Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Juniper Mist Alert Types

Juniper Mist™ provides various alerts that you can enable to track ongoing issues.

Infrastructure Alerts

Infrastructure alerts are for events that involve servers and protocols that can potentially affect a large number of clients. For example, an unreachable Domain Name System (DNS) or a bad power supply on a switch can affect a large number of clients and a large amount of traffic.

Table 1: Infrastructure Alerts by Severity
Severity Alert Name
Critical (red icon) ARP Failure
DHCP Failure
DNS Failure
Mist Edge Fan Unplugged
Mist Edge cpu usage high
Mist Edge disconnected from cloud
Mist Edge disk usage high
Mist Edge memory usage high
Mist Edge power input disconnected
Mist Edge service failed to start
Mist Edge unplugged from power
Switch Fan Alarm

Switch OSPF Neighbor Down
Switch POE Controller Device Failure
Virtual Chassis - Backup Member Elected
Virtual Chassis - New device elected for Active Role
Virtual Chassis Member Deleted
Virtual Chassis Port Down

Switch IP Conflict Detected

Switch MAC Limit Exceeded
Informational (blue icon) AP restarted
BGP Neighbor State Changed
BGP Neighbor Up
Cellular Edge Connected to NCM
Cellular Edge Disconnected from NCM
Cellular Edge Firmware Upgraded
Cellular Edge Login Failure
Cellular Edge Login Success
Cellular Edge Rebooted
Cellular Edge SIM Door Closed
Cellular Edge SIM Door Opened
Cellular Edge WAN Cellular Connected
Cellular Edge WAN Cellular Service Type Changed
Cellular Edge WAN Ethernet Connected
Cellular Edge WAN Ethernet Plugged
Cellular Edge WAN MTU Low
Critical Switch Port Up
Note:

If you enable this alert, you also need to update the switch configuration to identify the critical ports. To do this:

  1. In your switch template, under Select Switches Configuration, select the rule for the ports that you want to configure. (Or add a new rule.)

  2. On the Port Config tab, select the port or port range that you want to configure.

  3. In the settings window, select the Enable critical alerts check box.

  4. Repeat these steps for all critical ports.

For more information about port configuration, see the Juniper Mist Wired Assurance Configuration Guide.
Critical WAN Edge Port Up
Note:

If you enable this alert, you also need to update the WAN or LAN configuration to identify the critical ports. To do this:

  1. In your WAN Edge template, select the WAN or LAN configuration that you want to update. (Or add a new configuration.)

  2. Under Interface, enter the port or ports, and then select the Enable critical alerts check box.

  3. Repeat these steps for all critical ports.

For more information about WAN Edges configuration, see the Juniper Mist WAN Assurance Configuration Guide.
Inactive vlan(s) detected on tunnel port
Mist Edge connected to cloud
Mist Edge cpu usage normal
Mist Edge disk usage normal
Mist Edge memory usage normal
Mist Edge plugged to power
Mist Edge power input connected
New tunnel(s) formed

Switch OSPF Neighbor Up
Switch Radius Server Unresponsive
Switch restarted
Virtual Chassis Member Added
Virtual Chassis Port Up
WAN Edge Flow Count Returned to Normal
WN Edge Forwarding Information Base Count Returned to Normal
Warning (orange icon) Mist Edge Fan Plugged
All data ports dropped from LACP
All tunnels are disconnected
BGP Neighbor Down
Cellular Edge WAN Cellular Disconnected
Cellular Edge WAN Ethernet Disconnected
Cellular Edge WAN Ethernet Unplugged
Critical Switch Port Down
Note:

If you enable this alert, you also need to update the switch configuration to identify the critical ports. To do this:

  1. In your switch template, under Select Switches Configuration, select the rule for the ports that you want to configure. (Or add a new rule.)

  2. On the Port Config tab, select the port or port range that you want to configure.

  3. In the settings window, select the Enable critical alerts check box.

  4. Repeat these steps for all critical ports.

For more information about switch configuration, see the Juniper Mist Wired Assurance Configuration Guide.
Critical WAN Edge Port Down
Note:

If you enable this alert, you also need to update the WAN or LAN configuration to identify the critical ports. To do this:

  1. In your WAN Edge template, select the WAN or LAN configuration that you want to update. (Or add a new configuration.)

  2. Under Interface, enter the port or ports, and then select the Enable critical alerts check box.

  3. Repeat these steps for all critical ports.

For more information about WAN Edges configuration, see the Juniper Mist WAN Assurance Configuration Guide.
EVPN detected a duplicate MAC address
Fpc Management Ethernet Link Down
Gateway High Temperature
HA Control Link Down
Last data port dropped from LACP
Loop detected (by AP)
Mist Edge service crashed
Rogue DHCP SErver Detected
Storm Control in Effect on Switch port
Switch BPDU Error
Switch Bad Optics
Switch DHCP Pool Exhausted
Switch High Humidity
Switch High Temperature

Switch OSPF Neighbor Adjacency Failed
Switch PEM Alarm
Switch PoE Alarm
Switch Power Supply Alarm
Switch Storage Partition Alarm
Switch offline
Tunnel down
VPN Peer Down
Virtual Chassis Member Restarted
WAN Edge BGP Neighbor Down
WAN Edge DHCP Pool Exhausted
WAN Edge Flow Count Threshold Exceeded
WAN Edge Forwarding Information Base Count Threshold Exceeded
WAN Edge Source NAT Pool Threshold Exceeded
WAN Edge Offline
Note: This alert will trigger immediately when the gateway goes offline (the default behavior) unless you configure a delay threshold, for example, to prevent repeated alerts in the case of connectivity flaps. The time range is from 0 to 240 minutes. When you set a delay threshold, it applies to the entire organization. Click the pencil icon next to the alert to open the Edit WAN Edge Offline Threshold config page.

Marvis Alerts

Marvis alerts are tied into the Marvis Action Dashboard. These alerts are triggered whenever the corresponding Marvis Action is detected in your organization. For example, if an access point (AP) regularly fails health checks, Marvis notices and tracks this event.

Table 2: Marvis Alerts by Device/Service Type and Severity
Applies To Severity Alert Name
AP Critical (red) AP health check failed
AP insufficient capacity
AP insufficient coverage
Bad cable
Non-compliant
Offline (Marvis)
Site Offline (ISP)
Warning (orange) AP Loop due to Switch Port Flap
AP Loop due to Tunnels paths
AP Loop due to duplicated WLAN paths
Data Center/Application Critical (red icon) Application Reachability Failure (Marvis-Minis)
Connectivity Critical (red icon) ARP failure (Marvis)
ARP failure (Marvis-Minis)
Authentication failure (Marvis)
DHCP failure (Marvis)
DHCP failure (Marvis-Minis)
DNS failure (Marvis)
DNS failure (Marvis-Minis)
WAN Edge Critical (red icon) Bad WAN Uplink
Bad cable
Device Problem
MTU mismatch
Negotiation mismatch
Non-compliant
VPN Path Down
SwitchSwitch Critical (red icon) Bad cable
MTU Mismatch
Missing VLAN
Negotiation incomplete
Port Stuck
Switch STP Loop
Warning (orange icon) Port flap

Security Alerts

Security alerts warn you of activities or events on the network that can cost you in terms of lost data, unauthorized access to the network, or traffic that matches known security threats. Security alerts are raised by repeated events that could dramatically affect network security. For example, if a rogue AP is detected, that represents a potential security problem. If a client connects to a rogue AP, that could be even worse.

Juniper Mist lists all security alerts except those that relate to intrusion detection and prevention (IDP) or URL filtering on the Monitor > Alerts page. You can find IDP and URL filtering events and their severity on the Site > WAN Edge > Secure WAN Edge IDP/URL Events page.

Table 3: Security Alerts by Severity
Severity Alert Name
Critical (red icon) Client Connection to rogue AP detected
Rogue AP detected
Informational (blue icon) Air Magnet Scan detected
EAP Handshake Flood detected
Switch DDoS Protocol Violation Clear
Warning (orange icon) Active Watched Station detected
Adhoc Network detected
BSSID Spoofing detected
Client MAC Spoofing
Disassociation Attack detected
EAP Dictionary Attack detected
EAP Failure Injection detected
EAP Spoofed Success detected
EAPOL-Logoff Attack detected
ESL Hung
ESL Recovered
ESSID Jack detected
Excessive Clients detected
Excessive EAPOL-Start detected
Fake AP Flooding detected
Honeypot SSID detected
IDP attack detected
Monkey Jack detected
Out of Sequence detected
Repeated Client Authentication Failures
Replay Injection detected - KRACK Attack
SSID Injection detected
Security Policy Violation
TKIP ICV Attack
URL blocked
Vendor IE Missing
Zero SSID Association Request detected

Certificate Alerts

Table 4: Certificate Alerts by Severity
Severity Alert Name
Critical (red icon)

Mist Access Assurance CA Certificate Expired

Mist Access Assurance Server Certificate Expired

NAC Portal IdP Certificate Expired

PSK Portal IdP Certificate Expired

RadSec CA Certificate Expired

RadSec Device Certificate Expired

SSO IdP Certificate Expired

SSO LDAP CA Certificate Expired

SSO LDAP Client Certificate Expired

WLAN SSO IdP Certificate Expired
Warning (orange icon)

Mist Access Assurance CA Certificate Expiring

Mist Access Assurance Server Certificate Expiring

NAC Portal IdP Certificate Expiring

PSK Portal IdP Certificate Expiring

RadSec CA Certificate Expiring

RadSec Device Certificate Expiring

SSO IdP Certificate Expiring

SSO LDAP CA Certificate Expiring

SSO LDAP Client Certificate Expiring

WLAN SSO IdP Certificate Expiring