Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Access

 

The access category contains authentication and access controls that are used for monitoring network events.

The following table describes the low-level event categories and associated severity levels for the access category.

Table 1: Low-level Categories and Severity Levels for the Access Events Category

Low-level event category

Category ID

Description

Severity level (0 - 10)

Unknown Network Communication Event

4001

Indicates an unknown network communication event.

3

Firewall Permit

4002

Indicates that access to the firewall was allowed.

0

Firewall Deny

4003

Indicates that access to the firewall was denied.

4

Flow Context Response (JSA only)

4004

Indicates events from the Classification Engine in response to a SIM request.

5

Misc Network Communication Event

4005

Indicates a miscellaneous communications event.

3

IPS Deny

4006

Indicates Intrusion Prevention Systems (IPS) denied traffic.

4

Firewall Session Opened

4007

Indicates that the firewall session was opened.

0

Firewall Session Closed

4008

Indicates that the firewall session was closed.

0

Dynamic Address Translation Successful

4009

Indicates that dynamic address translation was successful.

0

No Translation Group Found

4010

Indicates that no translation group was found.

2

Misc Authorization

4011

Indicates that access was granted to a miscellaneous authentication server.

2

ACL Permit

4012

Indicates that an Access Control List (ACL) allowed access.

0

ACL Deny

4013

Indicates that an Access Control List (ACL) denied access.

4

Access Permitted

4014

Indicates that access was allowed.

0

Access Denied

4015

Indicates that access was denied.

4

Session Opened

4016

Indicates that a session was opened.

1

Session Closed

4017

Indicates that a session was closed.

1

Session Reset

4018

Indicates that a session was reset.

3

Session Terminated

4019

Indicates that a session was allowed.

4

Session Denied

4020

Indicates that a session was denied.

5

Session in Progress

4021

Indicates that a session is in progress.

1

Session Delayed

4022

Indicates that a session was delayed.

3

Session Queued

4023

Indicates that a session was queued.

1

Session Inbound

4024

Indicates that a session is inbound.

1

Session Outbound

4025

Indicates that a session is outbound.

1

Unauthorized Access Attempt

4026

Indicates that an unauthorized access attempt was detected.

6

Misc Application Action Allowed

4027

Indicates that an application action was allowed.

1

Misc Application Action Denied

4028

Indicates that an application action was denied.

3

Database Action Allowed

4029

Indicates that a database action was allowed.

1

Database Action Denied

4030

Indicates that a database action was denied.

3

FTP Action Allowed

4031

Indicates that an FTP action was allowed.

1

FTP Action Denied

4032

Indicates that an FTP action was denied.

3

Object Cached

4033

Indicates that an object was cached.

1

Object Not Cached

4034

Indicates that an object was not cached.

1

Rate Limiting

4035

Indicates that the network rate-limits traffic.

4

No Rate Limiting

4036

Indicates that the network does not rate-limit traffic.

0

P11 Access Permitted

4037

Indicates that P11 access is permitted.

8

P11 Access Denied

4038

Indicates that P11 access was attempted and denied.

8

IPS Permit

4039

Indicates an IPS permit.

0

Related Documentation