# |
Test Name |
Result Details |
11 |
Test presence of CollPack |
|
12 |
Test presence of EULA in collpack |
|
21 |
Verify single default CONNECTION METHOD |
Found 1 nodes:
-- NODE --
LEA |
22 |
Ensure all taxonomy is valid |
Line
TaxonomyKey,Target,SubTarget,Action,SubAction,XDASTaxonomy,XDASOutcome
in cp-taxonomy.map had problems: | Target unrecognized | SubAction
unrecognizedLine
TaxonomyKey,Target,SubTarget,Action,SubAction,XDASTaxonomy,XDASOutcome
in taxonomy.map had problems: | Target unrecognized | SubAction
unrecognized |
24 |
Verify DeviceName with RV31 |
|
28 |
Verify Collector Pack UUID Conflict |
UUID is not unique or is not valid |
29 |
Verify Collector Pack Controls |
Control 'Global Setup' is not found in package.xml
Control 'Dashboard Status' is not found in package.xml
Control 'Implementation Audit Trail' is not found in package.xml
Control 'Event Trends' not found in package.xml
Control 'Collector Management' is not found in package.xml |
31 |
All events should have DeviceEventTime, DeviceEventTimeString, EventName, Message, Severity |
41 events matched test criteria:<br/>The following events
failed this test:<br/>Line 23: et=; evt=Check Point Firewall
Event; xdastaxname=; msg=LogFileName="fw.log" LogFileID="1246498632"
LogRecNum="29489" time=" 1Jul2009 11:08:56" orig="10.1.100.102"
i/f_dir="inbound" has_accounting="0" product="SmartDefense"
__policy_id_tag="product=VPN-1 &
FireWall-1[db_tag={44A2F4E8-B906-4933-9516-BB606AEEF1C5};mgmt=smartcenter;date=1245313733;policy_name=AutoGenConnectraPolicy]"
Memory consumption="11% - 38MB out of 351MB" Capacity
notification="Connections table capacity has exceeded 80%" Aggressive
aging status="Active" Connections table capacity="80% - 19920 out of
24900<br/>Line 25: et=; evt=Check Point Firewall Event;
xdastaxname=; msg=LogFileName="fw.log" LogFileID="1243467892"
LogRecNum="65587" time="15Jun2009 17:34:52" orig="securview"
i/f_dir="inbound" has_accounting="0" product="SmartDefense"
__policy_id_tag="product=VPN-1 &
FireWall-1[db_tag={DAA07925-C72B-403F-BF96-2D69DED567B2};mgmt=smartcenter;date=1245140353;policy_name=AutoGenConnectraPolicy]"
Memory consumption="9% - 34MB out of 351MB" Capacity
notification="Connections table capacity has exceeded 80%" Aggressive
aging status="Active" Connections table capacity="80% - 19920 out of
24900 |
32 |
All events should have an Observer IP or hostname |
41 events matched test criteria:<br/>The following events
failed this test:<br/>Line 23: et=; evt=Check Point Firewall
Event; xdastaxname=; msg=LogFileName="fw.log" LogFileID="1246498632"
LogRecNum="29489" time=" 1Jul2009 11:08:56" orig="10.1.100.102"
i/f_dir="inbound" has_accounting="0" product="SmartDefense"
__policy_id_tag="product=VPN-1 &
FireWall-1[db_tag={44A2F4E8-B906-4933-9516-BB606AEEF1C5};mgmt=smartcenter;date=1245313733;policy_name=AutoGenConnectraPolicy]"
Memory consumption="11% - 38MB out of 351MB" Capacity
notification="Connections table capacity has exceeded 80%" Aggressive
aging status="Active" Connections table capacity="80% - 19920 out of
24900<br/>Line 25: et=; evt=Check Point Firewall Event;
xdastaxname=; msg=LogFileName="fw.log" LogFileID="1243467892"
LogRecNum="65587" time="15Jun2009 17:34:52" orig="securview"
i/f_dir="inbound" has_accounting="0" product="SmartDefense"
__policy_id_tag="product=VPN-1 &
FireWall-1[db_tag={DAA07925-C72B-403F-BF96-2D69DED567B2};mgmt=smartcenter;date=1245140353;policy_name=AutoGenConnectraPolicy]"
Memory consumption="9% - 34MB out of 351MB" Capacity
notification="Connections table capacity has exceeded 80%" Aggressive
aging status="Active" Connections table capacity="80% - 19920 out of
24900 |
33 |
All events should report the Collector name and UUID |
41 events matched test criteria:<br/>All events passed. |
401 |
Account events (create, delete, modify, enable, disable, change password) should have InitUserName |
0 events matched test criteria:<br/> |
402 |
Account events (create, delete, modify, enable, disable, change password) should have TargetUserName |
0 events matched test criteria:<br/> |
403 |
All account queries should have TargetUserName |
0 events matched test criteria:<br/> |
404 |
User Login events should have TargetUserName |
3 events matched test criteria:<br/>The following events
failed this test:<br/>Line 8: et=Wed Jun 10 2009 03:18:11 GMT-0400
(EDT); evt=Log In - Failure; xdastaxname=XDAS_AE_AUTHENTICATE_ACCOUNT;
msg=Log In Administrator failed to log in: Wrong Password<br/>Line
9: et=Wed Jun 10 2009 03:19:03 GMT-0400 (EDT); evt=Log In - Success;
xdastaxname=XDAS_AE_AUTHENTICATE_ACCOUNT; msg=Log In Authentication
method: Password based application token<br/>Line 22: et=Wed Jul
01 2009 11:04:58 GMT-0400 (EDT); evt=Login Success;
xdastaxname=XDAS_AE_AUTHENTICATE_ACCOUNT; msg=Success Internal Password |
405 |
User Logout should have InitUserName |
3 events matched test criteria:<br/>The following events
failed this test:<br/>Line 6: et=Wed Jun 10 2009 03:17:30 GMT-0400
(EDT); evt=Log Out; xdastaxname=XDAS_AE_TERMINATE_SESSION; msg=Log
Out<br/>Line 10: et=Wed Jun 10 2009 03:19:03 GMT-0400 (EDT);
evt=Log Out; xdastaxname=XDAS_AE_TERMINATE_SESSION; msg=Log
Out<br/>Line 12: et=Wed Jun 10 2009 03:20:24 GMT-0400 (EDT);
evt=Log Out; xdastaxname=XDAS_AE_TERMINATE_SESSION; msg=Log Out |
411 |
Trust events (create, delete, modify) should have InitUserName |
1 events matched test criteria:<br/>The following events
failed this test:<br/>Line 21: et=Thu Jun 18 2009 04:00:42
GMT-0400 (EDT); evt=keyinst; xdastaxname=XDAS_AE_CREATE_TRUST;
msg=keyinst |
412 |
Trust events (create, delete, modify) should have TargetTrustName |
1 events matched test criteria:<br/>The following events
failed this test:<br/>Line 21: et=Thu Jun 18 2009 04:00:42
GMT-0400 (EDT); evt=keyinst; xdastaxname=XDAS_AE_CREATE_TRUST;
msg=keyinst |
413 |
Trust events (query) should have TargetTrustName |
0 events matched test criteria:<br/> |
414 |
Trust events (associate, deassociate) should have InitUserName |
0 events matched test criteria:<br/> |
415 |
Trust events (associate, deassociate) should have TargetTrustName and TargetUserName |
0 events matched test criteria:<br/> |
416 |
Resource access to trust (grant, revoke) should have InitUserName |
0 events matched test criteria:<br/> |
417 |
Resource access to trust (grant, revoke) should have TargetTrustName and TargetDataName |
0 events matched test criteria:<br/> |
418 |
Resource access to user (grant, revoke) should have InitUserName |
0 events matched test criteria:<br/> |
419 |
Resource access to user (grant, revoke) should have TargetUserName and TargetDataName |
0 events matched test criteria:<br/> |
421 |
DataItem events (create, delete, modify) should have InitUserName |
0 events matched test criteria:<br/> |
422 |
DataItem events (create, delete, modify) should have TargetDataName |
0 events matched test criteria:<br/> |
423 |
DataItem events (open, close, modify, query) should have InitUserName |
0 events matched test criteria:<br/> |
424 |
DataItem events (open, close, modify, query) should have TargetDataName |
0 events matched test criteria:<br/> |
425 |
DataItem query attributes event should have TargetDataName |
0 events matched test criteria:<br/> |
431 |
Session Modification events should have InitUserName |
0 events matched test criteria:<br/> |
441 |
System events (start, shutdown) should have InitUserName |
0 events matched test criteria:<br/> |
442 |
System events (start, shutdown) should have TargetHostName or TargetIP |
0 events matched test criteria:<br/> |
443 |
Service events (install, remove, enable, disable, invoke, terminate, config, modify) should have InitUserName |
16 events matched test criteria:<br/>The following events
failed this test:<br/>Line 2: et=Wed Jun 10 2009 03:17:29 GMT-0400
(EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=Create Object SOULSEEK<br/>Line 3: et=Wed Jun 10 2009 03:17:29
GMT-0400 (EDT); evt=Create Object;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object
SSH_WRONG_PORTS<br/>Line 4: et=Wed Jun 10 2009 03:17:29 GMT-0400
(EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=Create Object MSExchangeDatabase<br/>Line 5: et=Wed Jun 10
2009 03:17:29 GMT-0400 (EDT); evt=Create Object;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object
A510532FC-B1E6-4AB4-A447-89CA624D5F6B<br/>Line 7: et=Wed Jun 10
2009 03:17:30 GMT-0400 (EDT); evt=Modify Object;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Modify Object
ASMPostInstallProcedures<br/>Line 13: et=Wed Jun 10 2009 03:31:12
GMT-0400 (EDT); evt=Create Object;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object
Standard<br/>Line 14: et=Wed Jun 10 2009 03:31:12 GMT-0400 (EDT);
evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create
Object Standard<br/>Line 15: et=Wed Jun 10 2009 03:39:21 GMT-0400
(EDT); evt=Modify Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=Modify Object connectra_global_properties<br/>Line 16: et=Wed
Jun 10 2009 03:39:43 GMT-0400 (EDT); evt=Modify Object;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Modify Object
securview<br/>Line 17: et=Wed Jun 10 2009 04:12:50 GMT-0400 (EDT);
evt=Install Policy; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=Install Policy securview<br/>Line 18: et=Thu Jun 18 2009
03:48:45 GMT-0400 (EDT); evt=ctl;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl<br/>Line 32:
et=Wed May 27 2009 19:44:52 GMT-0400 (EDT); evt=ctl;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl installed
defaultfilter<br/>Line 33: et=Wed May 27 2009 22:14:17 GMT-0400
(EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=ctl<br/>Line 34: et=Wed May 27 2009 19:44:52 GMT-0400 (EDT);
evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl installed
defaultfilter<br/>Line 35: et=Mon Jun 15 2009 18:05:40 GMT-0400
(EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=ctl<br/>Line 36: et=Mon Jun 15 2009 16:24:39 GMT-0400 (EDT);
evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl |
444 |
Service events (install, remove, enable, disable, invoke, terminate, config, modify) should have TargetServiceName |
16 events matched test criteria:<br/>The following events
failed this test:<br/>Line 2: et=Wed Jun 10 2009 03:17:29 GMT-0400
(EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=Create Object SOULSEEK<br/>Line 3: et=Wed Jun 10 2009 03:17:29
GMT-0400 (EDT); evt=Create Object;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object
SSH_WRONG_PORTS<br/>Line 4: et=Wed Jun 10 2009 03:17:29 GMT-0400
(EDT); evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=Create Object MSExchangeDatabase<br/>Line 5: et=Wed Jun 10
2009 03:17:29 GMT-0400 (EDT); evt=Create Object;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object
A510532FC-B1E6-4AB4-A447-89CA624D5F6B<br/>Line 7: et=Wed Jun 10
2009 03:17:30 GMT-0400 (EDT); evt=Modify Object;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Modify Object
ASMPostInstallProcedures<br/>Line 13: et=Wed Jun 10 2009 03:31:12
GMT-0400 (EDT); evt=Create Object;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create Object
Standard<br/>Line 14: et=Wed Jun 10 2009 03:31:12 GMT-0400 (EDT);
evt=Create Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Create
Object Standard<br/>Line 15: et=Wed Jun 10 2009 03:39:21 GMT-0400
(EDT); evt=Modify Object; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=Modify Object connectra_global_properties<br/>Line 16: et=Wed
Jun 10 2009 03:39:43 GMT-0400 (EDT); evt=Modify Object;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=Modify Object
securview<br/>Line 17: et=Wed Jun 10 2009 04:12:50 GMT-0400 (EDT);
evt=Install Policy; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=Install Policy securview<br/>Line 18: et=Thu Jun 18 2009
03:48:45 GMT-0400 (EDT); evt=ctl;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl<br/>Line 32:
et=Wed May 27 2009 19:44:52 GMT-0400 (EDT); evt=ctl;
xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl installed
defaultfilter<br/>Line 33: et=Wed May 27 2009 22:14:17 GMT-0400
(EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=ctl<br/>Line 34: et=Wed May 27 2009 19:44:52 GMT-0400 (EDT);
evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl installed
defaultfilter<br/>Line 35: et=Mon Jun 15 2009 18:05:40 GMT-0400
(EDT); evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG;
msg=ctl<br/>Line 36: et=Mon Jun 15 2009 16:24:39 GMT-0400 (EDT);
evt=ctl; xdastaxname=XDAS_AE_MODIFY_SERVICE_CONFIG; msg=ctl |
445 |
Service events (config, query) should have TargetServiceName |
0 events matched test criteria:<br/> |
451 |
Resource events (backup) should have InitUserName |
1 events matched test criteria:<br/>The following events
failed this test:<br/>Line 11: et=Wed Jun 10 2009 03:19:20
GMT-0400 (EDT); evt=File Retrieved;
xdastaxname=XDAS_AE_RECOVER_DATASTORE; msg=File Retrieved sd_updates |
452 |
Resource events (backup) should have TargetDataName |
1 events matched test criteria:<br/>The following events
failed this test:<br/>Line 11: et=Wed Jun 10 2009 03:19:20
GMT-0400 (EDT); evt=File Retrieved;
xdastaxname=XDAS_AE_RECOVER_DATASTORE; msg=File Retrieved sd_updates |
453 |
Resource events (corrupt, exhaust) should have TargetDataName |
0 events matched test criteria:<br/> |
461 |
All WorkFlow events should have TargetDataName and TargetDataContainer |
0 events matched test criteria:<br/> |
471 |
Malware infected events should have TargetDataName |
0 events matched test criteria:<br/> |
472 |
Malware infected events should have TargetHostName or TargetIP |
0 events matched test criteria:<br/> |