TIBCO LogLogic Alerts for GPG13
The following table lists the alerts included in the LogLogic® Compliance Suite - GPG 13 Edition.
| Serial Number | TIBCO LogLogic Alert | Description |
|---|---|---|
| 1 | GPG13: Accounts Created | Alerts when a new account is created on servers. |
| 2 | GPG13: Accounts Deleted | Alerts when an account is deleted on servers. |
| 3 | GPG13: Accounts Enabled | Alerts when an account has been enabled on servers. |
| 4 | GPG13: Accounts Locked | Alerts when an account has been locked on servers. |
| 5 | GPG13: Accounts Modified | Alerts when an account is modified on servers. |
| 6 | GPG13: Active Directory Changes | Alerts when changes are made within Active Directory. |
| 7 | GPG13: Allowed Connections | Allowed firewall connections. |
| 8 | GPG13: Check Point Policy Changed | Alerts when a Check Point firewall's policy has been modified. |
| 9 | GPG13: Cisco ISE, ACS Configuration Changed | Alerts when configuration changes are made to the Cisco ISE or Cisco SecureACS. |
| 10 | GPG13: Cisco ISE, ACS Passwords Changed | Alerts when a user changes their password via Cisco ISE or Cisco SecureACS. |
| 11 | GPG13: Cisco PIX, ASA, FWSM Commands Executed | Alerts when a Cisco PIX, ASA, or FWSM commands are executed. |
| 12 | GPG13: Cisco PIX, ASA, FWSM Failover Disabled | Alerts when a Cisco PIX, ASA, or FWSM HA configuration is disabled. |
| 13 | GPG13: Cisco PIX, ASA, FWSM Failover Errors | Alerts when an error has occurred during PIX, ASA, or FWSM failover. |
| 14 | GPG13: Cisco PIX, ASA, FWSM Failover Performed | Alerts when a failover has occurred on the Cisco PIX, ASA, or FWSM devices. |
| 15 | GPG13: Cisco PIX, ASA, FWSM Fragment Database Limit | Alerts when the fragment database count has been reached on Cisco PIX, ASA, or FWSM devices. |
| 16 | GPG13: Cisco PIX, ASA, FWSM Logon Failure | Alerts when login attempt to the Cisco PIX, ASA, or FWSM devices fails. |
| 17 | GPG13: Cisco PIX, ASA, FWSM Logon Success | Alerts when a login attempt to the Cisco PIX, ASA, or FWSM firewall is successful. |
| 18 | GPG13: Cisco PIX, ASA, FWSM NAT Failure | Failures in Network Address Translation (NAT) on the Cisco PIX, ASA, or FWSM. |
| 19 | GPG13: Cisco PIX, ASA, FWSM Policy Changed | Alerts when a Cisco PIX, ASA, or FWSM firewall policy has been modified. |
| 20 | GPG13: Cisco PIX, ASA, FWSM Protocol Failure | Alerts when possible network protocol failures on the Cisco PIX, ASA, or FWSM devices. |
| 21 | GPG13: System Restarted | Alerts when system has been restarted. |
| 22 | GPG13: Cisco PIX, ASA, FWSM Routing Failure | Alerts when routing failure occurred in the Cisco PIX, ASA, or FWSM devices. |
| 23 | GPG13: Cisco PIX, ASA, FWSM Shun Added | Alerts when a shun rule has been added to the PIX, ASA, or FWSM configuration. |
| 24 | GPG13: Cisco PIX, ASA, FWSM Shun Deleted | Alerts when a shun rule has been removed from the PIX, ASA, or FWSM configuration. |
| 25 | GPG13: Cisco PIX, ASA, FWSM VPN Tunnel Creation | Alerts when a VPN tunnel has been created on the Cisco PIX, ASA, or FWSM devices. |
| 26 | GPG13: Cisco PIX, ASA, FWSM VPN Tunnel Teardown | Alerts when a VPN tunnel has been removed on the Cisco PIX, ASA, or FWSM devices. |
| 27 | GPG13: Cisco Switch Card Insert | Alerts when a card module is inserted into a switch. |
| 28 | GPG13: Cisco Switch Device Reload | Alerts when a command to reload a Cisco switch has been executed. |
| 29 | GPG13: Cisco Switch Device Restart | Alerts when a router or switch has been rebooted. |
| 30 | GPG13: Cisco Switch HA Failure (ver) | Alerts when a HA setup has version incompatibility issues. |
| 31 | GPG13: Cisco Switch Interface Change | Alerts when network interfaces are going up or down. |
| 32 | GPG13: Cisco Switch Interface Down | Alerts when Cisco switch interface is going down. |
| 33 | GPG13: Cisco Switch Interface Up | Alerts when the Cisco switch interface is back up. |
| 34 | GPG13: Cisco Switch Policy Changed | Alerts when Cisco router or switch configuration has been modified. |
| 35 | GPG13: DB2 Database Backup Failed | Alerts when a DB2 database backup fails. |
| 36 | GPG13: DB2 Database Configuration Change | Alerts when a configuration is changed on a DB2 database. |
| 37 | GPG13: DB2 Database Restore Failed | Alerts when a database restore fails on a DB2 database. |
| 38 | GPG13: DB2 Database Started or Stopped | Alerts when a DB2 database is started or stopped. |
| 39 | GPG13: DB2 Database User Added or Dropped | Alerts when a user is added or dropped from a DB2 database. |
| 40 | GPG13: Disallowed Services | Disallowed firewall services. |
| 41 | GPG13: DNS Server Shutdown | Alerts when DNS Server has been shutdown. |
| 42 | GPG13: DNS Server Started | Alerts when DNS Server has been started. |
| 43 | GPG13: Escalated Privileges | Alerts when a user or program has escalated the privileges. |
| 44 | GPG13: Excessive IDS Attack | IDS anomalies using message volume threshold alerts. |
| 45 | GPG13: Group Members Added | Alerts when new members are added to user groups. |
| 46 | GPG13: Group Members Deleted | Alerts when members are removed from user groups. |
| 47 | GPG13: Groups Created | Alerts when new user groups are created. |
| 48 | GPG13: Groups Deleted | Alerts when a user group is deleted. |
| 49 | GPG13: Groups Modified | Alerts when a user group has been modified. |
| 50 | GPG13: Guardium SQL Guard Config Changes | Alerts when a configuration is changed on Guardium SQL Database. |
| 51 | GPG13: Guardium SQL Guard Data Access | Alerts when a select statement is made on Guardium SQL Database. |
| 52 | GPG13: Guardium SQL Guard Logins | Alerts when a user logs into the Guardium SQL Database. |
| 53 | GPG13: Guardium SQL Guard Startup or Shutdown | Alerts when the Guardium SQL Database is started or stopped. |
| 54 | GPG13: HP NonStop Audit Configuration Changed | Alerts when configuration changes are made to the HP NonStop Audit. |
| 55 | GPG13: HP NonStop Audit Permission Changed | Alerts on HP NonStop Audit permission changed events. |
| 56 | GPG13: i5/OS Network Profile Changes | Alerts when any changes are made to an i5/OS network profile. |
| 57 | GPG13: i5/OS Permission or Policy Change | Alerts when policies or permissions are changed on the i5/OS. |
| 58 | GPG13: i5/OS Server or Service Status Change | Alerts when the i5/OS is restarted or a service stops or starts. |
| 59 | GPG13: i5/OS Software Updates | Alerts when events related to the i5/OS software updates. |
| 60 | GPG13: i5/OS User Profile Changes | Alerts when a user profile is changed on the i5/OS. |
| 61 | GPG13: IBM AIX Password Changed | Alerts when an account password is changed on IBM AIX servers. |
| 62 | GPG13: Juniper Firewall HA State Change | Alerts when Juniper Firewall has changed its failover state. |
| 63 | GPG13: Juniper Firewall Logon Failure | Alerts when login attempt to the Juniper Firewall fails. |
| 64 | GPG13: Juniper Firewall Logon Success | Alerts when login attempt to the Juniper Firewall is successful. |
| 65 | GPG13: Juniper Firewall Peer Missing | Alerts when a Juniper Firewall HA peer is missing. |
| 66 | GPG13: Juniper Firewall Policy Changes | Alerts when Juniper Firewall configuration is changed. |
| 67 | GPG13: Juniper Firewall Policy Out of Sync | Alerts when the Juniper Firewall's policy is out of sync. |
| 68 | GPG13: Juniper Firewall System Reset | Alerts when the Juniper Firewall has been reset to system default. |
| 69 | GPG13: Juniper VPN Policy Change | Alerts when Juniper VPN policy or configuration change. |
| 70 | GPG13: Logins Failed | Alerts when login failures are over the defined threshold. |
| 71 | GPG13: Logins Succeeded | Alerts when successful logins are over the defined threshold. |
| 72 | GPG13: LogLogic Disk Full | Alerts when the LogLogic appliance's disk is near full. |
| 73 | GPG13: LogLogic DSM Configuration Changes | Alerts when a configuration is changed on LogLogic DSM database. |
| 74 | GPG13: LogLogic DSM Data Access | Alerts when a select statement is made on LogLogic DSM database. |
| 75 | GPG13: LogLogic DSM Logins | Alerts when a user logs into the LogLogic DSM database. |
| 76 | GPG13: LogLogic DSM Startup or Shutdown | Alerts when the LogLogic DSM database is started or stopped. |
| 77 | GPG13: LogLogic File Retrieval Errors | Alerts when problems are detected during log file retrieval. |
| 78 | GPG13: LogLogic Management Center Backed Up or Restored | Alerts on backup and restore events to the LogLogic management center. |
| 79 | GPG13: LogLogic Management Center Passwords Changed | Alerts when users have changed their passwords. |
| 80 | GPG13: LogLogic Management Center Upgrade Succeeded | Alerts for successful events related to the system's upgrade. |
| 81 | GPG13: LogLogic Message Routing Errors | Alerts when problems are detected during message forwarding. |
| 82 | GPG13: LogLogic Universal Collector Configuration Changed | Alerts when configuration changes are made to the LogLogic universal collector. |
| 83 | GPG13: Microsoft Operations Manager - Permissions Changed | Alerts when user or group permissions have been changed. |
| 84 | GPG13: Microsoft Operations Manager - Windows Passwords Changed | Alerts when users have changed their passwords. |
| 85 | GPG13: Microsoft Operations Manager - Windows Policies Changed | Alerts when Windows policies changed. |
| 86 | GPG13: Microsoft Sharepoint Content Deleted | Alerts on Microsoft Sharepoint content deleted events. |
| 87 | GPG13: Microsoft Sharepoint Content Updated | Alerts on Microsoft Sharepoint content updated events. |
| 88 | GPG13: Microsoft Sharepoint Permission Changed | Alerts on Microsoft Sharepoint permission changed events. |
| 89 | GPG13: Microsoft Sharepoint Policies Added, Removed, Modified | Alerts on Microsoft Sharepoint policy additions, deletions, and modifications. |
| 90 | GPG13: Microsoft SQL Server Backup Failed | Alerts when Microsoft SQL Server backup process has failed. |
| 91 | GPG13: Microsoft SQL Server Restore Failed | Alerts when Microsoft SQL Server restore process failed. |
| 92 | GPG13: Microsoft SQL Server Shutdown | Alerts when Microsoft SQL Server has been shutdown. |
| 93 | GPG13: Neoteris Files Accessed | Identifies all files being accessed through the Juniper SSL VPN. |
| 94 | GPG13: NetApp Authentication Failure | Alerts when NetApp authentication failure events occur. |
| 95 | GPG13: NetApp Bad File Handle | Alerts when a bad file handle is detected on a NetApp device. |
| 96 | GPG13: NetApp Bootblock Update | Alerts when the bootblock has been updated on a NetApp Filer. |
| 97 | GPG13: NetApp Filer Audit Policies Changed | Alerts when NetApp Filer Audit policies changed. |
| 98 | GPG13: NetApp Filer Disk Failure | Alerts when a disk fails on a NetApp Filer. |
| 99 | GPG13: NetApp Filer Disk Inserted | Alerts when a disk is inserted into the NetApp Filer. |
| 100 | GPG13: NetApp Filer Disk Missing | Alerts when a disk is missing on the NetApp Filer device. |
| 101 | GPG13: NetApp Filer Disk Pulled | Alerts when a RAID disk has been pulled from the Filer device. |
| 102 | GPG13: NetApp Filer Disk Scrub Suspended | Alerts when the disk scrubbing process has been suspended. |
| 103 | GPG13: NetApp Filer File System Full | Alerts when the file system is full on the NetApp Filer device. |
| 104 | GPG13: NetApp Filer NIS Group Update | Alerts when the NIS group has been updated on the Filer device. |
| 105 | GPG13: NetApp Filer Snapshot Error | Alerts when an error has been detected during a NetApp Filer snapshot. |
| 106 | GPG13: NetApp Filer Unauthorized Mounting | Alerts when an unauthorized mount event occurs. |
| 107 | GPG13: Oracle Database Configuration Change | Alerts when an ALTER or an UPDATE command is executed on Oracle DBs. |
| 108 | GPG13: Oracle Database Data Access | Alerts when Oracle tables are accessed. |
| 109 | GPG13: Oracle Database Permissions Changed | Alerts when permissions are changed on Oracle databases. |
| 110 | GPG13: Oracle Database Shutdown | Alerts when an Oracle database is shutdown. |
| 111 | GPG13: Oracle Database User Added or Deleted | Alerts when a user is added or deleted from an Oracle database. |
| 112 | GPG13: Policy Violation | Alerts when the firewall policy is violated. |
| 113 | GPG13: RACF Files Accessed | Alerts when files are accessed on the RACF servers. |
| 114 | GPG13: RACF Passwords Changed | Alerts when users have changed their passwords. |
| 115 | GPG13: RACF Permissions Changed | Alerts when user or group permissions have been changed. |
| 116 | GPG13: RACF Process Started | Alerts whenever a process is run on a RACF server. |
| 117 | GPG13: Sidewinder Configuration Changed | Alerts when configuration changes are made to the Sidewinder. |
| 118 | GPG13: Sybase ASE Database Backed Up or Restored | Alerts on backup and restore events to the Sybase ASE Database. |
| 119 | GPG13: Sybase ASE Database Config Changes | Alerts on Sybase ASE Database configuration change events. |
| 120 | GPG13: Sybase ASE Database Data Access | Alerts on Sybase ASE Database data access events. |
| 121 | GPG13: Sybase ASE Database Started | Alerts on Sybase ASE Database start events. |
| 122 | GPG13: Sybase ASE Database Stopped | Alerts on Sybase ASE Database stop events. |
| 123 | GPG13: Symantec Endpoint Protection Configuration Changed | Alerts when configuration changes are made to the Symantec Endpoint Protection. |
| 124 | GPG13: Symantec Endpoint Protection Policy Add, Delete, Modify | Alerts on Symantec Endpoint Protection additions, deletions, and modifications. |
| 125 | GPG13: System Anomalies | Detects and alerts any anomalies based on past log patterns. |
| 126 | GPG13: System Restarted | Alerts when systems such as routers and switches have restarted. |
| 127 | GPG13: TIBCO ActiveMatrix Administrator Permission Changed | Alerts on TIBCO ActiveMatrix Administrator permission changed events. |
| 128 | GPG13: vCenter Create Virtual Machine | Alerts when virtual machine has been created from VMware vCenter console. |
| 129 | GPG13: vCenter Data Move | Alerts when entity has been moved within the VMware vCenter infrastructure. |
| 130 | GPG13: vCenter Datastore Event | Alerts on create, modify, and delete datastore events on VMware vCenter. |
| 131 | GPG13: vCenter Delete Virtual Machine | Alerts when a virtual machine has been deleted or removed from VMware vCenter console. |
| 132 | GPG13: vCenter Firewall Policy Change | Alerts when changes to the VMware ESX allowed services firewall policy. |
| 133 | GPG13: vCenter Orchestrator Create Virtual Machine | Alerts when a virtual machine has been created from VMware vCenter Orchestrator console. |
| 134 | GPG13: vCenter Orchestrator Data Move | Alerts when an entity is moved within the VMware vCenter Orchestrator infrastructure. |
| 135 | GPG13: vCenter Orchestrator Datastore Events | Alerts on create, modify, and delete datastore events on VMware vCenter Orchestrator. |
| 136 | GPG13: vCenter Orchestrator Delete Virtual Machine | Alerts when a virtual machine has been deleted or removed from VMware vCenter Orchestrator console. |
| 137 | GPG13: vCenter Orchestrator Login Failed | Alerts when logins to the VMware vCenter Orchestrator console fail. |
| 138 | GPG13: vCenter Orchestrator Virtual Machine Shutdown | Alerts when a virtual machine has been shutdown or paused from VMware vCenter Orchestrator console. |
| 139 | GPG13: vCenter Orchestrator Virtual Machine Started | Alerts when a virtual machine has been started or resumed from VMware vCenter Orchestrator console. |
| 140 | GPG13: vCenter Orchestrator vSwitch Add, Modify or Delete | Alerts when a vSwitch on VMware ESX server has been added, modified or removed from vCenter Orchestrator. |
| 141 | GPG13: vCenter Permission Change | Alerts when a permission role has been added, changed, removed, or applied on VMware vCenter. |
| 142 | GPG13: vCenter Restart ESX Services | Alerts when VMware vCenter restarted services running on VMware ESX Server. |
| 143 | GPG13: vCenter Shutdown or Restart ESX | Alerts when VMware ESX Server is shutdown from vCenter console. |
| 144 | GPG13: vCenter User Login Failed | Alerts on failed logins to the VMware vCenter console. |
| 145 | GPG13: vCenter User Login Successful | Alerts on successful logins to the VMware vCenter console. |
| 146 | GPG13: vCenter Virtual Machine Shutdown | Alerts when virtual machine has been shutdown or paused from VMware vCenter console. |
| 147 | GPG13: vCenter Virtual Machine Started | Alerts when virtual machine has been started or resumed from VMware vCenter console. |
| 148 | GPG13: vCenter vSwitch Add, Modify or Delete | Alert when vSwitch on VMware ESX server has been added, modified or removed from vCenter. |
| 149 | GPG13: vCloud Director Login Failed | Alerts on failed logins to the VMware vCloud Director console. |
| 150 | GPG13: vCloud Director Login Success | Alerts on successful logins to the VMware vCloud Director console. |
| 151 | GPG13: vCloud Organization Created | Alerts when organization successfully created on VMware vCloud Director. |
| 152 | GPG13: vCloud Organization Deleted | Alerts when organization successfully deleted on VMware vCloud Director. |
| 153 | GPG13: vCloud Organization Modified | Alerts when organization successfully modified on VMware vCloud Director. |
| 154 | GPG13: vCloud User Created | Alerts when a user successfully created on VMware vCloud Director. |
| 155 | GPG13: vCloud User, Group, or Role Modified | Alerts when VMware vCloud Director user, group, or role has been modified. |
| 156 | GPG13: vCloud vApp Created, Deleted, or Modified | Alerts when VMware vCloud Director vApp has been created, deleted, or modified. |
| 157 | GPG13: vCloud vDC Created, Modified, or Deleted | Alerts when VMware vCloud Director Virtual Datacenters have been created, deleted, or modified. |
| 158 | GPG13: vShield Edge Configuration Change | Alerts when configuration changes to VMware vShield Edge policies. |
| 159 | GPG13: Windows Audit Log Cleared | Alerts when audit logs on Windows servers have been cleared. |
| 160 | GPG13: Windows Files Accessed | Show files accessed on the Windows servers. |
| 161 | GPG13: Windows Passwords Changed | Alerts when users have changed their passwords. |
| 162 | GPG13: Windows Permissions Changed | Alerts when user or group permissions have been changed. |
| 163 | GPG13: Windows Policies Changed | Alerts when Windows policies have been changed. |
| 164 | GPG13: Windows Programs Accessed | Alerts when a program is accessed on a Windows server. |
| 165 | GPG13: System Restarted | Alerts when system has been restarted. |
| 166 | GPG13: Windows Software Updates | Alerts when events related to the Windows' software updates. |
| 167 | GPG13: Windows Software Updates Failed | Alerts when failed events related to the software updates. |
| 168 | GPG13: Windows Software Updates Succeeded | Alerts for successful events related to the software updates. |
| 169 | GPG13: Anomalous IDS Alert | Alerts when IDS anomalies are above or below defined threshold. |
| 170 | GPG13: Pulse Connect Secure Policy Change Alert | Displays alert when Pulse Connect Secure policy or configuration change |
Copyright © Cloud Software Group, Inc. All rights reserved.