Agent event descriptions

ID Severity Event Notes
Special Events
0 Error Unknown Agent/Appliance Event
Driver-Related Events
1000 Error Unable To Open Engine
1001 Error Engine Command Failed
1002 Warning Engine List Objects Error
1003 Warning Remove Object Failed
1004 Error Driver Upgrade Stalled
1005 Warning Upgrading Driver
1006 Warning Driver Upgrade Requires Reboot
1007 Warning Driver Upgrade Succeeded
1008 Error Kernel Unsupported
Configuration-Related Events
2000 Info Policy Sent
2001 Warning Invalid Firewall Rule Assignment
2002 Warning Invalid Firewall Stateful Configuration
2003 Error Save Security Configuration Failed
2004 Warning Invalid Interface Assignment
2005 Warning Invalid Interface Assignment
2006 Warning Invalid Action
2007 Warning Invalid Packet Direction
2008 Warning Invalid Rule Priority
2009 Warning Unrecognized IP Format
2010 Warning Invalid Source IP List
2011 Warning Invalid Source Port List
2012 Warning Invalid Destination IP List
2013 Warning Invalid Destination Port List
2014 Warning Invalid Schedule
2015 Warning Invalid Source MAC List
2016 Warning Invalid Destination MAC List
2017 Warning Invalid Schedule Length
2018 Warning Invalid Schedule String
2019 Warning Unrecognized IP Format
2020 Warning Object Not Found
2021 Warning Object Not Found
2022 Warning Invalid Rule Assignment
2050 Warning Firewall Rule Not Found
2075 Warning Traffic Stream Not Found
2076 Warning Intrusion Prevention Rule Not Found
2077 Warning Pattern List Not Found
2078 Warning Traffic Stream Conversion Error
2080 Warning Conditional Firewall Rule Not Found
2081 Warning Conditional Intrusion Prevention Rule Not Found
2082 Warning Empty Intrusion Prevention Rule
2083 Warning Intrusion Prevention Rule XML Rule Conversion Error
2085 Error Security Configuration Error
2086 Warning Unsupported IP Match Type
2087 Warning Unsupported MAC Match Type
2088 Warning Invalid SSL Credential
2089 Warning Missing SSL Credential
Hardware-Related Events
3000 Warning Invalid MAC Address
3001 Warning Get Event Data Failed
3002 Warning Too Many Interfaces
3003 Error Unable To Run External Command
3004 Error Unable To Read External Command Output
3005 Error Operating System Call Error
3006 Error Operating System Call Error
3007 Error File Error
3008 Error Machine-Specific Key Error
3009 Error Unexpected Agent/Appliance Shutdown
3010 Error Agent/Appliance Database Error
3300 Warning Get Event Data Failed Linux error.
3302 Warning Get Security Configuration Failed Linux error.
3303 Error File Mapping Error Linux error. File type error.
3600 Error Get Windows System Directory Failed
3601 Warning Read Local Data Error Windows error.
3602 Warning Windows Service Error Windows error.
3603 Error File Mapping Error Windows error. File size error.
3700 Warning Abnormal Restart Detected Windows error.
3701 Info System Last Boot Time Change Windows error.
Communications-Related Events
4000 Warning Invalid Protocol Header Content length out of range.
4001 Warning Invalid Protocol Header Content length missing.
4002 Info Command Session Initiated
4003 Info Configuration Session Initiated
4004 Info Command Received
4011 Warning Failure to Contact Manager
4012 Warning Heartbeat Failed
Agent-Related Events
5000 Info Agent/Appliance Started
5001 Error Thread Exception
5002 Error Operation Timed Out
5003 Info Agent/Appliance Stopped
5004 Warning Clock Changed
5005 Info Agent/Appliance Auditing Started
5006 Info Agent/Appliance Auditing Stopped
5007 Info Appliance Protection Change
5008 Warning Filter Driver Connection Failed
5009 Info Filter Driver Connection Success
5010 Warning Filter Driver Informational Event
5100 Info Protection Module Deployment Started
5101 Info Protection Module Deployment Succeeded
5102 Error Protection Module Deployment Failed
5103 Info Protection Module Download Succeeded
5104 Info Protection Module Disablement Started
5105 Info Protection Module Disablement Succeeded
5106 Error Protection Module Disablement Failed
5107 Info Agent Self-Protection enabled
5108 Info Agent Self-Protection disabled
Logging-Related Events
6000 Info Log Device Open Error
6001 Info Log File Open Error
6002 Info Log File Write Error
6003 Info Log Directory Creation Error
6004 Info Log File Query Error
6005 Info Log Directory Open Error
6006 Info Log File Delete Error
6007 Info Log File Rename Error
6008 Info Log Read Error
6009 Warning Log File Deleted Due To Insufficient Space
6010 Warning Events Were Suppressed
6011 Warning Events Truncated
6012 Error Insufficient Disk Space
6013 Warning Agent configuration package too large
Attack/Scan/Probe-Related Events
7000 Warning Computer OS Fingerprint Probe
7001 Warning Network or Port Scan
7002 Warning TCP Null Scan
7003 Warning TCP SYNFIN Scan
7004 Warning TCP Xmas Scan
Download Security Update Events
9050 Info Update of Anti-Malware Component on Agent Succeeded
9051 Error Update of Anti-Malware Component on Agent Failed
9100 Info Security Update Successful
9101 Error Security Update Failure
9102 Error Security Update Failure Specific information recorded in error message.
Relay Events
9103 Info Relay Web Server Disabled
9104 Info Relay Web Server Enabled
9105 Error Enable Relay Web Server Failed
9106 Error Disable Relay Web Server Failed
9107 Error Relay Web Server failed
9108 Info Unable to Connect to Update Source
9109 Error Component Update Failure
9110 Error Anti-Malware license is expired
9111 Info Security Update Rollback Success
9112 Error Security Update Rollback Failure
9113 Info Relay Replicated All Packages
9114 Error Relay Failed to Replicate All Packages
Integrity Scan Status Events
9201 Info Integrity Scan Started
9203 Info Integrity Scan Terminated Abnormally
9204 Info Integrity Scan Paused
9205 Info Integrity Scan Resumed
9208 Warning Integrity Scan failed to start
9209 Warning Integrity Scan Stalled
Smart Protection Server Status Events
9300 Warning Smart Protection Server Disconnected for Web Reputation
9301 Info Smart Protection Server Connected for Web Reputation