TIBCO LogLogic Alerts for GPG13
The following table lists the alerts included in the LogLogic® Compliance Suite - GPG 13 Edition.
Serial Number | TIBCO LogLogic Alert | Description |
---|---|---|
1 | GPG13: Accounts Created | Alerts when a new account is created on servers. |
2 | GPG13: Accounts Deleted | Alerts when an account is deleted on servers. |
3 | GPG13: Accounts Enabled | Alerts when an account has been enabled on servers. |
4 | GPG13: Accounts Locked | Alerts when an account has been locked on servers. |
5 | GPG13: Accounts Modified | Alerts when an account is modified on servers. |
6 | GPG13: Active Directory Changes | Alerts when changes are made within Active Directory. |
7 | GPG13: Allowed Connections | Allowed firewall connections. |
8 | GPG13: Check Point Policy Changed | Alerts when a Check Point firewall's policy has been modified. |
9 | GPG13: Cisco ISE, ACS Configuration Changed | Alerts when configuration changes are made to the Cisco ISE or Cisco SecureACS. |
10 | GPG13: Cisco ISE, ACS Passwords Changed | Alerts when a user changes their password via Cisco ISE or Cisco SecureACS. |
11 | GPG13: Cisco PIX, ASA, FWSM Commands Executed | Alerts when a Cisco PIX, ASA, or FWSM commands are executed. |
12 | GPG13: Cisco PIX, ASA, FWSM Failover Disabled | Alerts when a Cisco PIX, ASA, or FWSM HA configuration is disabled. |
13 | GPG13: Cisco PIX, ASA, FWSM Failover Errors | Alerts when an error has occurred during PIX, ASA, or FWSM failover. |
14 | GPG13: Cisco PIX, ASA, FWSM Failover Performed | Alerts when a failover has occurred on the Cisco PIX, ASA, or FWSM devices. |
15 | GPG13: Cisco PIX, ASA, FWSM Fragment Database Limit | Alerts when the fragment database count has been reached on Cisco PIX, ASA, or FWSM devices. |
16 | GPG13: Cisco PIX, ASA, FWSM Logon Failure | Alerts when login attempt to the Cisco PIX, ASA, or FWSM devices fails. |
17 | GPG13: Cisco PIX, ASA, FWSM Logon Success | Alerts when a login attempt to the Cisco PIX, ASA, or FWSM firewall is successful. |
18 | GPG13: Cisco PIX, ASA, FWSM NAT Failure | Failures in Network Address Translation (NAT) on the Cisco PIX, ASA, or FWSM. |
19 | GPG13: Cisco PIX, ASA, FWSM Policy Changed | Alerts when a Cisco PIX, ASA, or FWSM firewall policy has been modified. |
20 | GPG13: Cisco PIX, ASA, FWSM Protocol Failure | Alerts when possible network protocol failures on the Cisco PIX, ASA, or FWSM devices. |
21 | GPG13: System Restarted | Alerts when system has been restarted. |
22 | GPG13: Cisco PIX, ASA, FWSM Routing Failure | Alerts when routing failure occurred in the Cisco PIX, ASA, or FWSM devices. |
23 | GPG13: Cisco PIX, ASA, FWSM Shun Added | Alerts when a shun rule has been added to the PIX, ASA, or FWSM configuration. |
24 | GPG13: Cisco PIX, ASA, FWSM Shun Deleted | Alerts when a shun rule has been removed from the PIX, ASA, or FWSM configuration. |
25 | GPG13: Cisco PIX, ASA, FWSM VPN Tunnel Creation | Alerts when a VPN tunnel has been created on the Cisco PIX, ASA, or FWSM devices. |
26 | GPG13: Cisco PIX, ASA, FWSM VPN Tunnel Teardown | Alerts when a VPN tunnel has been removed on the Cisco PIX, ASA, or FWSM devices. |
27 | GPG13: Cisco Switch Card Insert | Alerts when a card module is inserted into a switch. |
28 | GPG13: Cisco Switch Device Reload | Alerts when a command to reload a Cisco switch has been executed. |
29 | GPG13: Cisco Switch Device Restart | Alerts when a router or switch has been rebooted. |
30 | GPG13: Cisco Switch HA Failure (ver) | Alerts when a HA setup has version incompatibility issues. |
31 | GPG13: Cisco Switch Interface Change | Alerts when network interfaces are going up or down. |
32 | GPG13: Cisco Switch Interface Down | Alerts when Cisco switch interface is going down. |
33 | GPG13: Cisco Switch Interface Up | Alerts when the Cisco switch interface is back up. |
34 | GPG13: Cisco Switch Policy Changed | Alerts when Cisco router or switch configuration has been modified. |
35 | GPG13: DB2 Database Backup Failed | Alerts when a DB2 database backup fails. |
36 | GPG13: DB2 Database Configuration Change | Alerts when a configuration is changed on a DB2 database. |
37 | GPG13: DB2 Database Restore Failed | Alerts when a database restore fails on a DB2 database. |
38 | GPG13: DB2 Database Started or Stopped | Alerts when a DB2 database is started or stopped. |
39 | GPG13: DB2 Database User Added or Dropped | Alerts when a user is added or dropped from a DB2 database. |
40 | GPG13: Disallowed Services | Disallowed firewall services. |
41 | GPG13: DNS Server Shutdown | Alerts when DNS Server has been shutdown. |
42 | GPG13: DNS Server Started | Alerts when DNS Server has been started. |
43 | GPG13: Escalated Privileges | Alerts when a user or program has escalated the privileges. |
44 | GPG13: Excessive IDS Attack | IDS anomalies using message volume threshold alerts. |
45 | GPG13: Group Members Added | Alerts when new members are added to user groups. |
46 | GPG13: Group Members Deleted | Alerts when members are removed from user groups. |
47 | GPG13: Groups Created | Alerts when new user groups are created. |
48 | GPG13: Groups Deleted | Alerts when a user group is deleted. |
49 | GPG13: Groups Modified | Alerts when a user group has been modified. |
50 | GPG13: Guardium SQL Guard Config Changes | Alerts when a configuration is changed on Guardium SQL Database. |
51 | GPG13: Guardium SQL Guard Data Access | Alerts when a select statement is made on Guardium SQL Database. |
52 | GPG13: Guardium SQL Guard Logins | Alerts when a user logs into the Guardium SQL Database. |
53 | GPG13: Guardium SQL Guard Startup or Shutdown | Alerts when the Guardium SQL Database is started or stopped. |
54 | GPG13: HP NonStop Audit Configuration Changed | Alerts when configuration changes are made to the HP NonStop Audit. |
55 | GPG13: HP NonStop Audit Permission Changed | Alerts on HP NonStop Audit permission changed events. |
56 | GPG13: i5/OS Network Profile Changes | Alerts when any changes are made to an i5/OS network profile. |
57 | GPG13: i5/OS Permission or Policy Change | Alerts when policies or permissions are changed on the i5/OS. |
58 | GPG13: i5/OS Server or Service Status Change | Alerts when the i5/OS is restarted or a service stops or starts. |
59 | GPG13: i5/OS Software Updates | Alerts when events related to the i5/OS software updates. |
60 | GPG13: i5/OS User Profile Changes | Alerts when a user profile is changed on the i5/OS. |
61 | GPG13: IBM AIX Password Changed | Alerts when an account password is changed on IBM AIX servers. |
62 | GPG13: Juniper Firewall HA State Change | Alerts when Juniper Firewall has changed its failover state. |
63 | GPG13: Juniper Firewall Logon Failure | Alerts when login attempt to the Juniper Firewall fails. |
64 | GPG13: Juniper Firewall Logon Success | Alerts when login attempt to the Juniper Firewall is successful. |
65 | GPG13: Juniper Firewall Peer Missing | Alerts when a Juniper Firewall HA peer is missing. |
66 | GPG13: Juniper Firewall Policy Changes | Alerts when Juniper Firewall configuration is changed. |
67 | GPG13: Juniper Firewall Policy Out of Sync | Alerts when the Juniper Firewall's policy is out of sync. |
68 | GPG13: Juniper Firewall System Reset | Alerts when the Juniper Firewall has been reset to system default. |
69 | GPG13: Juniper VPN Policy Change | Alerts when Juniper VPN policy or configuration change. |
70 | GPG13: Logins Failed | Alerts when login failures are over the defined threshold. |
71 | GPG13: Logins Succeeded | Alerts when successful logins are over the defined threshold. |
72 | GPG13: LogLogic Disk Full | Alerts when the LogLogic appliance's disk is near full. |
73 | GPG13: LogLogic DSM Configuration Changes | Alerts when a configuration is changed on LogLogic DSM database. |
74 | GPG13: LogLogic DSM Data Access | Alerts when a select statement is made on LogLogic DSM database. |
75 | GPG13: LogLogic DSM Logins | Alerts when a user logs into the LogLogic DSM database. |
76 | GPG13: LogLogic DSM Startup or Shutdown | Alerts when the LogLogic DSM database is started or stopped. |
77 | GPG13: LogLogic File Retrieval Errors | Alerts when problems are detected during log file retrieval. |
78 | GPG13: LogLogic Management Center Backed Up or Restored | Alerts on backup and restore events to the LogLogic management center. |
79 | GPG13: LogLogic Management Center Passwords Changed | Alerts when users have changed their passwords. |
80 | GPG13: LogLogic Management Center Upgrade Succeeded | Alerts for successful events related to the system's upgrade. |
81 | GPG13: LogLogic Message Routing Errors | Alerts when problems are detected during message forwarding. |
82 | GPG13: LogLogic Universal Collector Configuration Changed | Alerts when configuration changes are made to the LogLogic universal collector. |
83 | GPG13: Microsoft Operations Manager - Permissions Changed | Alerts when user or group permissions have been changed. |
84 | GPG13: Microsoft Operations Manager - Windows Passwords Changed | Alerts when users have changed their passwords. |
85 | GPG13: Microsoft Operations Manager - Windows Policies Changed | Alerts when Windows policies changed. |
86 | GPG13: Microsoft Sharepoint Content Deleted | Alerts on Microsoft Sharepoint content deleted events. |
87 | GPG13: Microsoft Sharepoint Content Updated | Alerts on Microsoft Sharepoint content updated events. |
88 | GPG13: Microsoft Sharepoint Permission Changed | Alerts on Microsoft Sharepoint permission changed events. |
89 | GPG13: Microsoft Sharepoint Policies Added, Removed, Modified | Alerts on Microsoft Sharepoint policy additions, deletions, and modifications. |
90 | GPG13: Microsoft SQL Server Backup Failed | Alerts when Microsoft SQL Server backup process has failed. |
91 | GPG13: Microsoft SQL Server Restore Failed | Alerts when Microsoft SQL Server restore process failed. |
92 | GPG13: Microsoft SQL Server Shutdown | Alerts when Microsoft SQL Server has been shutdown. |
93 | GPG13: Neoteris Files Accessed | Identifies all files being accessed through the Juniper SSL VPN. |
94 | GPG13: NetApp Authentication Failure | Alerts when NetApp authentication failure events occur. |
95 | GPG13: NetApp Bad File Handle | Alerts when a bad file handle is detected on a NetApp device. |
96 | GPG13: NetApp Bootblock Update | Alerts when the bootblock has been updated on a NetApp Filer. |
97 | GPG13: NetApp Filer Audit Policies Changed | Alerts when NetApp Filer Audit policies changed. |
98 | GPG13: NetApp Filer Disk Failure | Alerts when a disk fails on a NetApp Filer. |
99 | GPG13: NetApp Filer Disk Inserted | Alerts when a disk is inserted into the NetApp Filer. |
100 | GPG13: NetApp Filer Disk Missing | Alerts when a disk is missing on the NetApp Filer device. |
101 | GPG13: NetApp Filer Disk Pulled | Alerts when a RAID disk has been pulled from the Filer device. |
102 | GPG13: NetApp Filer Disk Scrub Suspended | Alerts when the disk scrubbing process has been suspended. |
103 | GPG13: NetApp Filer File System Full | Alerts when the file system is full on the NetApp Filer device. |
104 | GPG13: NetApp Filer NIS Group Update | Alerts when the NIS group has been updated on the Filer device. |
105 | GPG13: NetApp Filer Snapshot Error | Alerts when an error has been detected during a NetApp Filer snapshot. |
106 | GPG13: NetApp Filer Unauthorized Mounting | Alerts when an unauthorized mount event occurs. |
107 | GPG13: Oracle Database Configuration Change | Alerts when an ALTER or an UPDATE command is executed on Oracle DBs. |
108 | GPG13: Oracle Database Data Access | Alerts when Oracle tables are accessed. |
109 | GPG13: Oracle Database Permissions Changed | Alerts when permissions are changed on Oracle databases. |
110 | GPG13: Oracle Database Shutdown | Alerts when an Oracle database is shutdown. |
111 | GPG13: Oracle Database User Added or Deleted | Alerts when a user is added or deleted from an Oracle database. |
112 | GPG13: Policy Violation | Alerts when the firewall policy is violated. |
113 | GPG13: RACF Files Accessed | Alerts when files are accessed on the RACF servers. |
114 | GPG13: RACF Passwords Changed | Alerts when users have changed their passwords. |
115 | GPG13: RACF Permissions Changed | Alerts when user or group permissions have been changed. |
116 | GPG13: RACF Process Started | Alerts whenever a process is run on a RACF server. |
117 | GPG13: Sidewinder Configuration Changed | Alerts when configuration changes are made to the Sidewinder. |
118 | GPG13: Sybase ASE Database Backed Up or Restored | Alerts on backup and restore events to the Sybase ASE Database. |
119 | GPG13: Sybase ASE Database Config Changes | Alerts on Sybase ASE Database configuration change events. |
120 | GPG13: Sybase ASE Database Data Access | Alerts on Sybase ASE Database data access events. |
121 | GPG13: Sybase ASE Database Started | Alerts on Sybase ASE Database start events. |
122 | GPG13: Sybase ASE Database Stopped | Alerts on Sybase ASE Database stop events. |
123 | GPG13: Symantec Endpoint Protection Configuration Changed | Alerts when configuration changes are made to the Symantec Endpoint Protection. |
124 | GPG13: Symantec Endpoint Protection Policy Add, Delete, Modify | Alerts on Symantec Endpoint Protection additions, deletions, and modifications. |
125 | GPG13: System Anomalies | Detects and alerts any anomalies based on past log patterns. |
126 | GPG13: System Restarted | Alerts when systems such as routers and switches have restarted. |
127 | GPG13: TIBCO ActiveMatrix Administrator Permission Changed | Alerts on TIBCO ActiveMatrix Administrator permission changed events. |
128 | GPG13: vCenter Create Virtual Machine | Alerts when virtual machine has been created from VMware vCenter console. |
129 | GPG13: vCenter Data Move | Alerts when entity has been moved within the VMware vCenter infrastructure. |
130 | GPG13: vCenter Datastore Event | Alerts on create, modify, and delete datastore events on VMware vCenter. |
131 | GPG13: vCenter Delete Virtual Machine | Alerts when a virtual machine has been deleted or removed from VMware vCenter console. |
132 | GPG13: vCenter Firewall Policy Change | Alerts when changes to the VMware ESX allowed services firewall policy. |
133 | GPG13: vCenter Orchestrator Create Virtual Machine | Alerts when a virtual machine has been created from VMware vCenter Orchestrator console. |
134 | GPG13: vCenter Orchestrator Data Move | Alerts when an entity is moved within the VMware vCenter Orchestrator infrastructure. |
135 | GPG13: vCenter Orchestrator Datastore Events | Alerts on create, modify, and delete datastore events on VMware vCenter Orchestrator. |
136 | GPG13: vCenter Orchestrator Delete Virtual Machine | Alerts when a virtual machine has been deleted or removed from VMware vCenter Orchestrator console. |
137 | GPG13: vCenter Orchestrator Login Failed | Alerts when logins to the VMware vCenter Orchestrator console fail. |
138 | GPG13: vCenter Orchestrator Virtual Machine Shutdown | Alerts when a virtual machine has been shutdown or paused from VMware vCenter Orchestrator console. |
139 | GPG13: vCenter Orchestrator Virtual Machine Started | Alerts when a virtual machine has been started or resumed from VMware vCenter Orchestrator console. |
140 | GPG13: vCenter Orchestrator vSwitch Add, Modify or Delete | Alerts when a vSwitch on VMware ESX server has been added, modified or removed from vCenter Orchestrator. |
141 | GPG13: vCenter Permission Change | Alerts when a permission role has been added, changed, removed, or applied on VMware vCenter. |
142 | GPG13: vCenter Restart ESX Services | Alerts when VMware vCenter restarted services running on VMware ESX Server. |
143 | GPG13: vCenter Shutdown or Restart ESX | Alerts when VMware ESX Server is shutdown from vCenter console. |
144 | GPG13: vCenter User Login Failed | Alerts on failed logins to the VMware vCenter console. |
145 | GPG13: vCenter User Login Successful | Alerts on successful logins to the VMware vCenter console. |
146 | GPG13: vCenter Virtual Machine Shutdown | Alerts when virtual machine has been shutdown or paused from VMware vCenter console. |
147 | GPG13: vCenter Virtual Machine Started | Alerts when virtual machine has been started or resumed from VMware vCenter console. |
148 | GPG13: vCenter vSwitch Add, Modify or Delete | Alert when vSwitch on VMware ESX server has been added, modified or removed from vCenter. |
149 | GPG13: vCloud Director Login Failed | Alerts on failed logins to the VMware vCloud Director console. |
150 | GPG13: vCloud Director Login Success | Alerts on successful logins to the VMware vCloud Director console. |
151 | GPG13: vCloud Organization Created | Alerts when organization successfully created on VMware vCloud Director. |
152 | GPG13: vCloud Organization Deleted | Alerts when organization successfully deleted on VMware vCloud Director. |
153 | GPG13: vCloud Organization Modified | Alerts when organization successfully modified on VMware vCloud Director. |
154 | GPG13: vCloud User Created | Alerts when a user successfully created on VMware vCloud Director. |
155 | GPG13: vCloud User, Group, or Role Modified | Alerts when VMware vCloud Director user, group, or role has been modified. |
156 | GPG13: vCloud vApp Created, Deleted, or Modified | Alerts when VMware vCloud Director vApp has been created, deleted, or modified. |
157 | GPG13: vCloud vDC Created, Modified, or Deleted | Alerts when VMware vCloud Director Virtual Datacenters have been created, deleted, or modified. |
158 | GPG13: vShield Edge Configuration Change | Alerts when configuration changes to VMware vShield Edge policies. |
159 | GPG13: Windows Audit Log Cleared | Alerts when audit logs on Windows servers have been cleared. |
160 | GPG13: Windows Files Accessed | Show files accessed on the Windows servers. |
161 | GPG13: Windows Passwords Changed | Alerts when users have changed their passwords. |
162 | GPG13: Windows Permissions Changed | Alerts when user or group permissions have been changed. |
163 | GPG13: Windows Policies Changed | Alerts when Windows policies have been changed. |
164 | GPG13: Windows Programs Accessed | Alerts when a program is accessed on a Windows server. |
165 | GPG13: System Restarted | Alerts when system has been restarted. |
166 | GPG13: Windows Software Updates | Alerts when events related to the Windows' software updates. |
167 | GPG13: Windows Software Updates Failed | Alerts when failed events related to the software updates. |
168 | GPG13: Windows Software Updates Succeeded | Alerts for successful events related to the software updates. |
169 | GPG13: Anomalous IDS Alert | Alerts when IDS anomalies are above or below defined threshold. |
170 | GPG13: Pulse Connect Secure Policy Change Alert | Displays alert when Pulse Connect Secure policy or configuration change |
Copyright © Cloud Software Group, Inc. All rights reserved.