TIBCO LogLogic Alerts for FISMA
The LogLogic® Compliance Suite - FISMA Edition allows for the continuous monitoring of the IT infrastructure using behavioral-based alerts. .
Serial Number | TIBCO LogLogic Alert | Description |
---|---|---|
1 | FISMA: Accounts Created | Alerts when a new account is created on servers. |
2 | FISMA: Accounts Deleted | Alerts when an account is deleted on servers. |
3 | FISMA: Accounts Enabled | Alerts when an account is enabled on servers. |
4 | FISMA: Accounts Locked | Alerts when an account is locked on servers. |
5 | FISMA: Accounts Modified | Alerts when an account is modified on servers. |
6 | FISMA: Active Directory Changes | Alerts when changes are made within Active Directory. |
7 | FISMA: Anomalous Firewall Traffic | Alerts when firewall traffic patterns are out of the norm. |
8 | FISMA: Anomalous IDS Alerts | Alerts when IDS anomalies are above or below defined thresholds. |
9 | FISMA: Check Point Policy Changed | Alerts when a Check Point firewall’s policy is modified. |
10 | FISMA: Cisco ISE, ACS Configuration Changed | Alerts when configuration changes are made to the Cisco ISE or Cisco SecureACS. |
11 | FISMA: Cisco ISE, ACS Passwords Changed | Alerts when a user changes their password through Cisco ISE or Cisco SecureACS. |
12 | FISMA: Cisco PIX, ASA, FWSM Failover Disabled | Alerts when a Cisco PIX, ASA, or FWSM HA configuration is disabled. |
13 | FISMA: Cisco PIX, ASA, FWSM Failover Errors | Alerts when an error has occurred during PIX, ASA, or FWSM failover. |
14 | FISMA: Cisco PIX, ASA, FWSM Failover Performed | Alerts when a failover has occurred on the Cisco PIX, ASA, or FWSM devices. |
15 | FISMA: Cisco PIX, ASA, FWSM Policy Changed | Alerts when a Cisco PIX, ASA, or FWSM firewall policy is modified. |
16 | FISMA: Cisco PIX, ASA, FWSM Routing Failure | Alerts when routing failure occurred in the Cisco PIX, ASA, or FWSM devices. |
17 | FISMA: Cisco Switch Policy Changed | Alerts when Cisco router or switch configuration is modified. |
18 | FISMA: DB2 Database Backup Failed | Alerts when a DB2 database backup fails. |
19 | FISMA: DB2 Database Restore Failed | Alerts when a database restore fails on a DB2 database. |
20 | FISMA: DB2 Database Started or Stopped | Alerts when a DB2 database is started or stopped. |
21 | FISMA: DNS Server Shutdown | Alerts when DNS Server is shutdown. |
22 | FISMA: DNS Server Started | Alerts when DNS Server is started. |
23 | FISMA: Escalated Privileges | Alerts when a user or program has escalated the privileges. |
24 | FISMA: F5 BIG-IP TMOS Risky Traffic | F5 BIG-IP TMOS traffic considered risky. |
25 | FISMA: Firewall Traffic Considered Risky | Alerts on non HTTP, SSL, or SSH traffic passing through the firewall. |
26 | FISMA: Group Members Added | Alerts when new members are added to user groups. |
27 | FISMA: Group Members Deleted | Alerts when members are removed from user groups. |
28 | FISMA: Groups Created | Alerts when new user groups are created. |
29 | FISMA: Groups Deleted | Alerts when a user group is deleted. |
30 | FISMA: Groups Modified | Alerts when a user group is modified. |
31 | FISMA: Guardium SQL Guard Logins | Alerts when a user logs into the Guardium SQL Database. |
32 | FISMA: Guardium SQL Guard Startup or Shutdown | Alerts when the Guardium SQL Database is started or stopped. |
33 | FISMA: HP NonStop Audit Configuration Changed | Alerts when configuration changes are made to the HP NonStop Audit. |
34 | FISMA: HP NonStop Audit Permission Changed | Alerts on HP NonStop Audit permission changed events. |
35 | FISMA: i5/OS Network Profile Changes | Alerts when any changes are made to an i5/OS network profile. |
36 | FISMA: i5/OS Permission or Policy Change | Alerts when policies or permissions are changed on the i5/OS. |
37 | FISMA: i5/OS Server or Service Status Change | Alerts when the i5/OS is restarted or a service stops or starts. |
38 | FISMA: i5/OS Software Updates | Alerts when events related to the i5/OS software updates. |
39 | FISMA: i5/OS User Profile Changes | Alerts when a user profile is changed on the i5/OS. |
40 | FISMA: IBM AIX Password Changed | Alerts when an account password is changed on IBM AIX servers. |
41 | FISMA: Juniper Firewall HA State Change | Alerts when Juniper Firewall has changed its failover state. |
42 | FISMA: Juniper Firewall Peer Missing | Alerts when a Juniper Firewall HA peer is missing. |
43 | FISMA: Juniper Firewall Policy Changes | Alerts when Juniper Firewall configuration is changed. |
44 | FISMA: Juniper Firewall Policy Out of Sync | Alerts when the Juniper Firewall’s policy is out of sync. |
45 | FISMA: Juniper VPN Policy Change | Alerts when Juniper VPN policy or configuration change. |
46 | FISMA: Logins Failed | Alerts when login failures are over the defined threshold. |
47 | FISMA: Logins Succeeded | Alerts when successful logins are over the defined threshold. |
48 | FISMA: LogLogic Disk Full | Alerts when the LogLogic appliance’s disk is near full. |
49 | FISMA: LogLogic DSM Logins | Alerts when a user logs into the LogLogic DSM database. |
50 | FISMA: LogLogic DSM Startup or Shutdown | Alerts when the LogLogic DSM database is started or stopped. |
51 | FISMA: LogLogic File Retrieval Errors | Alerts when problems are detected during log file retrieval. |
52 | FISMA: LogLogic HA State Change | Alerts when the LogLogic appliance failover state changes. |
53 | FISMA: LogLogic Management Center Backed Up or Restored | Alerts on backup and restore events to the LogLogic management center. |
54 | FISMA: LogLogic Management Center Passwords Changed | Alerts when users have changed their passwords. |
55 | FISMA: LogLogic Management Center Upgrade Succeeded | Alerts for successful events related to the system’s upgrade. |
56 | FISMA: LogLogic Message Routing Errors | Alerts when problems are detected during message forwarding. |
57 | FISMA: LogLogic NTP Service Stopped | Alerts when the LogLogic NTP engine has stopped. |
58 | FISMA: LogLogic Universal Collector Configuration Changed | Alerts when configuration changes are made to the LogLogic universal collector. |
59 | FISMA: Microsoft Operations Manager - Permissions Changed | Alerts when user or group permissions have been changed. |
60 | FISMA: Microsoft Operations Manager - Windows Passwords Changed | Alerts when users have changed their passwords. |
61 | FISMA: Microsoft Operations Manager - Windows Policies Changed | Alerts when Windows policies changed. |
62 | FISMA: Microsoft Operations Manager - Windows Server Restarted | Alerts when a Windows server has restarted. |
63 | FISMA: Microsoft Sharepoint Content Deleted | Alerts on Microsoft Sharepoint content deleted events. |
64 | FISMA: Microsoft Sharepoint Content Updated | Alerts on Microsoft Sharepoint content updated events. |
65 | FISMA: Microsoft Sharepoint Permission Changed | Alerts on Microsoft Sharepoint permission changed events. |
66 | FISMA: Microsoft Sharepoint Policies Added, Removed, Modified | Alerts on Microsoft Sharepoint policy additions, deletions, and modifications. |
67 | FISMA: Microsoft SQL Server Backup Failed | Alerts when Microsoft SQL Server backup process has failed. |
68 | FISMA: Microsoft SQL Server Restore Failed | Alerts when Microsoft SQL Server restore process failed |
69 | FISMA: Microsoft SQL Server Shutdown | Alerts when Microsoft SQL Server is shutdown. |
70 | FISMA: NetApp Authentication Failure | Alerts when NetApp authentication failure events occur. |
71 | FISMA: NetApp Filer Audit Policies Changed | Alerts when NetApp Filer Audit policies changed. |
72 | FISMA: NetApp Filer Disk Failure | Alerts when a disk fails on a NetApp Filer. |
73 | FISMA: NetApp Filer Disk Inserted | Alerts when a disk is inserted into the NetApp Filer. |
74 | FISMA: NetApp Filer Disk Missing | Alerts when a disk is missing on the NetApp Filer device. |
75 | FISMA: NetApp Filer Disk Pulled | Alerts when a RAID disk is pulled from the Filer device. |
76 | FISMA: NetApp Filer File System Full | Alerts when the file system is full on the NetApp Filer device. |
77 | FISMA: NetApp Filer NIS Group Update | Alerts when the NIS group is updated on the Filer device. |
78 | FISMA: NetApp Filer Snapshot Error | Alerts when an error is detected during a NetApp Filer snapshot. |
79 | FISMA: NetApp Filer Unauthorized Mounting | Alerts when an unauthorized mount event occurs. |
80 | FISMA: NTP Daemon Exited | Alerts when the NTP service has stopped. |
81 | FISMA: NTP Server Unreachable | Alerts when the remote NTP server is unreachable. |
82 | FISMA: Pulse Connect Secure Policy Change | Alerts when Pulse Connect Secure policy or configuration change. |
83 | FISMA: Oracle Database Shutdown | Alerts when an Oracle database is shutdown. |
84 | FISMA: RACF Files Accessed | Alerts when files are accessed on the RACF servers. |
85 | FISMA: RACF Passwords Changed | Alerts when users have changed their passwords. |
86 | FISMA: RACF Permissions Changed | Alerts when user or group permissions have been changed. |
87 | FISMA: RACF Process Started | Alerts whenever a process is run on a RACF server. |
88 | FISMA: Sidewinder Configuration Changed | Alerts when configuration changes are made to the Sidewinder. |
89 | FISMA: Sybase ASE Database Backed Up or Restored | Alerts on backup and restore events to the Sybase ASE Database. |
90 | FISMA: Sybase ASE Database Started | Alerts on Sybase ASE Database start events. |
91 | FISMA: Sybase ASE Database Stopped | Alerts on Sybase ASE Database stop events. |
92 | FISMA: Symantec Endpoint Protection Configuration Changed | Alerts when configuration changes are made to the Symantec Endpoint Protection. |
93 | FISMA: Symantec Endpoint Protection Policy Add, Delete, Modify | Alerts on Symantec Endpoint Protection additions, deletions, and modifications. |
94 | FISMA: System Restarted | Alerts when systems such as routers and switches have restarted. |
95 | FISMA: TIBCO ActiveMatrix Administrator Permission Changed | Alerts on TIBCO ActiveMatrix Administrator permission changed events. |
96 | FISMA: vCenter Create Virtual Machine | Alerts when virtual machine is created from VMware vCenter console. |
97 | FISMA: vCenter Data Move | Alerts when entity is moved within the VMware vCenter infrastructure. |
98 | FISMA: vCenter Datastore Event | Alerts on create, modify, and delete datastore events on VMware vcenter. |
99 | FISMA: vCenter Delete Virtual Machine | Alerts when a virtual machine is deleted or removed from VMware vCenter console. |
100 | FISMA: vCenter Firewall Policy Change | Alerts when changes to the VMware ESX allowed services firewall policy. |
101 | FISMA: vCenter Orchestrator Create Virtual Machine | Virtual machine is created from VMware vCenter Orchestrator console. |
102 | FISMA: vCenter Orchestrator Data Move | Entity is moved within the VMware vCenter Orchestrator infrastructure. |
103 | FISMA: vCenter Orchestrator Datastore Events | Alerts on create, modify, and delete datastore events on VMware vCenter Orchestrator. |
104 | FISMA: vCenter Orchestrator Delete Virtual Machine | Alerts when a virtual machine is deleted or removed from VMware vCenter Orchestrator console. |
105 | FISMA: vCenter Orchestrator Login Failed | Failed logins to the VMware vCenter Orchestrator console. |
106 | FISMA: vCenter Orchestrator Virtual Machine Shutdown | Virtual machine is shutdown or paused from VMware vCenter Orchestrator console. |
107 | FISMA: vCenter Orchestrator Virtual Machine Started | Virtual machine is started or resumed from VMware vCenter Orchestrator console. |
108 | FISMA: vCenter Orchestrator vSwitch Add, Modify or Delete | vSwitch on VMware ESX Server is added, modified or removed from vCenter Orchestrator. |
109 | FISMA: vCenter Permission Change | Alerts when a permission role is added, changed, removed, or applied on VMware vCenter. |
110 | FISMA: vCenter Restart ESX Services | Alerts when VMware vCenter restarted services running on VMware ESX Server. |
111 | FISMA: vCenter Shutdown or Restart ESX | Alerts when VMware ESX Server is shutdown from vCenter console. |
112 | FISMA: vCenter User Login Failed | Alerts on failed logins to the VMware vCenter console. |
113 | FISMA: vCenter User Login Successful | Alerts on successful logins to the VMware vCenter console. |
114 | FISMA: vCenter Virtual Machine Shutdown | Alerts when virtual machine is shutdown or paused from VMware vCenter console. |
115 | FISMA: vCenter Virtual Machine Started | Alerts when virtual machine is started or resumed from VMware vCenter console. |
116 | FISMA: vCenter vSwitch Add, Modify or Delete | Alerts when vSwitch on VMware ESX Server is added, modified or removed from vCenter. |
117 | FISMA: vCloud Director Login Failed | Alerts on failed logins to the VMware vCloud Director console. |
118 | FISMA: vCloud Director Login Success | Alerts on successful logins to the VMware vCloud Director console. |
119 | FISMA: vCloud Organization Created | Alerts when organization successfully created on VMware vCloud Director. |
120 | FISMA: vCloud Organization Deleted | Alerts when organization successfully deleted on VMware vCloud Director. |
121 | FISMA: vCloud Organization Modified | Alerts when organization successfully modified on VMware vCloud Director. |
122 | FISMA: vCloud User Created | Alerts when a user successfully created on VMware vCloud Director. |
123 | FISMA: vCloud User, Group, or Role Modified | Alerts when VMware vCloud Director user, group, or role is modified. |
124 | FISMA: vCloud vApp Created, Deleted, or Modified | Alerts when VMware vCloud Director vApp is created, deleted, or modified. |
125 | FISMA: vCloud vDC Created, Modified, or Deleted | Alerts when VMware vCloud Director Virtual Datacenters have been created, deleted, or modified. |
126 | FISMA: vShield Edge Configuration Change | Alerts when configuration changes to VMware vShield Edge policies. |
127 | FISMA: vShield Risky Traffic | Alerts when VMware vShield Edge traffic considered risky. |
128 | FISMA: Windows Audit Log Cleared | Alerts when audit logs on Windows servers have been cleared. |
129 | FISMA: Windows Files Accessed | Show files accessed on the Windows servers. |
130 | FISMA: Windows Objects Create/Delete | Alerts when system level objects have been created or deleted. |
131 | FISMA: Windows Passwords Changed | Alerts when users have changed their passwords. |
132 | FISMA: Windows Permissions Changed | Alerts when user or group permissions have been changed. |
133 | FISMA: Windows Policies Changed | Alerts when Windows policies changed. |
134 | FISMA: Windows Process Started | Alerts when a process is started on a Windows server. |
135 | FISMA: Windows Programs Accessed | Alerts when a program is accessed on a Windows server. |
136 | FISMA: System Restarted | Alerts when system is restarted. |
137 | FISMA: Windows Software Updates | Alerts when events related to the Windows’ software updates. |
138 | FISMA: Windows Software Updates Failed | Alerts when failed events related to the software updates. |
139 | FISMA: Windows Software Updates Succeeded | Alerts for successful events related to the software updates. |
Copyright © Cloud Software Group, Inc. All rights reserved.