NETWORK_POLICY_ALERT

Message attributes and sample message of NETWORK_POLICY_ALERT

Message attributes and associated values/description
Name	Value / Description
NetworkPolicy	Network policy name
NetworkDevice	Log source IP address
SrcIP	Message source IP address
SrcPort	Message source port
DestIP	Message destination IP address
DestPort	Message destination port
Protocol	Message protocol
Action	("ACCEPTED" \| "DENIED")

Sample Message

<133> Mar 15 11:35:15 2009 10.1.1.165 %LOGLOGIC-5-050400:
AlertPriority="HIGH" AlertType="NETWORK_POLICY_ALERT" AlertName="PolicyAlert" GeneratedBy="10.1.1.165" ForDevices="10.1.1.95_4" ForDeviceIPs="10.1.1.95" ConfiguredForDevices="10.1.1.95_4,sqajuniperfw.1.10.in-addr.arpa_4
,10.1.1.96_2,10.1.1.240_2" NetworkPolicy="PolicyAlert" NetworkDevice="10.1.1.95" SrcIP="10.100.0.1" SrcPort="0" DestIP="224.0.0.18" DestPort="0" Protocol="icmp" Action="DENIED" AlertableEventsCount="287033"

Next topic: PRE_DEFINED_SEARCH_FILTER_ALERT

Previous topic: MESSAGE_VOLUME_ALERT

Contents

Index

Search Results

NETWORK_POLICY_ALERT

Sample Message