Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Juniper Mist Alert Types

Juniper Mist™ provides various alerts that you can enable to track ongoing issues.

Certificate Alerts

Note: Certificate alerts are available when you select Entire Org as the scope at the top of the Alerts Configuration page.
Table 1: Certificate Alerts by Severity
Severity Alert Name
Critical (red icon)

Mist Access Assurance CA Certificate Expired

Mist Access Assurance Server Certificate Expired

NAC Portal IdP Certificate Expired

PSK Portal IdP Certificate Expired

RadSec CA Certificate Expired

RadSec Device Certificate Expired

SSO IdP Certificate Expired

SSO LDAP CA Certificate Expired

SSO LDAP Client Certificate Expired

WLAN SSO IdP Certificate Expired
Warning (orange icon)

Mist Access Assurance CA Certificate Expiring

Mist Access Assurance Server Certificate Expiring

NAC Portal IdP Certificate Expiring

PSK Portal IdP Certificate Expiring

RadSec CA Certificate Expiring

RadSec Device Certificate Expiring

SSO IdP Certificate Expiring

SSO LDAP CA Certificate Expiring

SSO LDAP Client Certificate Expiring

WLAN SSO IdP Certificate Expiring

Infrastructure Alerts

Infrastructure alerts are for events that involve servers and protocols that can potentially affect a large number of clients. For example, an unreachable Domain Name System (DNS) or a bad power supply on a switch can affect a large number of clients and a large amount of traffic.

Table 2: Infrastructure Alerts by Severity
Severity Alert Name
Critical (red icon) ARP Failure
DHCP Failure
DNS Failure
Mist Edge Fan Unplugged
Mist Edge cpu usage high
Mist Edge disconnected from cloud
Mist Edge disk usage high
Mist Edge memory usage high
Mist Edge power input disconnected
Mist Edge service failed to start
Mist Edge unplugged from power
Switch Fan Alarm
Switch IP Conflict Detected
Switch MAC Limit Exceeded
Switch OSPF Neighbor Down

Switch port loop detected
Switch POE Controller Device Failure
Virtual Chassis - Backup Member Elected
Virtual Chassis - New device elected for Active Role
Virtual Chassis Member Deleted
Virtual Chassis Port Down
WAN Edge Chassis Hot
Informational (blue icon) AP restarted
BGP Neighbor State Changed
BGP Neighbor Up
Cellular Edge Connected to NCM
Cellular Edge Disconnected from NCM
Cellular Edge Firmware Upgraded
Cellular Edge Login Failure
Cellular Edge Login Success
Cellular Edge Rebooted
Cellular Edge SIM Door Closed
Cellular Edge SIM Door Opened
Cellular Edge WAN Cellular Connected
Cellular Edge WAN Cellular Service Type Changed
Cellular Edge WAN Ethernet Connected
Cellular Edge WAN Ethernet Plugged
Cellular Edge WAN MTU Low
Cradlepoint incident identified
Cradlepoint incident investigation started
Cradlepoint incident resolved
Cradlepoint maintenance completed
Cradlepoint maintenance scheduled
Cradlepoint maintenance started
Critical Switch Port Up
Note:

If you enable this alert, also identify the critical ports in the switch configuration. In your switch template, go to Select Switches Configuration, select the rule to edit, select the port range, and then select Enable critical alerts. For help, see Juniper Mist Wired Assurance Configuration Guide.
Critical WAN Edge Port Up
Note:

If you enable this alert, also update the WAN or LAN configuration to identify the critical ports. In your WAN Edge template, select the WAN or LAN configuration, go to Interface, enter the ports, and then select Enable critical alerts. For help, see Juniper Mist WAN Assurance Configuration Guide.
Fpc Management Ethernet Link Down Clear
Inactive vlan(s) detected on tunnel port
Mist Edge connected to cloud
Mist Edge cpu usage normal
Mist Edge disk usage normal
Mist Edge memory usage normal
Mist Edge plugged to power
Mist Edge power input connected
Mist Edge upgrade completed
New tunnel(s) formed
Switch Fan Alarm Clear
Switch High Humidity Clear
Switch High Temperature Clear

Switch OSPF Neighbor Up
Switch PEM Alarm CLEAR
Switch PoE Alarm Clear
Switch Power Supply Alarm Clear
Switch Radius Server Unresponsive
Switch Storage Partition Alarm Clear
Switch restarted
Tunnel Monitored resource reachability restored
Virtual Chassis Member Added
Virtual Chassis Port Up
WAN Edge Chassis Hot Cleared
WAN Edge Chassis Warm Clear
WAN Edge Flow Count Returned to Normal
WAN Edge Forwarding Information Base Count Returned to Normal
Warning (orange icon) Mist Edge Fan Plugged
AP offline (alert immediately when AP offline)
All data ports dropped from LACP
All tunnels are disconnected
BGP Neighbor Down
Cellular Edge WAN Cellular Disconnected
Cellular Edge WAN Ethernet Disconnected
Cellular Edge WAN Ethernet Unplugged
Critical Switch Port Down
Note:

If you enable this alert, also identify the critical ports in the switch configuration. In your switch template, go to Select Switches Configuration, select the rule to edit, select the port range, and then select Enable critical alerts. For help, see Juniper Mist Wired Assurance Configuration Guide.
Critical WAN Edge Port Down
Note:

If you enable this alert, also update the WAN or LAN configuration to identify the critical ports. In your WAN Edge template, select the WAN or LAN configuration, go to Interface, enter the ports, and then select Enable critical alerts. For help, see Juniper Mist WAN Assurance Configuration Guide.
EVPN detected a duplicate MAC address
Failed to sync cradlepoint devices
Fpc Management Ethernet Link Down
HA Control Link Down
Last data port dropped from LACP
Loop detected (by AP)
Mist Edge configuration apply failed
Mist Edge primary radius server unresponsive
Mist Edge service crashed
Mist Edge upgrade failed
Mist Edge was restarted
Rogue DHCP SErver Detected
Storm Control in Effect on Switch port
Switch BPDU Error
Switch Bad Optics
Switch DHCP Pool Exhausted
Switch High Humidity
Switch High Temperature

Switch OSPF Neighbor Adjacency Failed
Switch PEM Alarm
Switch PoE Alarm
Switch Power Supply Alarm
Switch Storage Partition Alarm
Switch offline
Tunnel Monitored resource is unresponsive
Tunnel down
VPN Peer Down
Virtual Chassis Member Restarted
WAN Edge BGP Neighbor Down
WAN Edge Chassis Warm
WAN Edge DHCP Pool Exhausted
WAN Edge Flow Count Threshold Exceeded
WAN Edge Forwarding Information Base Count Threshold Exceeded
WAN Edge Source NAT Pool Threshold Exceeded
WAN Edge Offline
Note: This alert will trigger immediately when the gateway goes offline (the default behavior) unless you configure a delay threshold, for example, to prevent repeated alerts in the case of connectivity flaps. The time range is from 0 to 240 minutes. When you set a delay threshold, it applies to the entire organization. Click the pencil icon next to the alert to open the Edit WAN Edge Offline Threshold config page.

Marvis Alerts

Marvis alerts are tied into the Marvis Action Dashboard. These alerts are triggered whenever the corresponding Marvis Action is detected in your organization. For example, if an access point (AP) regularly fails health checks, Marvis notices and tracks this event.

Table 3: Marvis Alerts by Device/Service Type and Severity
Applies To Severity Alert Name
AP Critical (red) AP health check failed
AP insufficient capacity
AP insufficient coverage
Bad cable
Non-compliant
Offline (Marvis)
Site Offline (ISP)
Warning (orange) AP Loop due to Switch Port Flap
AP Loop due to Tunnels paths
AP Loop due to duplicated WLAN paths
Data Center/Application Critical (red icon) Application Reachability Failure (Marvis-Minis)
Connectivity Critical (red icon) ARP failure (Marvis)
ARP failure (Marvis-Minis)
Authentication failure (Marvis)
DHCP failure (Marvis)
DHCP failure (Marvis-Minis)
DNS failure (Marvis)
DNS failure (Marvis-Minis)
WAN Critical (red icon) Bad WAN Uplink
Bad cable
Device Problem
Intermittent WAN Connectivity
MTU mismatch
Negotiation mismatch
Non-compliant
VPN Path Down
Wired Critical (red icon) Bad cable
MTU Mismatch
Missing VLAN
Negotiation incomplete
Port Stuck
Switch Offline
Switch STP Loop
Warning (orange icon) Port flap

Security Alerts

Security alerts warn you of activities or events on the network that can cost you in terms of lost data, unauthorized access to the network, or traffic that matches known security threats. Security alerts are raised by repeated events that could dramatically affect network security. For example, if a rogue AP is detected, that represents a potential security problem. If a client connects to a rogue AP, that could be even worse.

Juniper Mist lists all security alerts except those that relate to intrusion detection and prevention (IDP) or URL filtering on the Monitor > Alerts page. You can find IDP and URL filtering events and their severity on the Site > WAN Edge > Secure WAN Edge IDP/URL Events page.

Table 4: Security Alerts by Severity
Severity Alert Name
Critical (red icon) Client Connection to rogue AP detected
Rogue AP detected
Informational (blue icon) Air Magnet Scan detected
EAP Handshake Flood detected
Switch DDoS Protocol Violation Clear
Warning (orange icon) Active Watched Station detected
Adhoc Network detected
BSSID Spoofing detected
Client MAC Spoofing
Disassociation Attack detected
EAP Dictionary Attack detected
EAP Failure Injection detected
EAP Spoofed Success detected
EAPOL-Logoff Attack detected
ESL Hung
ESL Recovered
ESSID Jack detected
Excessive Clients detected
Excessive EAPOL-Start detected
Fake AP Flooding detected
Honeypot SSID detected
IDP attack detected
Monkey Jack detected
Out of Sequence detected
Repeated Client Authentication Failures
Replay Injection detected - KRACK Attack
SSID Injection detected
Security Policy Violation
Switch DDoS Protocol Violation Set
TKIP ICV Attack
URL blocked
Vendor IE Missing
Zero SSID Association Request detected