Support User Manuals

Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

66-17

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 66 Viewing Events

Overview of Event Viewer

Table 66-6 Event Viewer Column Descriptions

Column Label Description

AAA Group The AAA group policy.

AAA Server The server that handles user requests for access; it performs

authentication, authorization, and accounting.

AAA User The AAA username.

ACE Hash1

ACE Hash2

The hashcode1 and hashcode2 of the access control list entry (ACE).

Hash codes are required for successful policy lookups from syslog

106023 and 106100 events. These hash codes are available only if you

deployed the configuration using Security Manager.

ACL Name The name or ID of the access control list (ACL).

Action The action performed on the flow. For example: Terminated or denied.

Alert Details The details regarding the alerts.

App Name The name of the application originating the event.

App Stop Reason An explanation of how or why the application was shut down.

App Version The version of the application originating the event.

Attack Relevance Rating A numerical value used to indicate an attack’s relevance to its

destination target or targets.

Backplane Interface The backplane interface, which is identified only when the backplane

interface differs from the physical interface.

Botnet Category The category showing the reason a domain name is blacklisted, for

example, botnet, Trojan, spyware, and so on.

Botnet Domain The domain name or IP address in the dynamic filter database to which

the traffic was initiated. It can be black listed, white listed, or grey

listed.

Build Time The date and time of the software build.

Build Type The type of build. Typically this is a word such as “release” or “debug.”

In some cases, it is the ID of the builder of the application.

Byte Count The number of bytes in the data transfer of the connection.

Call Id The peer’s Call ID for the session to which this packet belongs.

Class Map The class map name.

Connection Duration The lifetime of the connection.

Connection ID A unique identifier for the connection.

Connection Limit The maximum number of connections or sessions.

Connection Termination

Valu e

A factor for which the connection is terminated, for example, incorrect

version or invalid payload-type.

Current Connection Count The number of current connections.

Description For syslogs this shows the raw message, for IPS it shows a description

of the event.

previous next