| ID |
Severity |
Event |
Notes |
| Special Events
|
| 0 |
Error |
Unknown Agent/Appliance Event |
|
| Driver-Related Events
|
| 1000 |
Error |
Unable To Open Engine |
|
| 1001 |
Error |
Engine Command Failed |
|
| 1002 |
Warning |
Engine List Objects Error |
|
| 1003 |
Warning |
Remove Object Failed |
|
| 1004 |
Error |
Driver Upgrade Stalled |
|
| 1005 |
Warning |
Upgrading Driver |
|
| 1006 |
Error |
Driver Upgrade Requires Reboot |
|
| 1007 |
Warning |
Driver Upgrade Succeeded |
|
| 1008 |
Error |
Kernel Unsupported |
|
| Configuration-Related Events
|
| 2000 |
Info |
Policy Sent |
|
| 2001 |
Warning |
Invalid Firewall Rule Assignment |
|
| 2002 |
Warning |
Invalid Firewall Stateful Configuration |
|
| 2003 |
Error |
Save Security Configuration Failed |
|
| 2004 |
Warning |
Invalid Interface Assignment |
|
| 2005 |
Warning |
Invalid Interface Assignment |
|
| 2006 |
Warning |
Invalid Action |
|
| 2007 |
Warning |
Invalid Packet Direction |
|
| 2008 |
Warning |
Invalid Rule Priority |
|
| 2009 |
Warning |
Unrecognized IP Format |
|
| 2010 |
Warning |
Invalid Source IP List |
|
| 2011 |
Warning |
Invalid Source Port List |
|
| 2012 |
Warning |
Invalid Destination IP List |
|
| 2013 |
Warning |
Invalid Destination Port List |
|
| 2014 |
Warning |
Invalid Schedule |
|
| 2015 |
Warning |
Invalid Source MAC List |
|
| 2016 |
Warning |
Invalid Destination MAC List |
|
| 2017 |
Warning |
Invalid Schedule Length |
|
| 2018 |
Warning |
Invalid Schedule String |
|
| 2019 |
Warning |
Unrecognized IP Format |
|
| 2020 |
Warning |
Object Not Found |
|
| 2021 |
Warning |
Object Not Found |
|
| 2022 |
Warning |
Invalid Rule Assignment |
|
| 2050 |
Warning |
Firewall Rule Not Found |
|
| 2075 |
Warning |
Traffic Stream Not Found |
|
| 2076 |
Warning |
Intrusion Prevention Rule Not Found |
|
| 2077 |
Warning |
Pattern List Not Found |
|
| 2078 |
Warning |
Traffic Stream Conversion Error |
|
| 2080 |
Warning |
Conditional Firewall Rule Not Found |
|
| 2081 |
Warning |
Conditional Intrusion Prevention Rule Not Found |
|
| 2082 |
Warning |
Empty Intrusion Prevention Rule |
|
| 2083 |
Warning |
Intrusion Prevention Rule XML Rule Conversion Error |
|
| 2085 |
Error |
Security Configuration Error |
|
| 2086 |
Warning |
Unsupported IP Match Type |
|
| 2087 |
Warning |
Unsupported MAC Match Type |
|
| 2088 |
Warning |
Invalid SSL Credential |
|
| 2089 |
Warning |
Missing SSL Credential |
|
| 2090 |
Error |
Security Configuration Error |
|
| 2091 |
Error |
Security Configuration Error |
|
| Hardware-Related Events
|
| 3000 |
Warning |
Invalid MAC Address |
|
| 3001 |
Warning |
Get Event Data Failed |
|
| 3002 |
Warning |
Too Many Interfaces |
|
| 3003 |
Error |
Unable To Run External Command |
|
| 3004 |
Error |
Unable To Read External Command Output |
|
| 3005 |
Error |
Operating System Call Error |
|
| 3006 |
Error |
Operating System Call Error |
|
| 3007 |
Error |
File Error |
|
| 3008 |
Error |
Machine-Specific Key Error |
|
| 3009 |
Error |
Unexpected Agent/Appliance Shutdown |
|
| 3010 |
Error |
Agent/Appliance Database Error |
|
| 3300 |
Warning |
Get Event Data Failed |
Linux error. |
| 3302 |
Warning |
Get Security Configuration Failed |
Linux error. |
| 3303 |
Error |
File Mapping Error |
Linux error. File type error. |
| 3600 |
Error |
Get Windows System Directory Failed |
|
| 3601 |
Warning |
Read Local Data Error |
Windows error. |
| 3602 |
Warning |
Windows Service Error |
Windows error. |
| 3603 |
Error |
File Mapping Error |
Windows error. File size error. |
| 3700 |
Warning |
Abnormal Restart Detected |
Windows error. |
| 3701 |
Info |
System Last Boot Time Change |
Windows error. |
| Communications-Related Events
|
| 4000 |
Warning |
Invalid Protocol Header |
Content length out of range. |
| 4001 |
Warning |
Invalid Protocol Header |
Content length missing. |
| 4002 |
Info |
Command Session Initiated |
|
| 4003 |
Info |
Configuration Session Initiated |
|
| 4004 |
Info |
Command Received |
|
| 4011 |
Warning |
Failure to Contact Manager |
|
| 4012 |
Warning |
Heartbeat Failed |
|
| Agent-Related Events
|
| 5000 |
Info |
Agent/Appliance Started |
|
| 5001 |
Error |
Thread Exception |
|
| 5002 |
Error |
Operation Timed Out |
|
| 5003 |
Info |
Agent/Appliance Stopped |
|
| 5004 |
Warning |
Clock Changed |
|
| 5005 |
Info |
Agent/Appliance Auditing Started |
|
| 5006 |
Info |
Agent/Appliance Auditing Stopped |
|
| 5007 |
Info |
Appliance Protection Change |
|
| 5008 |
Warning |
Filter Driver Connection Failed |
|
| 5009 |
Info |
Filter Driver Connection Success |
|
| 5010 |
Warning |
Filter Driver Informational Event |
|
| 5100 |
Info |
Protection Module Deployment Started |
|
| 5101 |
Info |
Protection Module Deployment Succeeded |
|
| 5102 |
Error |
Protection Module Deployment Failed |
|
| 5103 |
Info |
Protection Module Download Succeeded |
|
| 5104 |
Info |
Protection Module Disablement Started |
|
| 5105 |
Info |
Protection Module Disablement Succeeded |
|
| 5106 |
Error |
Protection Module Disablement Failed |
|
| 5107 |
Info |
Agent Self-Protection enabled |
|
| 5108 |
Info |
Agent Self-Protection disabled |
|
| 5109 |
Error |
FIPS verification Error |
|
| 5200 |
Info |
File Backup Completed |
|
| 5201 |
Error |
Failure to Backup File |
|
| Logging-Related Events
|
| 6000 |
Info |
Log Device Open Error |
|
| 6001 |
Info |
Log File Open Error |
|
| 6002 |
Info |
Log File Write Error |
|
| 6003 |
Info |
Log Directory Creation Error |
|
| 6004 |
Info |
Log File Query Error |
|
| 6005 |
Info |
Log Directory Open Error |
|
| 6006 |
Info |
Log File Delete Error |
|
| 6007 |
Info |
Log File Rename Error |
|
| 6008 |
Info |
Log Read Error |
|
| 6009 |
Warning |
Log File Deleted Due To Insufficient Space |
|
| 6010 |
Warning |
Events Were Suppressed |
|
| 6011 |
Warning |
Events Truncated |
|
| 6012 |
Error |
Insufficient Disk Space |
See Warning: Insufficient disk space. |
| 6013 |
Warning |
Agent configuration package too large |
|
| Attack-, Scan-, and Probe-Related Events
|
| 7000 |
Warning |
Computer OS Fingerprint Probe |
|
| 7001 |
Warning |
Network or Port Scan |
|
| 7002 |
Warning |
TCP Null Scan |
|
| 7003 |
Warning |
TCP SYNFIN Scan |
|
| 7004 |
Warning |
TCP Xmas Scan |
|
| Download Security Update Events
|
| 9050 |
Info |
Update of Anti-Malware Component on Agent Succeeded |
|
| 9051 |
Error |
Update of Anti-Malware Component on Agent Failed |
|
| 9100 |
Info |
Security Update Successful |
|
| 9101 |
Error |
Security Update Failure |
|
| 9102 |
Error |
Security Update Failure |
Specific information recorded in error message. |
| Relay Events
|
| 9103 |
Info |
Relay Web Server Disabled |
|
| 9104 |
Info |
Relay Web Server Enabled |
|
| 9105 |
Error |
Enable Relay Web Server Failed |
|
| 9106 |
Error |
Disable Relay Web Server Failed |
|
| 9107 |
Error |
Relay Web Server failed |
|
| 9108 |
Info |
Unable to Connect to Update Source |
|
| 9109 |
Error |
Component Update Failure |
|
| 9110 |
Error |
Anti-Malware license is expired |
|
| 9111 |
Info |
Security Update Rollback Success |
|
| 9112 |
Error |
Security Update Rollback Failure |
|
| 9113 |
Info |
Relay Replicated All Packages |
|
| 9114 |
Error |
Relay Failed to Replicate All Packages |
|
| 9115 |
Info |
Failed to download from the Relay Web Server |
|
| Integrity Scan Status Events
|
| 9201 |
Info |
Integrity Scan Started |
|
| 9203 |
Info |
Integrity Scan Terminated Abnormally |
|
| 9204 |
Info |
Integrity Scan Paused |
|
| 9205 |
Info |
Integrity Scan Resumed |
|
| 9208 |
Warning |
Integrity Scan failed to start |
|
| 9209 |
Warning |
Integrity Scan Stalled |
|
| Smart Protection Server Status Events
|
| 9300 |
Warning |
Smart Protection Server Disconnected for Web Reputation |
See Troubleshoot "Smart Protection Server disconnected" errors. |
| 9301 |
Info |
Smart Protection Server Connected for Web Reputation |
See Troubleshoot "Smart Protection Server disconnected" errors. |
| 9302 |
Warning |
Census, Good File Reputation, and Predictive Machine Learning Service Disconnected |
|
| 9303 |
Info |
Census, Good File Reputation, and Predictive Machine Learning Service Connected |
|