Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Juniper Sky Advanced Threat Protection RTLOG System Log Messages

    Juniper Sky Advanced Threat Protection generates system log messages with the RTLOG prefix for both successful and failed operations. The following are some example RTLOG system log messages.

    • Server connection established

      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_NETWORK_CONNECT_SUCCESS [junos@2636.1.1.1.2.49 hostname="argon-cloud.juniper.net" ip-address=”10.208.22.10” port="443"] Access host argon-cloud.juniper.net on ip 10.208.22.10 port 443 succeeded.
    • Server connection failed

      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_NETWORK_CONNECT_FAILED [junos@2636.1.1.1.2.49 hostname="argon-cloud.juniper.net" ip-address=”10.208.22.10” port="443"] Access host argon-cloud.juniper.net on ip 10.208.22.10 port 443 timeout.
    • Server authentication failed

      <123>1 2014-08-24T17:41:06.212 SRX RT_AAMW - RT_AAMW_AUTHENTICATION_FAILURE [junos@2636.1.1.1.2.49 hostname="cloud.juniper.net" ip=”10.208.22.10” port="443"] SRX to server cloud.juniper.net 10.208.22.10:443 authentication failed.
      
      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_AUTHENTICATION_FAILURE [junos@2636.1.1.1.2.49 hostname="cloud.juniper.net" ip=”10.208.22.10” port="443"] SRX to server cloud.juniper.net 10.208.22.10:443 authentication failed.
    • Cloud database update events

      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_MAGIC_DB_UPDATE_SUCCESS [junos@2636.1.1.1.2.49 version="11130-2014-01"] Magic db updated to version 8371727388dh1222333234 successfully.
      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_MAGIC_DB_UPDATE_FAILED [junos@2636.1.1.1.2.49 version="11130-2014-01"] Magic db updated failed.
      
    • Sky Advanced Threat Protection policy committed

      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMW_POLICY_COMMITTED [junos@2636.1.1.1.2.49 version="11130-2014-01"] Juniper advanced anti-malware policy committed.
      
      <123>1 2014-08-24T17:41:06.212 SRX RT_AAMW - RT_AAMW_POLICY_COMMITTED [junos@2636.1.1.1.2.49 slot="FPC1.PIC1" version="11130-2014-01"] FPC1.PIC1 Juniper advanced anti-malware policy committed.
    • Sky Advanced Threat Protection profile updated

      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_INSPECT_PROFILE_UPDATE_SUCCESS [junos@2636.1.1.1.2.49 version="1113020141"] Inspection profile updated to version 1113020141 successfully.
      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_INSPECT_PROFILE_UPDATE_SUCCESS [junos@2636.1.1.1.2.49] Inspection profile update failed.
    • Cloud failed to successfully extract the file

      <123>1 2014-08-24T17:41:06.212 SRX RT_AAMW - RT_AAMW_FILE_EXTRACTION_FAILED [junos@2636.1.1.1.2.49 source-address="100.0.0.2" source-port="33981" destination-address="101.0.0.2" destination-port="80" service-name="junos-http" "] Session source-address 100.0.0.2 source-port 33981 destination-address 101.0.0.2 destination-port 80 service junos-http Juniper advanced anti-malware extract file failed.
    • File is outside the minimum and maximum limits defined in the Sky Advanced Threat Protection profile

      <123>1 2014-08-24T17:41:06.212 SRX RT_AAMW - RT_AAMW_FILE_SIZE_LIMIT_NOT_MATCH [junos@2636.1.1.1.2.49 source-address="100.0.0.2" source-port="33981" destination-address="101.0.0.2" destination-port="80" service-name="junos-http" "] Session source-address 100.0.0.2 source-port 33981 destination-address 101.0.0.2 destination-port 80 service junos-http Juniper advanced anti-malware file size (10202002) not match limit.
    • SRX Series device is out of resources

      <123>1 2014-08-24T17:41:06.212 SRX RT_AAMW - RT_AAMW_OUT_OF_RESOURCE [junos@2636.1.1.1.2.49 slot="FPC1.PIC1"] FPC1.PIC1 out of resource happened.
    • SRX Series device has too many concurrent sessions

      <123>1 2014-08-24T17:41:06.212 SRX RT_AAMW - RT_AAMW_OVERLOAD_REQUESTS [junos@2636.1.1.1.2.49 slot="FPC1.PIC1”] FPC1.PIC1 overload requests.
    • Sky Advanced Threat Protection cloud verdict timed out

      <123>1 2014-08-24T17:41:06.212 SRX RT_AAMW - RT_AAMW_VERDICT_TIMEOUT_EXCEEDED [junos@2636.1.1.1.2.49 source-address="100.0.0.2" source-port="33981" destination-address="101.0.0.2" destination-port="80" service-name="junos-http"] Verdict timeout for session source-address 100.0.0.2 source-port 33981 destination-address 101.0.0.2 destination-port 80 service junos-http.
    • Sky Advanced Threat Protection whitelist and blacklist events

      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_GWL_UPDATE_SUCCESS [junos@2636.1.1.1.2.49 version="1113020141"] Global whitelist updated to version 1113020141 successfully.
      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_GWL_UPDATE_FAILED [junos@2636.1.1.1.2.49] Global whitelist update failed.
      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_GBL_UPDATE_SUCCESS [junos@2636.1.1.1.2.49 version="1113020141"] Global blacklist updated to version 1113020141 successfully.
      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_GBL_UPDATE_FAILED [junos@2636.1.1.1.2.49] Global blacklist update failed.
      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_CWL_UPDATE_SUCCESS [junos@2636.1.1.1.2.49 version="1113020141"] Custom whitelist updated to version 1113020141 successfully.
      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_CWL_UPDATE_FAILED [junos@2636.1.1.1.2.49] Custom whitelist update failed.
      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_CBL_UPDATE_SUCCESS [junos@2636.1.1.1.2.49 version="1113020141"] Custom blacklist updated to version 1113020141 successfully.
      <123>1 2014-08-24T17:41:06.212 SRX AAMWD - AAMWD_CBL_UPDATE_FAILED [junos@2636.1.1.1.2.49] Custom blacklist update failed.

    Modified: 2018-05-16