Nsure Audit Events

This file contains a listing of all NsureTM Audit events logged by the logger (Nsure Audit).

EventID Description Text1 Title Text2 Title Value1 Title Value1 Type Value2 Title Value2 Type Group Title Group Type Data Title Data Type Display Schema. See  Display Schema Variables for details.
10001 Heartbeat Generated [$TC] $SO: A Heartbeat event was generated\r\n
10002 License Warning Message Message Message [$TC] $SO: $SS\r\n
10003 Application Container Used Container Active B [$TC] $SO: Application container $SS (Active: $B1) was used\r\n
10004 Application Allowed Application Active B [$TC] $SO: Application $SS allowed  (Active: $B1)\r\n
10005 Application Failed Application [$TC] $SO: Application $SS failed to load\r\n
10006 Channel Loaded Object Active B [$TC] $SO: Channel $SS (Active: $B1) was loaded\r\n
10007 Driver Failed Path  Driver Name Error Code n [$TC] $SO: Driver $ST (Path: $SS) failed to load
10008 Default Log Channel Driver Object DN [$TC] $SO: The default log channel is $SS\r\n
10009 Log Channel Failed Driver Object DN [$TC] $SO: Log Channel $SS failed to load\r\n
0001000A Out of Memory File Size N [$TC] $SO: Failed to alloc $N1 in $SS \r\n
0001000B Server Unload Attempt [$TC] $SO: An attempt was made to unload the server\r\n
0001000C Server Unloaded [$TC] $SO: The server was unloaded\r\n
0001000E Channel Container Used Container Active B [$TC] $SO: Channel container $SS (Active: $B1) was used\r\n
0001000F Notification Container Used Container Active B [$TC] $SO: Notification container $SS (Active: $B1) was used\r\n
10010 Notification Loaded Object Active B [$TC] $SO: Notification $SS (Active: $B1) was loaded\r\n
10011 Bad Notification Object Bad Rule [$TC] $SO: A bad notification ($ST) was detected on Notification $SS\r\n
10012 Heartbeat Loaded Object Active B [$TC] $SO: Heartbeat $SS (Active: $B1) was loaded\r\n
10013 Bad Heartbeat Object Bad Rule [$TC] $SO: A bad heartbeat rule ($ST) was detected on Heartbeat $SS\r\n

Display Schema Variables

The following variables are used to extract values from an event when it is displayed using the template in the display schema field. Variables are constructed by specifying a $ character, followed by a two character code representing the variable format and value. For example:

$FV

Possible values for the variable format (F) and variable value (V) are as follows:

Format (F):
T - Time (UTC localized)
D - Date (UTC localized)
N - Number (32bit unsigned)
n - Number (32bit signed)
S - String
X - Hexadecimal Number
R - RFC822 format date/time
I - IPv4 Internet Address (network order)
i - IPv4 Internet Address (host order)
B - Boolean (Yes/No)
b - Boolean (True/False)
 
Value (V):
R - Source IP Address
C - Platform Agent Date
A - Audit Service Date
B - Originator
H - Originator Type
U - Target
V - Target Type
Y - SubTarget
1 - Numerical value 1
2 - Numerical value 2
3 - Numerical value 3
S - Text 1
T - Text 2
F - Text 3
O - Component
G - Group ID
I - Event ID
L - Log Level
M - MIME Hint
X - Data Size
D - Data