The system is running with the license specified in tmnxSysLicenseName. |
Recovery | No recovery. |
tmnxSysLicensingStateOk
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2250 |
Event name | tmnxSysLicensingStateOk |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.96 |
Default severity |
warning |
Source stream | security |
Message format string | $tmnxHwIndex$ no longer has licensing violations. |
Cause | The tmnxSysLicensingStateOk notification is generated when all licensing violations have been cleared from the system. |
Effect | The system no longer has any licensing violations. |
Recovery | No recovery. |
tmnxSysStandbyLicensingError
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2221 |
Event name | tmnxSysStandbyLicensingError |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.76 |
Default severity |
major |
Source stream | main |
Message format string | $tmnxHwIndex$ is not licensed. $tmnxSysLicenseErrorReason$. |
Cause | Generated when the standby detects a licensing failure. The reason is specified in tmnxSysLicenseErrorReason. |
Effect | The standby CPM may not synchronized and may be put into a failed state. |
Recovery | Configure a valid license file location and file name, given the value of tmnxSysLicenseErrorReason. |
tmnxSysStandbyLicensingReady
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2222 |
Event name | tmnxSysStandbyLicensingReady |
SNMP notification prefix and OID |
TIMETRA-SYSTEM-MIB.tmnxSysNotifications.77 |
Default severity |
warning |
Source stream | main |
Message format string | $tmnxHwIndex$ licensing is ready. |
Cause | Generated when licensing has been successfully activated by the standby. |
Effect | Any licensing errors detected by the Standby CPM are cleared. |
Recovery | None. |
tmnxSystemPasswordChangedByAdmin
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2248 |
Event name | tmnxSystemPasswordChangedByAdmin |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.73 |
Default severity |
minor |
Source stream | security |
Message format string | User '$tmnxSecNotifyAdminUserName$' changed the local system ' $tmnxSecNotifyLocalSystemPassword$' |
Cause | The tmnxSystemPasswordChangedByAdmin notification is generated upon the change of an administrative password by a user with administrative rights. The value of the object tmnxSecNotifyAdminUserName indicates the user name who changed the password. The value of the object tmnxSecNotifyLocalSystemPassword indicates the administrative password that was changed. |
Effect | Users with administrative rights will be able to authenticate with the new password only. |
Recovery | No recovery action is required. |
tmnxUserPasswordChangedByAdmin
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2239 |
Event name | tmnxUserPasswordChangedByAdmin |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.64 |
Default severity |
minor |
Source stream | security |
Message format string | User '$tmnxSecNotifyAdminUserName$' changed the password for user ' $tmnxSecNotifyLocalUserName$' |
Cause | The tmnxUserPasswordChangedByAdmin notification is generated upon the change of a password of a local user by a user with administrative rights. The value of the object tmnxSecNotifyLocalUserName indicates the user name for which the password has been changed. The value of the object tmnxSecNotifyAdminUserName indicates the user name of the user who has changed the password. |
Effect | Local user will be able to authenticate to the system with the new password only. |
Recovery | No recovery action is required. |
tmnxUsrProfSessionLimitExceeded
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2111 |
Event name | tmnxUsrProfSessionLimitExceeded |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.43 |
Default severity |
minor |
Source stream | security |
Message format string | $tmnxSessionLimitExceededType$ of user profile '$tmnxSessionLimitExceededName$' has been exceeded |
Cause | The tmnxUsrProfSessionLimitExceeded notification is generated when an attempt to establish a new user access session is not successful because any of SSH / Telnet / Total session limits defined for the profile of which the user is a member has been exceeded. The value of the object tmnxSessionLimitExceededName indicates the name of the user profile of which the session limit has been exceeded. The value of the object tmnxSessionLimitExceededType indicates the type of the session limit that has been exceeded. |
Effect | The user access session has not been established. |
Recovery | An administrator may execute one of the following actions in order to allow a successful session establishment: 1) force disconnection of an existing session(s) using 'admin disconnect' CLI command 2) increase the value of the session limit using CLI or SNMP SET operation on the corresponding object in tmnxUserProfileTable 3) revoke the profile membership for the particular user (beware that this action may have impact on user's privileges) |
tSecSgndSwUefiVarsUpdtReqd
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2242 |
Event name | tSecSgndSwUefiVarsUpdtReqd |
SNMP notification prefix and OID |
TIMETRA-SECURITY-MIB.tmnxSecurityNotifications.67 |
Default severity |
major |
Source stream | main |
Message format string | UEFI variable updates required for CPM $tmnxChassisNotifyCpmCardSlotNum$ |
Cause | The tSecSgndSwUefiVarsUpdtReqd is sent when a CPM element reboots with UEFI variables which are out of date with the software image that CPM is configured to boot into. |
Effect | Out-of-sync UEFI variables may prevent successful reboots into signed software images and result in warnings or errors during secure-boot operations. |
Recovery | The CPM and its target images should be examined and any incorrect secure-boot settings corrected to ensure proper configuration. |
user_disconnect
Property name | Value |
---|---|
Application name | SECURITY |
Event ID |
2015 |
Event name | user_disconnect |
SNMP notification prefix and OID | N/A |
Default severity |
major |
Source stream | security |
Message format string | User $userName$ from $srcAddr$ logged out by $disconnectedBy$ |
Cause | A user was logged out by the administrator. |
Effect | The user's console/telnet/ftp session terminated. |
Recovery | No recovery is required |
vRtrIfDcpDynamicConform
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2073 |
Event name | vRtrIfDcpDynamicConform |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.54 |
Default severity |
warning |
Source stream | security |
Message format string | Network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/ $tmnxFPNum$ newly conformant at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. Policer= $vRtrIfDcpFpProtocol$(dynamic). Excd count=$vRtrIfDcpFpDynExcdCount$ |
Cause | The vRtrIfDcpDynamicConform notification is generated when the protocol for a particular network-interface has been detected as conformant for a period of the configured detection-time after having been previously detected as exceeding and completed any hold-down period. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtStaticPlcrLogEvent is configured to 'enable' or 'verbose'. |
Effect | The affected network-interface is now in conformance with the parameters configured for the associated distributed CPU protection policy. |
Recovery | There is no recovery required for this notification. |
vRtrIfDcpDynamicEnforceAlloc
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2078 |
Event name | vRtrIfDcpDynamicEnforceAlloc |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.59 |
Default severity |
warning |
Source stream | security |
Message format string | Dynamic $vRtrIfDcpFpProtocol$ policers allocated for network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. |
Cause | The vRtrIfDcpDynamicEnforceAlloc notification is generated when a dynamic enforcement policer is allocated on a particular network-interface. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtProtocolDynLogEvent is configured to 'verbose'. |
Effect | The affected network-interface is not in conformance with the configured parameters of the associated distributed CPU protection policy and may be using more resources than expected and cause the system to under-perform. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected network-interface may be required. |
vRtrIfDcpDynamicEnforceFreed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2079 |
Event name | vRtrIfDcpDynamicEnforceFreed |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.60 |
Default severity |
warning |
Source stream | security |
Message format string | Dynamic $vRtrIfDcpFpProtocol$ policers freed for network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. Excd count=$vRtrIfDcpFpDynExcdCount$ |
Cause |
The vRtrIfDcpDynamicEnforceFreed notification is generated when a dynamic enforcement policer is freed on a particular network-interface. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtProtocolDynLogEvent is configured to 'verbose'. |
Effect | The affected network-interface is now in conformance with the configured parameters of the associated distributed CPU protection policy. |
Recovery | There is no recovery required for this notification. |
vRtrIfDcpDynamicExcd
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2067 |
Event name | vRtrIfDcpDynamicExcd |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.48 |
Default severity |
warning |
Source stream | security |
Message format string | Non conformant network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ detected at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. Policer= $vRtrIfDcpFpProtocol$(dynamic). Excd count=$vRtrIfDcpFpDynExcdCount$ |
Cause | The vRtrIfDcpDynamicExcd notification is generated when the protocol on a particular network-interface has been detected as non-conformant to the associated distributed CPU protection policy parameters. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtProtocolDynLogEvent is configured to 'enable' or 'verbose'. |
Effect | The affected network-interface may be using more resources than expected and cause the system to under-perform. This notification may indicate a Denial of Service attack or a misconfiguration in the network. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected network-interface may be required. |
vRtrIfDcpDynamicHoldDownEnd
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2071 |
Event name | vRtrIfDcpDynamicHoldDownEnd |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.52 |
Default severity |
warning |
Source stream | security |
Message format string | Hold-down completed for network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. Policer= $vRtrIfDcpFpProtocol$(dynamic). Excd count=$vRtrIfDcpFpDynExcdCount$ |
Cause | The vRtrIfDcpDynamicHoldDownEnd notification is generated when a particular network-interface completes hold-down period for an exceeding protocol. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtProtocolDynLogEvent is configured to 'verbose'. |
Effect | The protocol for an affected network-interface will transition to a detection-time countdown after the hold-down period is complete. |
Recovery | There is no recovery required for this notification. |
vRtrIfDcpDynamicHoldDownStart
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2069 |
Event name | vRtrIfDcpDynamicHoldDownStart |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.50 |
Default severity |
warning |
Source stream | security |
Message format string | Hold-down started for network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. Policer= $vRtrIfDcpFpProtocol$(dynamic). Excd count=$vRtrIfDcpFpDynExcdCount$ |
Cause | The vRtrIfDcpDynamicHoldDownStart notification is generated when a particular network-interface starts hold-down period for an exceeding protocol. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtProtocolDynLogEvent is configured to 'verbose'. |
Effect | The protocol will treat all packets as non-conformant during the hold-down period. |
Recovery | There is no recovery required for this notification. |
vRtrIfDcpLocMonExcd
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2074 |
Event name | vRtrIfDcpLocMonExcd |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.55 |
Default severity |
warning |
Source stream | security |
Message format string | Local monitor $vRtrIfDcpFpLocMonPlcrName$ for network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ detected as non-conformant at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. Excd count=$vRtrIfDcpFpLocMonExcdCount$ |
Cause |
The vRtrIfDcpLocMonExcd notification is generated when the local-monitoring-policer for a particular network-interface has transitioned from a conformant state to a non-conformant state and the system will attempt to allocate dynamic enforcement policers. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtLocMonPlcrLogEvent is configured to 'verbose'. |
Effect | The affected network-interface may be using more resources than expected and cause the system to under-perform. This notification may indicate a Denial of Service attack or a misconfiguration in the network. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected network-interface may be required. |
vRtrIfDcpLocMonExcdAllDynAlloc
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2076 |
Event name | vRtrIfDcpLocMonExcdAllDynAlloc |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.57 |
Default severity |
warning |
Source stream | security |
Message format string | All dynamic policers allocated for local monitor $vRtrIfDcpFpLocMonPlcrName$ for network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. Excd count=$vRtrIfDcpFpLocMonExcdCount$ |
Cause |
The vRtrIfDcpLocMonExcdAllDynAlloc notification is generated when all dynamic enforcement policers associated with a non-conformant local-monitoring-policer have been successfully allocated for a particular network-interface. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtLocMonPlcrLogEvent is configure to 'verbose'. |
Effect | The affected network-interface may be using more resources than expected and cause the system to under-perform. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected network-interface may be required. |
vRtrIfDcpLocMonExcdAllDynFreed
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2077 |
Event name | vRtrIfDcpLocMonExcdAllDynFreed |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.58 |
Default severity |
warning |
Source stream | security |
Message format string | All dynamic policers freed for local monitor $vRtrIfDcpFpLocMonPlcrName$ for network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. |
Cause | The vRtrIfDcpLocMonExcdAllDynFreed notification is generated for a particular network-interface when all the previously allocated dynamic enforcement policers for a particular local-monitoring-policer on the associated distributed CPU protection policy have been freed up and all the protocols are once again being monitored by local-monitor. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtLocMonPlcrLogEvent is configured to 'verbose'. |
Effect | The affected network-interface may be using more resources than expected and cause the system to under-perform. |
Recovery | There is no recovery required for this notification. |
vRtrIfDcpLocMonExcdDynResource
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2075 |
Event name | vRtrIfDcpLocMonExcdDynResource |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.56 |
Default severity |
warning |
Source stream | security |
Message format string | Local monitor $vRtrIfDcpFpLocMonPlcrName$ for network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ detected as non-conformant at $vRtrIfDcpTimeEventOccured$ and cannot allocate dynamic policers. Policy $vRtrIfDCpuProtPolicy$. Excd count=$vRtrIfDcpFpLocMonExcdCount$ |
Cause |
The vRtrIfDcpLocMonExcdDynResource notification is generated when the local-monitoring-policer for a particular network-interface has transitioned from a conformant state to a non-conformant state and the system cannot allocate all the dynamic enforcements policers associated with the distributed CPU protection policy . This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtLocMonPlcrLogEvent is configured to 'enable' or 'verbose'. |
Effect | The affected network-interface may be using more resources than expected and cause the system to under-perform. This notification may indicate a Denial of Service attack or a misconfiguration in the network. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected network-interface or to the dynamic enforcement policer pool (TIMETRA-CHASSIS-MIB.mib::tmnxFPDCpuProtDynEnfrcPlcrPool). |
vRtrIfDcpStaticConform
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2072 |
Event name | vRtrIfDcpStaticConform |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.53 |
Default severity |
warning |
Source stream | security |
Message format string | Network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/ $tmnxFPNum$ newly conformant at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. Policer= $vRtrIfDcpFpStaticPlcrName$(static). Excd count=$vRtrIfDcpFpStaticExcdCount$ |
Cause | The vRtrIfDcpStaticConform notification is generated when the static-policer for a particular network-interface has been detected as conformant for a period of the configured detection-time after having been previously detected as exceeding and completed any hold-down period. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtStaticPlcrLogEvent is configured to 'enable' or 'verbose'. |
Effect | The affected network-interface is now in conformance with the parameters configured for the associated distributed CPU protection policy. |
Recovery | There is no recovery required for this notification. |
vRtrIfDcpStaticExcd
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2066 |
Event name | vRtrIfDcpStaticExcd |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.47 |
Default severity |
warning |
Source stream | security |
Message format string | Non conformant network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ detected at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. Policer= $vRtrIfDcpFpStaticPlcrName$(static). Excd count=$vRtrIfDcpFpStaticExcdCount$ |
Cause | The vRtrIfDcpStaticExcd notification is generated when the static-policer on a particular network-interface has been detected as non-conformant to the associated distributed CPU protection policy parameters. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtStaticPlcrLogEvent is configured to 'enable' or 'verbose'. |
Effect | The affected network-interface may be using more resources than expected and cause the system to under-perform. This notification may indicate a Denial of Service attack or a misconfiguration in the network. |
Recovery | Appropriate configuration changes to the distributed CPU protection policy or to the affected network-interface may be required. |
vRtrIfDcpStaticHoldDownEnd
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2070 |
Event name | vRtrIfDcpStaticHoldDownEnd |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.51 |
Default severity |
warning |
Source stream | security |
Message format string | Hold-down completed for network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. Policer= $vRtrIfDcpFpStaticPlcrName$(static). Excd count=$vRtrIfDcpFpStaticExcdCount$ |
Cause | The vRtrIfDcpStaticHoldDownEnd notification is generated when a particular network-interface completes hold-down period for an exceeding static-policer. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtStaticPlcrLogEvent is configured to 'verbose'. |
Effect | The static-policer for an affected network-interface will transition to a detection-time countdown after the hold-down period is complete. |
Recovery | There is no recovery required for this notification. |
vRtrIfDcpStaticHoldDownStart
Property name | Value |
---|---|
Application name |
SECURITY |
Event ID | 2068 |
Event name | vRtrIfDcpStaticHoldDownStart |
SNMP notification prefix and OID |
TIMETRA-VRTR-MIB.tmnxVRtrNotifications.49 |
Default severity |
warning |
Source stream | security |
Message format string | Hold-down started for network_if $vRtrIfIndex$ on fp $tmnxCardSlotNum$/$tmnxFPNum$ at $vRtrIfDcpTimeEventOccured$. Policy $vRtrIfDCpuProtPolicy$. Policer= $vRtrIfDcpFpStaticPlcrName$(static). Excd count=$vRtrIfDcpFpStaticExcdCount$ |
Cause | The vRtrIfDcpStaticHoldDownStart notification is generated when a particular network-interface starts hold-down period for an exceeding static-policer. This notification is generated when TIMETRA-SECURITY-MIB.mib::tmnxDCpuProtStaticPlcrLogEvent is configured to 'verbose'. |
Effect | The static-policer will treat all packets as non-conformant during the hold-down period. |
Recovery | There is no recovery required for this notification. |