Nsure Audit Events
This file contains a listing of all NsureTM Audit events logged by the logger (Nsure Audit).
EventID | Description | Text1 Title | Text2 Title | Value1 Title | Value1 Type | Value2 Title | Value2 Type | Group Title | Group Type | Data Title | Data Type | Display Schema. See Display Schema Variables for details. |
10001 | Heartbeat Generated | [$TC] $SO: A Heartbeat event was generated\r\n | ||||||||||
10002 | License Warning | Message | Message | Message | [$TC] $SO: $SS\r\n | |||||||
10003 | Application Container Used | Container | Active | B | [$TC] $SO: Application container $SS (Active: $B1) was used\r\n | |||||||
10004 | Application Allowed | Application | Active | B | [$TC] $SO: Application $SS allowed (Active: $B1)\r\n | |||||||
10005 | Application Failed | Application | [$TC] $SO: Application $SS failed to load\r\n | |||||||||
10006 | Channel Loaded | Object | Active | B | [$TC] $SO: Channel $SS (Active: $B1) was loaded\r\n | |||||||
10007 | Driver Failed | Path | Driver Name | Error Code | n | [$TC] $SO: Driver $ST (Path: $SS) failed to load | ||||||
10008 | Default Log Channel | Driver Object DN | [$TC] $SO: The default log channel is $SS\r\n | |||||||||
10009 | Log Channel Failed | Driver Object DN | [$TC] $SO: Log Channel $SS failed to load\r\n | |||||||||
0001000A | Out of Memory | File | Size | N | [$TC] $SO: Failed to alloc $N1 in $SS \r\n | |||||||
0001000B | Server Unload Attempt | [$TC] $SO: An attempt was made to unload the server\r\n | ||||||||||
0001000C | Server Unloaded | [$TC] $SO: The server was unloaded\r\n | ||||||||||
0001000E | Channel Container Used | Container | Active | B | [$TC] $SO: Channel container $SS (Active: $B1) was used\r\n | |||||||
0001000F | Notification Container Used | Container | Active | B | [$TC] $SO: Notification container $SS (Active: $B1) was used\r\n | |||||||
10010 | Notification Loaded | Object | Active | B | [$TC] $SO: Notification $SS (Active: $B1) was loaded\r\n | |||||||
10011 | Bad Notification | Object | Bad Rule | [$TC] $SO: A bad notification ($ST) was detected on Notification $SS\r\n | ||||||||
10012 | Heartbeat Loaded | Object | Active | B | [$TC] $SO: Heartbeat $SS (Active: $B1) was loaded\r\n | |||||||
10013 | Bad Heartbeat | Object | Bad Rule | [$TC] $SO: A bad heartbeat rule ($ST) was detected on Heartbeat $SS\r\n |
The following variables are used to extract values from an event when it is displayed using the template in the display schema field. Variables are constructed by specifying a $ character, followed by a two character code representing the variable format and value. For example:
$FV
Possible values for the variable format (F) and variable value (V) are as follows:
Format (F): |
T - Time (UTC localized) |
D - Date (UTC localized) |
N - Number (32bit unsigned) |
n - Number (32bit signed) |
S - String |
X - Hexadecimal Number |
R - RFC822 format date/time |
I - IPv4 Internet Address (network order) |
i - IPv4 Internet Address (host order) |
B - Boolean (Yes/No) |
b - Boolean (True/False) |
Value (V): |
R - Source IP Address |
C - Platform Agent Date |
A - Audit Service Date |
B - Originator |
H - Originator Type |
U - Target |
V - Target Type |
Y - SubTarget |
1 - Numerical value 1 |
2 - Numerical value 2 |
3 - Numerical value 3 |
S - Text 1 |
T - Text 2 |
F - Text 3 |
O - Component |
G - Group ID |
I - Event ID |
L - Log Level |
M - MIME Hint |
X - Data Size |
D - Data |