Fortinet white logo
Fortinet white logo

Discovery Logs

Discovery Logs

This section provides logs related to Test Connectivity and Discovery.



EventType: PH_DEVICE_NOT_ADDED

Description: Discovered device not added to CMDB because of license restrictions

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOVERY_COMPLETE

Description: Discovery completed

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOVERY_RESULT_SENT

Description: Discovery results sent to app server

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_ACCESS_IP_PARSE_ERROR

Description: Discovery module failed to parse device Access IP from App Server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_ADS_ACCOUNT_TO_EXPIRE

Description: Active Directory account to excpire in 2 weeks

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string

daysToAccountExpiry

Days To Account Expiry

uint32



EventType: PH_DISCOV_ADS_ACCT_DISABLED

Description: Accounts Disabled

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string



EventType: PH_DISCOV_ADS_DORMANT_ACCT

Description: Dormant User Acounts - not log on in last 30 days

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string

lastLogon

Last Logon Time

Date

daysSinceLastLogon

Days Since Last Logon

uint32



EventType: PH_DISCOV_ADS_PASSWORD_NEVER_EXPIRES

Description: Active Directory user password never expires

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string

passwordAge

Password Age

uint32

passwordLastSet

Password Last Set

Date



EventType: PH_DISCOV_ADS_PASSWORD_NOT_REQD

Description: Active Directory user password not required

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string



EventType: PH_DISCOV_ADS_PASSWORD_STALE

Description: Active Directory user password stale - more than 90 days

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string

passwordAge

Password Age

uint32

passwordLastSet

Password Last Set

Date



EventType: PH_DISCOV_ADS_PASSWORD_TO_EXPIRE

Description: Active Directory user password to excpire in 2 weeks

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string

daysToPasswordExpiry

Days To Password Expiry

uint32

passwordLastSet

Password Last Set

Date



EventType: PH_DISCOV_ARUBA_WLAN_HOST_LOCATION

Description: Aruba WLAN AP connected Host Identity and Location

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

hostMACAddr

Host MAC

string

Host Layer 2 MAC Address in the log

user

User

string

domain

Domain

string

nepDevIpAddr

Network Access Device IP

IP

nepDevName

Network Access Device

string

nepDevPort

Network Access Device Port

string

wlanSsid

WLAN SSID

string

WLAN Service Set Identifier (SSID) found in SNMP based WLAN monitoring

wlanChannelId

WLAN Channel Id

uint32

WLAN Channel Id found in SNMP based WLAN monitoring

wlanApAssocUpTime

WLAN AP Association Uptime

uint32

WLAN AP Association Uptime found in SNMP based WLAN monitoring

wlanMaxHostTxmitRate

WLAN Max Host Txmit Rate Mbps

uint32

WLAN Max Host Txmit Rate Mbps found in SNMP based WLAN monitoring

wlanContrIpAddr

WLAN Controller IP

IP

WLAN Controller IP found in SNMP based WLAN monitoring

wlanContrHostName

WLAN Controller Host Name

string

WLAN Controller Host Name found in SNMP based WLAN monitoring

wlanRssi

WLAN RSSI dB

int32

WLAN RSSI dB found in SNMP based WLAN monitoring

wlanProtocol

WLAN Protocol

string

WLAN Protocol found in SNMP based WLAN monitoring



EventType: PH_DISCOV_AWS_DEVICE_DELETED

Description: FortiSIEM AWS Discovery discovered a terminated device - this device will be deleted from CMDB

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

ec2InstanceId

EC2 Instance Id

string

accountId

Account Id

string

awsRegion

AWS Region

string

status

Status

string



EventType: PH_DISCOV_AWS_DEVICE_UNKNOWN

Description: Discovery module failed to recognize AWS device type

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_AWS_DISCOV_FAILED

Description: Discovery module failed to discover AWS environment

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_AZURE_DISCOV_FAILED

Description: Discovery module failed to discover AZURE environment

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_BASIC_FAILED

Description: Basic discovery completely failed for a device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SKIPPED

Description: Device discovery skipped because of device type discovery exclusion policy

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SNMP_DETAIL

Description: Device discovery via SNMP details

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovSuccessCode

PH Discovery Success Code

string

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_SNMP_ERROR

Description: Device discovery encountered errors

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SNMP_FAILED

Description: Basic device discovery via SNMP completely failed

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SNMP_STARTED

Description: Starting device discovery for a device via SNMP

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_SNMP_SUCCESS

Description: Device discovery via SNMP succeeded for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_SSH_DETAIL

Description: Device discovery via SSH details

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovSuccessCode

PH Discovery Success Code

string

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_SSH_ERROR

Description: Basic device discovery via SSH encountered errors

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SSH_FAILED

Description: Basic device discovery via SSH completely failed

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SSH_STARTED

Description: Device discovery via SSH started for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_SSH_SUCCESS

Description: Device discovery via SSH succeeded for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_STARTED

Description: Starting device discovery for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BGP_OSPF_FAILED

Description: Failed to send discovery task request for BGP/OSPF change

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_BROCADE_SERVER_IRON_HW_INFO_WARNING

Description: Failed to discover Brocade server iron hardware status

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_CANCEL_UNKNOWN_REQ

Description: Discovery module received discovery cancel request with unknown request ID

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_CERT_FILE_DOWNLOAD_FAILURE

Description: Discovery module failed to download certificate file

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

filePath

File Path

string



EventType: PH_DISCOV_CHECKPOINT_TEST_CONN_FAILED

Description: Discovery module failed to test connectivity for a Checkpoint device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_CISCO_ASA_GET_CONTEXT_FAILED

Description: Discovery module failed to discover Cisco ASA device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

virtContext

Virtualization Context

string



EventType: PH_DISCOV_CISCO_ASA_IPSEC_VPN_FAILED

Description: Discovery module failed to discover IPSEC VPN for Cisco ASA via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_ASA_RAS_VPN_FAILED

Description: Discovery module failed to discover RAS VPN for Cisco ASA via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_ASA_RUN_CONFIG_FAILED

Description: Discovery module failed to discover running config for Cisco ASA via Login

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

virtContext

Virtualization Context

string



EventType: PH_DISCOV_CISCO_ASA_SET_CONTEXT_FAILED

Description: Discovery module failed to set context for Cisco ASA

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

virtContext

Virtualization Context

string



EventType: PH_DISCOV_CISCO_ASA_STARTUP_CONFIG_FAILED

Description: Discovery module failed to discover startup config for Cisco ASA via Login

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

virtContext

Virtualization Context

string



EventType: PH_DISCOV_CISCO_CALL_MANAGER_WARNING

Description: Discovery module failed to obtain Cisco Call Manager statistics

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_CISCO_CATOS_INTF_FAILED

Description: Discovery module failed to find interface by id and name for Cisco CatOS device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

intfName

Host Interface Name

string

Name of a network interface in a host.



EventType: PH_DISCOV_CISCO_CDP_ERROR

Description: Discovery module failed to find local interface in CDP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_IOS_L2_WARNING

Description: Discovery module failed to discover Layer 2 for Cisco IOS device - no directly connected host entries

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_IOS_TRUNK_PORT_ERROR

Description: Discovery module encountered SNMP index lookup error

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_JUNOS_L2_WARNING

Description: Discovery module failed to discover Layer 2 for JUNOS device - no directly connected host entries

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_NXOS_HW_STATUS_WARNING

Description: Discovery module failed to obtain Cisco NxOS hardware status

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_CISCO_NXOS_INTF_SHORT_NAME_NOT_FOUND

Description: Discovery module failed to find interface short name for Cisco NxOS

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_NXOS_L2_WARNING

Description: Discovery module failed to discover Layer 2 for Cisco NxOS device - no directly connected host entries

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_WLAN_HOST_LOCATION

Description: Cisco WLAN AP connected Host Identity and Location

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

hostMACAddr

Host MAC

string

Host Layer 2 MAC Address in the log

user

User

string

domain

Domain

string

nepDevIpAddr

Network Access Device IP

IP

nepDevName

Network Access Device

string

nepDevPort

Network Access Device Port

string

wlanSsid

WLAN SSID

string

WLAN Service Set Identifier (SSID) found in SNMP based WLAN monitoring

wlanContrIpAddr

WLAN Controller IP

IP

WLAN Controller IP found in SNMP based WLAN monitoring

wlanContrHostName

WLAN Controller Host Name

string

WLAN Controller Host Name found in SNMP based WLAN monitoring

wlanRssi

WLAN RSSI dB

int32

WLAN RSSI dB found in SNMP based WLAN monitoring

wlanSnr

WLAN SNR dB

uint32

WLAN SNR dB found in SNMP based WLAN monitoring

wlanProtocol

WLAN Protocol

string

WLAN Protocol found in SNMP based WLAN monitoring



EventType: PH_DISCOV_CLOCK_ROLLS_BACK

Description: FortiSIEM Discovery module discovers excessive clock skew dusing BGP/OSPF discovery

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_CONTACT_APP_SERVER

Description: Discovery module contacting app server

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

destIpPort

Destination TCP/UDP Port

uint16

This is the destination TCP or UDP port as identified in the event



EventType: PH_DISCOV_CREDEN_INSERT_ERROR

Description: Discovery module failed to insert device credential into its memory - discovery may fail

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_CUSTOM_MAP_LOAD_FAILED

Description: Discovery module failed to load customer map from App Server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_DATA_DOMAIN_HW_STATUS_WARNING

Description: Discovery module failed to obtain hardware status from Data Domain device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_DELL_BLADE_CHASSIS_WARNING

Description: Discovery module failed to discover Dell Blade Chassis

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_DELL_COMPELLENT_STORAGE_WARNING

Description: Discovery module failed to discover volume info for Dell Compellent Storage device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_DISCOV_REQ_GET_FAILED

Description: Discovery module failed to get discovery request from App server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_DISCOV_RESULT_SENDER_THREADS_SPAWN_FAILED

Description: Discovery module failed to spawn discovery result sender threads

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_DISCOV_THREADS_SPAWN_FAILED

Description: Discovery module failed to spawn discover threads

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_EC2_INSTANCE_PARSE_FAILED

Description: Discovery module failed to parse EC2 instance xml

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_EMC_CLARION_ERROR

Description: Discovery module failed to discover EMC Clarion

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_EMC_VNX_DISCOV_FAILED

Description: Discovery module failed to discover EMC VNX via navisec client

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

filePath

File Path

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_EMC_VNX_PING_FAILED

Description: Discovery module failed to ping EMC VNX

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

filePath

File Path

string



EventType: PH_DISCOV_EQLOGIC_CONN_FAILED

Description: Discovery module failed to obtain EqualLogic connection info

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

oid

Object Identifier

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_EQLOGIC_HW_INFO_FAILED

Description: Discovery module failed to obtain EqualLogic metric

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

oid

Object Identifier

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_ESX_HOST_PING_ONLY_DISCOV_ERROR

Description: Ping only discovery for ESX host/vCenter failed

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_FAILED_INVALID_REQUEST

Description: Discovery failed - invalid discovery request from App Server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_FAILED_INVALID_REQUEST_XML

Description: FortiSIEM discovery module received invalid XML from App Server - discovery will fail

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_FAILED_XML_ERROR

Description: Discovery XML request parse error

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_FAIL_CMDB_DEV

Description: Existing CMDB device (re)discovery failed

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_FILE_BASED_DISCOV_DIR_NOT_CONFIGURED

Description: File based discovery failed - discover_file_dir missing in phoenix_config.txt

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_FILE_BASED_DISCOV_FAILED

Description: File based discovery failed - cannot open discovery file

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

filePath

File Path

string



EventType: PH_DISCOV_FORTINET_CPU_INFO_WARNING

Description: Discovery module failed to discover cpu info for Fortinet appliance

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



Description: Discovery module failed to discover link stat for Fortinet appliance

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_FORTINET_SYS_UPDATE_VERSION_WARNING

Description: Discovery module failed to discover system auto update versions for Fortinet appliance

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_GENERIC_ERROR

Description: Device discovery encountered generic errors

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_GEN_WLAN_HOST_LOCATION

Description: Generic WLAN AP connected Host Identity and Location

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

hostMACAddr

Host MAC

string

Host Layer 2 MAC Address in the log

user

User

string

domain

Domain

string

nepDevIpAddr

Network Access Device IP

IP

nepDevName

Network Access Device

string

nepDevPort

Network Access Device Port

string

wlanSsid

WLAN SSID

string

WLAN Service Set Identifier (SSID) found in SNMP based WLAN monitoring

wlanContrIpAddr

WLAN Controller IP

IP

WLAN Controller IP found in SNMP based WLAN monitoring

wlanContrHostName

WLAN Controller Host Name

string

WLAN Controller Host Name found in SNMP based WLAN monitoring



EventType: PH_DISCOV_GET_SNMP_ENGINE_ID_FAILED

Description: Failed to get snmp engine ID

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_HOST_CONVERT_PROCESS_UPTIME_ERROR

Description: Discovery module failed to convert process uptime

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_HOST_ERROR

Description: Discovery module failed to discover device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_HOST_INSTALL_SW_WARNING

Description: Discovery module failed to discover installed software

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_HOST_LOCATE_PROCESS_ERROR

Description: Discovery module failed to locate running process by SNMP id

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_HOST_LOCATION

Description: Wired Host IP location message

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_HOST_NET_INTF

Description: Host network interface identity message

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

hostMACAddr

Host MAC

string

Host Layer 2 MAC Address in the log

computer

Computer

string



EventType: PH_DISCOV_HOST_STARTED

Description: Host discovery started for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_HOST_SUCCESS

Description: Host discovery succeeded for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_HOST_SUCCESS_DETAIL

Description: Host discovery success details

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovSuccessCode

PH Discovery Success Code

string

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_HOST_WARNING

Description: Discovery module failed to discover device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string



EventType: PH_DISCOV_HP3COM_HW_WARNING

Description: Discovery module failed to discover hardware info for HP3Com

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_HP_BLADE_HW_STATUS_WARNING

Description: Discovery module failed to obtain hardware status from HP Blade device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_INIT_MODULE_FAILED

Description: Discovery module failed to initialize

Severity: 10 (High)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_INTERFACE_VIA_SNMP_FAILED

Description: Discovery module failed to discover network interfaces vis SNMP

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_IP_TYPE_INVALID

Description: Invalid IP type

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_ISILON_HW_STATUS_WARNING

Description: Discovery module failed to obtain hardware status from Isilon device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_JMX_TEST_CONN_FAILED

Description: Discovery module failed to test conn for JMX server

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_JUNIPER_SSG_HW_INFO_WARNING

Description: Juniper SSG hardware warning

Severity: 3 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_L2_FAILED

Description: Layer 2 device discovery completely failed

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_L2_STARTED

Description: Layer 2 device discovery started for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.



EventType: PH_DISCOV_L2_SUCCESS

Description: Layer 2 device discovery succeeded for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_LDAP_ERROR

Description: LDAP discovery failed

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_LDAP_OU_ERROR

Description: Discovery module failed to lookup LDAP OU in its memory

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_LINUX_DSKTABLE_NOT_CONFIG

Description: Linux disk discovery imcomplete - Dsktable MIB not configured on Linux server

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

diskName

Disk Name

string



EventType: PH_DISCOV_LOGIN_ERROR

Description: Discovery / Perf monitoring module failed to execute command via SSH/TELNET

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string

script

Script

string

command

Command

string



EventType: PH_DISCOV_NEXT_HOP_VIA_SNMP_FAILED

Description: Discovery module failed to discover next hop address vis SNMP

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_NIMBLE_VOLUME_WARNING

Description: Failed to discover volume for Nimble storage

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_NOZOMI_DISCOV_FAILED

Description: Discovery module failed to discover Nozomi environment

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_PARAM_PARSE_FAILED

Description: Discovery module failed to parse parameters in discovery XML from App server

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_PARSER_MSG_EXCEEDS_THRESHOLD

Description: Number of parser-to-discover messages to be processed exceeds threshold, discard the oldest one

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_PARSER_MSG_THREAD_SPAWN_FAILED

Description: Discovery module failed to spawn processParserMessage thread

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_PERF_TEMPLATE_LOAD_FAILED

Description: Discovery module failed to load performance template from App Server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_PING_ONLY_LIST_NOT_MATCH

Description: Discovery module found that ping-only-discover device list does not match include-ip device list. Ping-only-discovery is not effective

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_READ_COMPRESS_THRESHOLD_FAILED

Description: Discovery module failed to read discover_compress_threshold from phoenix configuration, will set it to 2048 bytes

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_RECVD_VALID_REQUEST

Description: Received valid discovery request from app server

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_RESULT_SEND_FAILED

Description: Discovery module failed to send discovery result to App server after many retries; discovery will fail

Severity: 8 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_RESULT_SEND_WARNING

Description: Discovery module failed to upload discovery result to App Server, will retry

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_RESULT_XML_WRITE_FAILURE

Description: Discovery module failed to create discovery result XML file

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_RUNNING_SERVICE

Description: Found running service on host

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

hostName

Host Name

string

This is the hostname of the device of interest in the event

ipProto

IP Protocol

uint16

IP Protocol, e.g. TCP, UDP, ICMP etc as defined in IP RFPs

destIpPort

Destination TCP/UDP Port

uint16

This is the destination TCP or UDP port as identified in the event

appName

Application Name

string



EventType: PH_DISCOV_RUN_JAVA_PROBE_ERROR

Description: Discovery module failed to execute runJavaProbe.sh

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

exitValue

Command exit value

int32



EventType: PH_DISCOV_RUN_SW_FILTER_LOAD_FAILED

Description: Discovery module failed to load Running Software Filter from App Server - running software filter may not be discovered correctly

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_RUN_SW_FILTER_PARSE_FAILED

Description: Discovery module failed to parse running software filter xml from App Server - running software filter may not be discovered correctly

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_RUN_VM_TEST_CONN_ERROR

Description: Discovery module failed to execute VMWare Test Connectivity (runVmTestConn.sh)

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

exitValue

Command exit value

int32



EventType: PH_DISCOV_SKIPPED

Description: Skipping device discovery by discovery request policy

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_SKIP_DEV

Description: Discovery skipped a device for discovery

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

msg

Message

string



EventType: PH_DISCOV_SNMP_ERROR

Description: Discovery module failed to get data via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_SSH_ERROR

Description: Discovery module failed to execute command via SSH

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string

script

Script

string

command

Command

string



EventType: PH_DISCOV_START

Description: Discovery module starting

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TELNET_ERROR

Description: Discovery module failed to execute command via TELNET

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string

script

Script

string

command

Command

string



EventType: PH_DISCOV_TEST_CONN_GET_REQ_FAILED

Description: Discovery module failed to get test connectivity request from App server

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TEST_CONN_MSRPC_ERROR

Description: Discovery module failed to test connection to a Windows Server via MSRPC

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

filePath

File Path

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_TEST_CONN_NO_UCSAPI_CRED

Description: Discovery module failed to test connection to a Cisco UCS Server via UCS API

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TEST_CONN_RESULT_SENDER_THREADS_SPAWN_FAILED

Description: Discovery module failed to spawn test connectivity result sender threads

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TEST_CONN_RESULT_SEND_ERROR

Description: Discovery module encountered error in sending Test Connectivity result to app server

Severity: 9 (High)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_TEST_CONN_RESULT_SEND_WARNING

Description: Discovery module failed to upload test connectivity result to App Server

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TEST_CONN_THREADS_SPAWN_FAILED

Description: Discovery module failed to spawn test connectivity threads

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TEST_CONN_VMSDK_ERROR

Description: Discovery module encountered VMSDK test connection error

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_TRIPP_UPS_HW_STATUS_WARNING

Description: Discovery module failed to obtain hardware status from Tripp UPS device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_TRUNK_PORTS_ERROR

Description: Discovery module failed to get network device trunk port information from App server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_UNHANDLED_ACCESS_PROTO

Description: Discovery module encountered unhandled device access method

Severity: 4 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_UPLOAD_DATA_FAILED

Description: Discovery module failed to upload discovery results to App Server

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_VMWARE_DUP_DEV_ID

Description: Discovery module encoutered VMSDK discovery error because of duplicated device id

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

filePath

File Path

string



EventType: PH_DISCOV_VMWARE_ERROR

Description: Discovery module failed to discover device via VMSDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_VOIP_PHONE_ID

Description: VoIP phone identity message

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

computer

Computer

string

hostMACAddr

Host MAC

string

Host Layer 2 MAC Address in the log

user

User

string

domain

Domain

string

voIPPhoneStatus

VoIP Phone Status

string



EventType: PH_DISCOV_WMI_PULL_ERROR

Description: Windows WMI pulling error

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_APACHE_PING_FAILED

Description: Discovery module failed to ping apache server

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_APP_GROUP_FILTER_PARSE_ERROR

Description: Discovery module failed to parse Application Group filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_APP_GROUP_FILTER_PUSH_ERROR

Description: Discovery module found empty group name in App Group Filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_AWS_NEW_INSTANCE_NOT_RUN

Description: Discovery module found new AWS instance but it is not running

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_AWS_OBTAIN_INSTANCE_FAILURE

Description: FortiSIEM Discovery failed to obtain AWS instance

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_CHECK_APP_LIST_WARNING

Description: Discovery module failed to checking monitorability for windows servers

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CISCO_IOS_CBQOS_ERROR

Description: Discovery module encountered CBQoS monitoring error

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CISCO_MERAKI_GET_CHILD_DEVICE_WARNING

Description: Discovery module failed to get Cisco Meraki child devices

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CISCO_MERAKI_GET_INTFS_WARNING

Description: Discovery module failed to get Cisco Meraki interfaces

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CISCO_MERAKI_GET_INTF_WARNING

Description: Discovery module failed to get Cisco Meraki interface

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

intfName

Host Interface Name

string

Name of a network interface in a host.



EventType: PH_LIB_TOPO_CISCO_MERAKI_MAC_2_HOST_LOOKUP_FAILED

Description: Discovery module failed to get prev found Meraki device by MAC in mac-to-host table

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_CISCO_MERAKI_MAC_2_INTF_LOOKUP_FAILED

Description: Discovery module failed to get prev found Meraki device by MAC in mac-to-interface table

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_CISCO_UCS_LOGIN_FAILED

Description: Discovery module failed to login to Cisco UCS

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CISCO_UCS_REQUEST_ERROR

Description: Discovery module failed to send request to Cisco UCS

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_CPU_TOO_HIGH

Description: Discovery / Perf Monitoring module found CPU util for device to be too high

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

cpuUtil

CPU Util

double



EventType: PH_LIB_TOPO_CUST_CONFIG_JOB_DOWNLOAD_SCRIPT_FAILED

Description: Discovery / Perf Monitoring module failed to download expect script from app server for custom config job

Severity: 9 (High)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

filePath

File Path

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_CHECK_PATH_ERROR

Description: Discovery / Perf Monitoring module failed to check configured path name for custom FIM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_DEVICE_UNAVAILABLE

Description: Discovery / Perf Monitoring module found that device is not available for custom FIM job

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

command

Command

string

exitValue

Command exit value

int32



EventType: PH_LIB_TOPO_CUST_FIM_JOB_FILE_TOO_LARGE

Description: Discovery / Perf Monitoring FIM module found that file is too large to be pulled

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

filePath

File Path

string

fileSize64

File Size64 Bytes

uint64



EventType: PH_LIB_TOPO_CUST_FIM_JOB_GET_DATA_FAILED

Description: Discovery / Perf Monitoring failed to get data for custom FIM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_GET_FILE_INFO_FAILED

Description: Discovery / Perf Monitoring failed to get general file info for FIM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_GET_MD5_FAILED

Description: Discovery / Perf Monitoring failed to get file MD5 for FIM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_GET_REMOTE_FILE_ERROR

Description: Discovery / Perf Monitoring failed to get remote file for FIM

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

filePath

File Path

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_INCORRECT_CRED

Description: Discovery / Perf Monitoring found incorrect username or password for custom FIM job

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

command

Command

string

exitValue

Command exit value

int32



EventType: PH_LIB_TOPO_CUST_FIM_JOB_RUN_SCP_FAILED

Description: Discovery / Perf Monitoring module failed to runScp.exp for FIM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_TOO_MANY_FILES

Description: Discovery / Perf Monitoring module found that files count exceeds the max files count limitation under one directory for custom FIM job

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

dirName

Directory Name

string



EventType: PH_LIB_TOPO_CUST_LOGIN_JOB_CREATE_EVENT_FAILED

Description: Discovery / Perf Monitoring module failed to create event for custom LOGIN job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_LOGIN_JOB_GET_DATA_FAILED

Description: Discovery / Perf Monitoring module failed to get data for custom LOGIN job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_SNMP_JOB_CREATE_EVENT_FAILED

Description: Discovery / Perf Monitoring module failed to create event for custom SNMP job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_SNMP_JOB_GET_DATA_FAILED

Description: Discovery / Perf Monitoring module failed to get data for custom SNMP job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_WMI_JOB_CREATE_EVENT_FAILED

Description: Discovery / Perf Monitoring module failed to create event for custom WMIjob

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_WMI_JOB_GET_DATA_FAILED

Description: Discovery / Perf Monitoring module failed to get data for custom WMI job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_ETHERMIB_STAT_LOOKUP_ERROR

Description: Discovery / Perf Monitoring module failed to get ethermib stat for interface

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

srcSnmpIntfIndex

Source Interface SNMP Index

uint16

SNMP index of the network interface through which a packet enters a network device. This information is typically present in Firewall logs.



EventType: PH_LIB_TOPO_EVENT_DROP_RULE_ENCODE_VALUE_GROUP_ERROR

Description: Discovery / Perf Monitoring module failed to encode value group

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_EVENT_DROP_RULE_PARSE_ERROR

Description: Parser module failed to parse event dropping rule

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_EXCLUDED_DISK_PARSE_ERROR

Description: Discovery / Perf Monitoring module failed to parse excluded disks

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_FCT_DEV_MAPPING_ENTRY_INVALID

Description: FortiClient device type mapping in /opt/phoenix/data-definition/FortiClientOSVersionMap.csv is invalid.

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FGT_FABRIC_DISCOV_FAIL

Description: FortiGate Fabric Discovery Failure, if security fabric not enabled, this may be normal

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FGT_GET_CONFIG_BACKUP_FAILED

Description: Failed to get config backup for FortiGate. Ensure that the FortiGate's rest api user role allows WRITE for System -> Administrator Users access permissions.

Severity: 6 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_FGT_GET_USER_DEV_STORE_FAIL

Description: FortiGate User Device Store record retrieval failed. This is optional data

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FGT_GET_USER_DEV_UNKNOWN

Description: FortiGate User Device Store identified an unknown device type. Add mapping to /opt/phoenix/data-definition/FortiClientOSVersionMap.csv

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FGT_INSTALLED_SW_FAIL

Description: FortiGate failed to collect software module status via /api/v2/monitor/license/status.

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FGT_SEC_POSTURE_RPT_API_FAIL

Description: FortiGate security posture report could not be retrieved via API on root fabric firewall.

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FILE_READ_ERROR

Description: Discovery / Perf Monitoring module failed to read file

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

filePath

File Path

string



EventType: PH_LIB_TOPO_FOUNDRY_HW_STATUS_ERROR

Description: Discovery / Perf Monitoring module failed to get hardware status for Foundry Iron device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

oid

Object Identifier

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_GEN_UPS_STATUS_GET_ERROR

Description: Discovery / Perf Monitoring module failed to get hardware status via SNMP for GEN UPS device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_GET_NETAPP_NFS_FAILED

Description: Discovery / Perf Monitoring module failed to get NFS metrics via SNMP or ONTAP SDK for NetApp Filer

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_H3C_CPU_UTIL_ERROR

Description: Discovery / Perf Monitoring module failed to get CPU Util of H3C via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

oid

Object Identifier

string



EventType: PH_LIB_TOPO_HP3COM_CPU_UTIL_ERROR

Description: Discovery / Perf Monitoring module failed to get CPU Util of Hp3Com via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

oid

Object Identifier

string



EventType: PH_LIB_TOPO_HP3COM_MEM_UTIL_ERROR

Description: Discovery / Perf Monitoring module failed to get CPU Util of Hp3Com device via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

oid

Object Identifier

string



EventType: PH_LIB_TOPO_HPUX_PROC_CPU_MEM_TOO_HIGH

Description: Discovery / Perf Monitoring module found HPUX Process CPU Util or Mem Util too high

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

procName

Process Name

string

cpuUtil

CPU Util

double

memUtil

Memory Util

double



EventType: PH_LIB_TOPO_HYPERV_METRICS_GET_ERROR

Description: Discovery / Perf Monitoring module failed to get HyperV metrics

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_IMPORTANT_INTF_PARSE_ERROR

Description: Discovery / Perf Monitoring module failed to parse important interfaces

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_INTF_UTIL_ERROR

Description: Discovery / Perf Monitoring module found interface util monitoring data inconsistency

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

intfName

Host Interface Name

string

Name of a network interface in a host.



EventType: PH_LIB_TOPO_JSON_PARSE_FAILED

Description: Failed to parse JSON

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_JUNIPER_INTF_SPEED_GET_ERROR

Description: Discovery / Perf Monitoring module failed to get interface speed from Juniper firewall

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

intfName

Host Interface Name

string

Name of a network interface in a host.



EventType: PH_LIB_TOPO_LIEBERT_HVAC_STATUS_GET_ERROR

Description: Discovery / Perf Monitoring module failed to get hardware status via SNMP for LIEBERT HAVC device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_LOGIN_PING_FAILED

Description: Discovery / Perf Monitoring module failed to execute a login command for discovery pruposes

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

ipPort

IP Port

uint16

IP port number

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_MAINTENANCE_DURATION_INCORRECT

Description: Perf Monitoring module failed to properly parse device maintenance duration from App Server

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string



EventType: PH_LIB_TOPO_MEM_TOO_HIGH

Description: Discovery / Perf Monitoring module memory util for device to be too high

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

memUtil

Memory Util

double



EventType: PH_LIB_TOPO_NETAPP_AGGREGATE_STAT_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp Aggregate Stat via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_ANALYZE_VERSION_ERROR

Description: Discovery / Perf Monitoring module failed to analyze NetApp version via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_DISK_STAT_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp Disk Stat via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_GET_NFS_METRIC_ERROR

Description: Discovery / Perf Monitoring module failed to obtain NetApp NFS V3 metrics via ONTAPI

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_GET_VERSION_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp version -- volume latencies may not be correct

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_NETAPP_LUN_STAT_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp LUN Stat via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_PROTO_STAT_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp Protocol Stat via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_VOLUME_STAT_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp Volume Stat via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NOT_SUPPORT_REST_API

Description: Rest API doesn't support in this fortigate version

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_PARSE_INTF_MAP_FAILURE

Description: Discovery / Perf Monitoring module failed to parse device interface map

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_PERF_JOB_EXEC_FAILED

Description: Perf Monitoring module failed to execute a specific performance monitoring job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

jobId

Job Id

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_PERF_JOB_INIT_FAILED

Description: Perf Monitoring module failed to initialize the performance monitoring job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_PERF_JOB_REMOVE_FAILED

Description: Perf Monitoring module failed to remove performance monitoring job by JOB ID

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

jobId

Job Id

string



EventType: PH_LIB_TOPO_PERF_TEMPLATE_LOAD_ERROR

Description: Perf Monitoring module failed to load performance monitor template xml

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_PERF_TEMPLATE_PARSE_FAILURE

Description: Perf Monitoring module failed to parse performance monitor template xml

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_PERF_TEMPLATE_PARSE_WARNING

Description: Perf Monitoring module skipped one device type while loading Performance Monitor template xml

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_PORT_FILTER_PARSE_ERROR

Description: Perf Monitoring module failed to parse port filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_PORT_FILTER_PUSH_ERROR

Description: Perf Monitoring module found empty protocol name in Port Filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_PROC_CPU_MEM_TOO_HIGH

Description: Perf Monitoring module found process CPU Util or Mem Util to be too high

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

procName

Process Name

string

cpuUtil

CPU Util

double

memUtil

Memory Util

double



EventType: PH_LIB_TOPO_REST_API_FAILED

Description: Failed to call a REST API

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

infoURL

Informational URL

string

This field captures an URL if present in an event

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_RUN_SW_FILTER_PARSE_ERROR

Description: Discovery / Perf Monitoring module found failed to parse running software filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_RUN_SW_FILTER_PUSH_ERROR

Description: Discovery / Perf Monitoring module found empty name and path in running software Filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_SNMPWALK_ERROR

Description: Discovery / Perf Monitoring module found found empty or incomplete snmpwalk response

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

oid

Object Identifier

string



EventType: PH_LIB_TOPO_STM_JOB_EXEC_FAILED

Description: Discovery / Perf Monitoring module failed to execute STM job for device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string



EventType: PH_LIB_TOPO_STM_JOB_INIT_FAILED

Description: Perf Monitoring module failed to initialize the STM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_TEST_CONN_HTTP_AGENT_FAILED

Description: Discovery module failed to test connectivity for http java agent

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errorString

Error String

string

This is the error message, synonymous to attribute errReason



EventType: PH_LIB_TOPO_TEST_CONN_JDBC_AGENT_FAILED

Description: Discovery module failed to test connectivity for jdbc java agent

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errorString

Error String

string

This is the error message, synonymous to attribute errReason



EventType: PH_LIB_TOPO_TEST_CONN_JMX_AGENT_FAILED

Description: Discovery module failed to test connectivity for jmx java agent

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errorString

Error String

string

This is the error message, synonymous to attribute errReason



EventType: PH_LIB_TOPO_TRUNK_PORT_MAP_PARSE_ERROR

Description: Discovery module failed to parse trunk port map

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_VALIDATE_ACCESS_FAILED

Description: Perf Monitor module found device credential issues during initialization

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_DATABASE_INSTANCE_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange Database instance metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_DATABASE_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange Database metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_MAIL_SUBMISSION_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange mail submission metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_PUB_MAILBOX_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange public mailbox metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_REG_MAILBOX_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange regular mailbox metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_REPLICATION_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange replication metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_RPC_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange RPC metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_SMTP_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange SMTP metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_STORE_INTF_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange store interface metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_TRANSPORT_QUEUE_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange transport queue metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WMI_GET_CPU_COUNT_ERROR

Description: Discovery/Perf Monitor module failed to get Windows CPU count via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WMI_GET_CPU_WARNING

Description: Discovery/Perf Monitor module failed to get CPU info for Windows device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WMI_GET_PAGE_ACTIVITY_ERROR

Description: Discovery/Perf Monitor module failed to get Windows paging activity via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WMI_GET_REAL_MEM_ERROR

Description: Discovery/Perf Monitor module failed to get Windows real memory via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WMI_GET_RUN_SW_PERF_ERROR

Description: Discovery/Perf Monitor module failed to get Windows running software performance via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_MAX_DEVICES_EXCEEDED

Description: Max number of devices exceeded license

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_MAX_DEVICES_LIMIT_REACHED

Description: Max number of devices exceeded license

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_TEST_CONN_COMPLETE

Description: Test Connectivity completed

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_TEST_CONN_CONTACT_APP_SERVER

Description: Test Connectivity module contacting app server

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

destIpPort

Destination TCP/UDP Port

uint16

This is the destination TCP or UDP port as identified in the event



EventType: PH_TEST_CONN_FAILED_INVALID_REQUEST

Description: Test Connectivity failed - invalid discovery request from App Server

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_TEST_CONN_FAILED_INVALID_REQUEST_XML

Description: Test Connectivity failed - invalid discovery request XML from App Server

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_TEST_CONN_RECVD_VALID_REQUEST

Description: Received valid test connectivity request from app server

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_TEST_CONN_RESULT_SENT

Description: Test Connectivity results sent to app server

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_TEST_CONN_STARTED

Description: Starting test connectivity for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.


Discovery Logs

Discovery Logs

This section provides logs related to Test Connectivity and Discovery.



EventType: PH_DEVICE_NOT_ADDED

Description: Discovered device not added to CMDB because of license restrictions

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOVERY_COMPLETE

Description: Discovery completed

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOVERY_RESULT_SENT

Description: Discovery results sent to app server

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_ACCESS_IP_PARSE_ERROR

Description: Discovery module failed to parse device Access IP from App Server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_ADS_ACCOUNT_TO_EXPIRE

Description: Active Directory account to excpire in 2 weeks

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string

daysToAccountExpiry

Days To Account Expiry

uint32



EventType: PH_DISCOV_ADS_ACCT_DISABLED

Description: Accounts Disabled

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string



EventType: PH_DISCOV_ADS_DORMANT_ACCT

Description: Dormant User Acounts - not log on in last 30 days

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string

lastLogon

Last Logon Time

Date

daysSinceLastLogon

Days Since Last Logon

uint32



EventType: PH_DISCOV_ADS_PASSWORD_NEVER_EXPIRES

Description: Active Directory user password never expires

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string

passwordAge

Password Age

uint32

passwordLastSet

Password Last Set

Date



EventType: PH_DISCOV_ADS_PASSWORD_NOT_REQD

Description: Active Directory user password not required

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string



EventType: PH_DISCOV_ADS_PASSWORD_STALE

Description: Active Directory user password stale - more than 90 days

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string

passwordAge

Password Age

uint32

passwordLastSet

Password Last Set

Date



EventType: PH_DISCOV_ADS_PASSWORD_TO_EXPIRE

Description: Active Directory user password to excpire in 2 weeks

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

user

User

string

userFullName

User Full Name

string

userDN

User Distinguishing Name

string

daysToPasswordExpiry

Days To Password Expiry

uint32

passwordLastSet

Password Last Set

Date



EventType: PH_DISCOV_ARUBA_WLAN_HOST_LOCATION

Description: Aruba WLAN AP connected Host Identity and Location

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

hostMACAddr

Host MAC

string

Host Layer 2 MAC Address in the log

user

User

string

domain

Domain

string

nepDevIpAddr

Network Access Device IP

IP

nepDevName

Network Access Device

string

nepDevPort

Network Access Device Port

string

wlanSsid

WLAN SSID

string

WLAN Service Set Identifier (SSID) found in SNMP based WLAN monitoring

wlanChannelId

WLAN Channel Id

uint32

WLAN Channel Id found in SNMP based WLAN monitoring

wlanApAssocUpTime

WLAN AP Association Uptime

uint32

WLAN AP Association Uptime found in SNMP based WLAN monitoring

wlanMaxHostTxmitRate

WLAN Max Host Txmit Rate Mbps

uint32

WLAN Max Host Txmit Rate Mbps found in SNMP based WLAN monitoring

wlanContrIpAddr

WLAN Controller IP

IP

WLAN Controller IP found in SNMP based WLAN monitoring

wlanContrHostName

WLAN Controller Host Name

string

WLAN Controller Host Name found in SNMP based WLAN monitoring

wlanRssi

WLAN RSSI dB

int32

WLAN RSSI dB found in SNMP based WLAN monitoring

wlanProtocol

WLAN Protocol

string

WLAN Protocol found in SNMP based WLAN monitoring



EventType: PH_DISCOV_AWS_DEVICE_DELETED

Description: FortiSIEM AWS Discovery discovered a terminated device - this device will be deleted from CMDB

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

ec2InstanceId

EC2 Instance Id

string

accountId

Account Id

string

awsRegion

AWS Region

string

status

Status

string



EventType: PH_DISCOV_AWS_DEVICE_UNKNOWN

Description: Discovery module failed to recognize AWS device type

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_AWS_DISCOV_FAILED

Description: Discovery module failed to discover AWS environment

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_AZURE_DISCOV_FAILED

Description: Discovery module failed to discover AZURE environment

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_BASIC_FAILED

Description: Basic discovery completely failed for a device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SKIPPED

Description: Device discovery skipped because of device type discovery exclusion policy

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SNMP_DETAIL

Description: Device discovery via SNMP details

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovSuccessCode

PH Discovery Success Code

string

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_SNMP_ERROR

Description: Device discovery encountered errors

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SNMP_FAILED

Description: Basic device discovery via SNMP completely failed

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SNMP_STARTED

Description: Starting device discovery for a device via SNMP

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_SNMP_SUCCESS

Description: Device discovery via SNMP succeeded for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_SSH_DETAIL

Description: Device discovery via SSH details

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovSuccessCode

PH Discovery Success Code

string

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_SSH_ERROR

Description: Basic device discovery via SSH encountered errors

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SSH_FAILED

Description: Basic device discovery via SSH completely failed

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_BASIC_SSH_STARTED

Description: Device discovery via SSH started for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_SSH_SUCCESS

Description: Device discovery via SSH succeeded for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BASIC_STARTED

Description: Starting device discovery for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_BGP_OSPF_FAILED

Description: Failed to send discovery task request for BGP/OSPF change

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_BROCADE_SERVER_IRON_HW_INFO_WARNING

Description: Failed to discover Brocade server iron hardware status

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_CANCEL_UNKNOWN_REQ

Description: Discovery module received discovery cancel request with unknown request ID

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_CERT_FILE_DOWNLOAD_FAILURE

Description: Discovery module failed to download certificate file

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

filePath

File Path

string



EventType: PH_DISCOV_CHECKPOINT_TEST_CONN_FAILED

Description: Discovery module failed to test connectivity for a Checkpoint device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_CISCO_ASA_GET_CONTEXT_FAILED

Description: Discovery module failed to discover Cisco ASA device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

virtContext

Virtualization Context

string



EventType: PH_DISCOV_CISCO_ASA_IPSEC_VPN_FAILED

Description: Discovery module failed to discover IPSEC VPN for Cisco ASA via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_ASA_RAS_VPN_FAILED

Description: Discovery module failed to discover RAS VPN for Cisco ASA via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_ASA_RUN_CONFIG_FAILED

Description: Discovery module failed to discover running config for Cisco ASA via Login

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

virtContext

Virtualization Context

string



EventType: PH_DISCOV_CISCO_ASA_SET_CONTEXT_FAILED

Description: Discovery module failed to set context for Cisco ASA

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

virtContext

Virtualization Context

string



EventType: PH_DISCOV_CISCO_ASA_STARTUP_CONFIG_FAILED

Description: Discovery module failed to discover startup config for Cisco ASA via Login

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

virtContext

Virtualization Context

string



EventType: PH_DISCOV_CISCO_CALL_MANAGER_WARNING

Description: Discovery module failed to obtain Cisco Call Manager statistics

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_CISCO_CATOS_INTF_FAILED

Description: Discovery module failed to find interface by id and name for Cisco CatOS device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

intfName

Host Interface Name

string

Name of a network interface in a host.



EventType: PH_DISCOV_CISCO_CDP_ERROR

Description: Discovery module failed to find local interface in CDP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_IOS_L2_WARNING

Description: Discovery module failed to discover Layer 2 for Cisco IOS device - no directly connected host entries

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_IOS_TRUNK_PORT_ERROR

Description: Discovery module encountered SNMP index lookup error

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_JUNOS_L2_WARNING

Description: Discovery module failed to discover Layer 2 for JUNOS device - no directly connected host entries

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_NXOS_HW_STATUS_WARNING

Description: Discovery module failed to obtain Cisco NxOS hardware status

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_CISCO_NXOS_INTF_SHORT_NAME_NOT_FOUND

Description: Discovery module failed to find interface short name for Cisco NxOS

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_NXOS_L2_WARNING

Description: Discovery module failed to discover Layer 2 for Cisco NxOS device - no directly connected host entries

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_CISCO_WLAN_HOST_LOCATION

Description: Cisco WLAN AP connected Host Identity and Location

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

hostMACAddr

Host MAC

string

Host Layer 2 MAC Address in the log

user

User

string

domain

Domain

string

nepDevIpAddr

Network Access Device IP

IP

nepDevName

Network Access Device

string

nepDevPort

Network Access Device Port

string

wlanSsid

WLAN SSID

string

WLAN Service Set Identifier (SSID) found in SNMP based WLAN monitoring

wlanContrIpAddr

WLAN Controller IP

IP

WLAN Controller IP found in SNMP based WLAN monitoring

wlanContrHostName

WLAN Controller Host Name

string

WLAN Controller Host Name found in SNMP based WLAN monitoring

wlanRssi

WLAN RSSI dB

int32

WLAN RSSI dB found in SNMP based WLAN monitoring

wlanSnr

WLAN SNR dB

uint32

WLAN SNR dB found in SNMP based WLAN monitoring

wlanProtocol

WLAN Protocol

string

WLAN Protocol found in SNMP based WLAN monitoring



EventType: PH_DISCOV_CLOCK_ROLLS_BACK

Description: FortiSIEM Discovery module discovers excessive clock skew dusing BGP/OSPF discovery

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_CONTACT_APP_SERVER

Description: Discovery module contacting app server

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

destIpPort

Destination TCP/UDP Port

uint16

This is the destination TCP or UDP port as identified in the event



EventType: PH_DISCOV_CREDEN_INSERT_ERROR

Description: Discovery module failed to insert device credential into its memory - discovery may fail

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_CUSTOM_MAP_LOAD_FAILED

Description: Discovery module failed to load customer map from App Server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_DATA_DOMAIN_HW_STATUS_WARNING

Description: Discovery module failed to obtain hardware status from Data Domain device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_DELL_BLADE_CHASSIS_WARNING

Description: Discovery module failed to discover Dell Blade Chassis

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_DELL_COMPELLENT_STORAGE_WARNING

Description: Discovery module failed to discover volume info for Dell Compellent Storage device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_DISCOV_REQ_GET_FAILED

Description: Discovery module failed to get discovery request from App server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_DISCOV_RESULT_SENDER_THREADS_SPAWN_FAILED

Description: Discovery module failed to spawn discovery result sender threads

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_DISCOV_THREADS_SPAWN_FAILED

Description: Discovery module failed to spawn discover threads

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_EC2_INSTANCE_PARSE_FAILED

Description: Discovery module failed to parse EC2 instance xml

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_EMC_CLARION_ERROR

Description: Discovery module failed to discover EMC Clarion

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_EMC_VNX_DISCOV_FAILED

Description: Discovery module failed to discover EMC VNX via navisec client

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

filePath

File Path

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_EMC_VNX_PING_FAILED

Description: Discovery module failed to ping EMC VNX

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

filePath

File Path

string



EventType: PH_DISCOV_EQLOGIC_CONN_FAILED

Description: Discovery module failed to obtain EqualLogic connection info

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

oid

Object Identifier

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_EQLOGIC_HW_INFO_FAILED

Description: Discovery module failed to obtain EqualLogic metric

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

oid

Object Identifier

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_ESX_HOST_PING_ONLY_DISCOV_ERROR

Description: Ping only discovery for ESX host/vCenter failed

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_FAILED_INVALID_REQUEST

Description: Discovery failed - invalid discovery request from App Server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_FAILED_INVALID_REQUEST_XML

Description: FortiSIEM discovery module received invalid XML from App Server - discovery will fail

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_FAILED_XML_ERROR

Description: Discovery XML request parse error

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_FAIL_CMDB_DEV

Description: Existing CMDB device (re)discovery failed

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_FILE_BASED_DISCOV_DIR_NOT_CONFIGURED

Description: File based discovery failed - discover_file_dir missing in phoenix_config.txt

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_FILE_BASED_DISCOV_FAILED

Description: File based discovery failed - cannot open discovery file

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

filePath

File Path

string



EventType: PH_DISCOV_FORTINET_CPU_INFO_WARNING

Description: Discovery module failed to discover cpu info for Fortinet appliance

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



Description: Discovery module failed to discover link stat for Fortinet appliance

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_FORTINET_SYS_UPDATE_VERSION_WARNING

Description: Discovery module failed to discover system auto update versions for Fortinet appliance

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_GENERIC_ERROR

Description: Device discovery encountered generic errors

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_GEN_WLAN_HOST_LOCATION

Description: Generic WLAN AP connected Host Identity and Location

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

hostMACAddr

Host MAC

string

Host Layer 2 MAC Address in the log

user

User

string

domain

Domain

string

nepDevIpAddr

Network Access Device IP

IP

nepDevName

Network Access Device

string

nepDevPort

Network Access Device Port

string

wlanSsid

WLAN SSID

string

WLAN Service Set Identifier (SSID) found in SNMP based WLAN monitoring

wlanContrIpAddr

WLAN Controller IP

IP

WLAN Controller IP found in SNMP based WLAN monitoring

wlanContrHostName

WLAN Controller Host Name

string

WLAN Controller Host Name found in SNMP based WLAN monitoring



EventType: PH_DISCOV_GET_SNMP_ENGINE_ID_FAILED

Description: Failed to get snmp engine ID

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_HOST_CONVERT_PROCESS_UPTIME_ERROR

Description: Discovery module failed to convert process uptime

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_HOST_ERROR

Description: Discovery module failed to discover device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_HOST_INSTALL_SW_WARNING

Description: Discovery module failed to discover installed software

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_HOST_LOCATE_PROCESS_ERROR

Description: Discovery module failed to locate running process by SNMP id

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_HOST_LOCATION

Description: Wired Host IP location message

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_HOST_NET_INTF

Description: Host network interface identity message

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

hostMACAddr

Host MAC

string

Host Layer 2 MAC Address in the log

computer

Computer

string



EventType: PH_DISCOV_HOST_STARTED

Description: Host discovery started for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_HOST_SUCCESS

Description: Host discovery succeeded for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_HOST_SUCCESS_DETAIL

Description: Host discovery success details

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovSuccessCode

PH Discovery Success Code

string

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_HOST_WARNING

Description: Discovery module failed to discover device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string



EventType: PH_DISCOV_HP3COM_HW_WARNING

Description: Discovery module failed to discover hardware info for HP3Com

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_HP_BLADE_HW_STATUS_WARNING

Description: Discovery module failed to obtain hardware status from HP Blade device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_INIT_MODULE_FAILED

Description: Discovery module failed to initialize

Severity: 10 (High)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_INTERFACE_VIA_SNMP_FAILED

Description: Discovery module failed to discover network interfaces vis SNMP

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_IP_TYPE_INVALID

Description: Invalid IP type

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_ISILON_HW_STATUS_WARNING

Description: Discovery module failed to obtain hardware status from Isilon device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_JMX_TEST_CONN_FAILED

Description: Discovery module failed to test conn for JMX server

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_JUNIPER_SSG_HW_INFO_WARNING

Description: Juniper SSG hardware warning

Severity: 3 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_L2_FAILED

Description: Layer 2 device discovery completely failed

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_L2_STARTED

Description: Layer 2 device discovery started for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.



EventType: PH_DISCOV_L2_SUCCESS

Description: Layer 2 device discovery succeeded for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destName

Destination Host Name

string

Destination device's hostname as identified in the log, can also be enriched using reverse lookup of the destination IP address.

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_LDAP_ERROR

Description: LDAP discovery failed

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_LDAP_OU_ERROR

Description: Discovery module failed to lookup LDAP OU in its memory

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_LINUX_DSKTABLE_NOT_CONFIG

Description: Linux disk discovery imcomplete - Dsktable MIB not configured on Linux server

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

diskName

Disk Name

string



EventType: PH_DISCOV_LOGIN_ERROR

Description: Discovery / Perf monitoring module failed to execute command via SSH/TELNET

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string

script

Script

string

command

Command

string



EventType: PH_DISCOV_NEXT_HOP_VIA_SNMP_FAILED

Description: Discovery module failed to discover next hop address vis SNMP

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_NIMBLE_VOLUME_WARNING

Description: Failed to discover volume for Nimble storage

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_NOZOMI_DISCOV_FAILED

Description: Discovery module failed to discover Nozomi environment

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_PARAM_PARSE_FAILED

Description: Discovery module failed to parse parameters in discovery XML from App server

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_PARSER_MSG_EXCEEDS_THRESHOLD

Description: Number of parser-to-discover messages to be processed exceeds threshold, discard the oldest one

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_PARSER_MSG_THREAD_SPAWN_FAILED

Description: Discovery module failed to spawn processParserMessage thread

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_PERF_TEMPLATE_LOAD_FAILED

Description: Discovery module failed to load performance template from App Server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_PING_ONLY_LIST_NOT_MATCH

Description: Discovery module found that ping-only-discover device list does not match include-ip device list. Ping-only-discovery is not effective

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_READ_COMPRESS_THRESHOLD_FAILED

Description: Discovery module failed to read discover_compress_threshold from phoenix configuration, will set it to 2048 bytes

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_RECVD_VALID_REQUEST

Description: Received valid discovery request from app server

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_DISCOV_RESULT_SEND_FAILED

Description: Discovery module failed to send discovery result to App server after many retries; discovery will fail

Severity: 8 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_RESULT_SEND_WARNING

Description: Discovery module failed to upload discovery result to App Server, will retry

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_RESULT_XML_WRITE_FAILURE

Description: Discovery module failed to create discovery result XML file

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_DISCOV_RUNNING_SERVICE

Description: Found running service on host

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

hostName

Host Name

string

This is the hostname of the device of interest in the event

ipProto

IP Protocol

uint16

IP Protocol, e.g. TCP, UDP, ICMP etc as defined in IP RFPs

destIpPort

Destination TCP/UDP Port

uint16

This is the destination TCP or UDP port as identified in the event

appName

Application Name

string



EventType: PH_DISCOV_RUN_JAVA_PROBE_ERROR

Description: Discovery module failed to execute runJavaProbe.sh

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

exitValue

Command exit value

int32



EventType: PH_DISCOV_RUN_SW_FILTER_LOAD_FAILED

Description: Discovery module failed to load Running Software Filter from App Server - running software filter may not be discovered correctly

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_RUN_SW_FILTER_PARSE_FAILED

Description: Discovery module failed to parse running software filter xml from App Server - running software filter may not be discovered correctly

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_RUN_VM_TEST_CONN_ERROR

Description: Discovery module failed to execute VMWare Test Connectivity (runVmTestConn.sh)

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

exitValue

Command exit value

int32



EventType: PH_DISCOV_SKIPPED

Description: Skipping device discovery by discovery request policy

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_SKIP_DEV

Description: Discovery skipped a device for discovery

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

msg

Message

string



EventType: PH_DISCOV_SNMP_ERROR

Description: Discovery module failed to get data via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_SSH_ERROR

Description: Discovery module failed to execute command via SSH

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string

script

Script

string

command

Command

string



EventType: PH_DISCOV_START

Description: Discovery module starting

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TELNET_ERROR

Description: Discovery module failed to execute command via TELNET

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

phDiscovFailCode

PH Discovery Failure Code

string

script

Script

string

command

Command

string



EventType: PH_DISCOV_TEST_CONN_GET_REQ_FAILED

Description: Discovery module failed to get test connectivity request from App server

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TEST_CONN_MSRPC_ERROR

Description: Discovery module failed to test connection to a Windows Server via MSRPC

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

filePath

File Path

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_TEST_CONN_NO_UCSAPI_CRED

Description: Discovery module failed to test connection to a Cisco UCS Server via UCS API

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TEST_CONN_RESULT_SENDER_THREADS_SPAWN_FAILED

Description: Discovery module failed to spawn test connectivity result sender threads

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TEST_CONN_RESULT_SEND_ERROR

Description: Discovery module encountered error in sending Test Connectivity result to app server

Severity: 9 (High)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

phDiscovFailCode

PH Discovery Failure Code

string



EventType: PH_DISCOV_TEST_CONN_RESULT_SEND_WARNING

Description: Discovery module failed to upload test connectivity result to App Server

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TEST_CONN_THREADS_SPAWN_FAILED

Description: Discovery module failed to spawn test connectivity threads

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_TEST_CONN_VMSDK_ERROR

Description: Discovery module encountered VMSDK test connection error

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_TRIPP_UPS_HW_STATUS_WARNING

Description: Discovery module failed to obtain hardware status from Tripp UPS device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_TRUNK_PORTS_ERROR

Description: Discovery module failed to get network device trunk port information from App server

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_UNHANDLED_ACCESS_PROTO

Description: Discovery module encountered unhandled device access method

Severity: 4 (Low)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_UPLOAD_DATA_FAILED

Description: Discovery module failed to upload discovery results to App Server

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_DISCOV_VMWARE_DUP_DEV_ID

Description: Discovery module encoutered VMSDK discovery error because of duplicated device id

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

filePath

File Path

string



EventType: PH_DISCOV_VMWARE_ERROR

Description: Discovery module failed to discover device via VMSDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_DISCOV_VOIP_PHONE_ID

Description: VoIP phone identity message

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

computer

Computer

string

hostMACAddr

Host MAC

string

Host Layer 2 MAC Address in the log

user

User

string

domain

Domain

string

voIPPhoneStatus

VoIP Phone Status

string



EventType: PH_DISCOV_WMI_PULL_ERROR

Description: Windows WMI pulling error

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_APACHE_PING_FAILED

Description: Discovery module failed to ping apache server

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_APP_GROUP_FILTER_PARSE_ERROR

Description: Discovery module failed to parse Application Group filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_APP_GROUP_FILTER_PUSH_ERROR

Description: Discovery module found empty group name in App Group Filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_AWS_NEW_INSTANCE_NOT_RUN

Description: Discovery module found new AWS instance but it is not running

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_AWS_OBTAIN_INSTANCE_FAILURE

Description: FortiSIEM Discovery failed to obtain AWS instance

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_CHECK_APP_LIST_WARNING

Description: Discovery module failed to checking monitorability for windows servers

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

module

Module Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CISCO_IOS_CBQOS_ERROR

Description: Discovery module encountered CBQoS monitoring error

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CISCO_MERAKI_GET_CHILD_DEVICE_WARNING

Description: Discovery module failed to get Cisco Meraki child devices

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CISCO_MERAKI_GET_INTFS_WARNING

Description: Discovery module failed to get Cisco Meraki interfaces

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CISCO_MERAKI_GET_INTF_WARNING

Description: Discovery module failed to get Cisco Meraki interface

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

intfName

Host Interface Name

string

Name of a network interface in a host.



EventType: PH_LIB_TOPO_CISCO_MERAKI_MAC_2_HOST_LOOKUP_FAILED

Description: Discovery module failed to get prev found Meraki device by MAC in mac-to-host table

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_CISCO_MERAKI_MAC_2_INTF_LOOKUP_FAILED

Description: Discovery module failed to get prev found Meraki device by MAC in mac-to-interface table

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_CISCO_UCS_LOGIN_FAILED

Description: Discovery module failed to login to Cisco UCS

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CISCO_UCS_REQUEST_ERROR

Description: Discovery module failed to send request to Cisco UCS

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_CPU_TOO_HIGH

Description: Discovery / Perf Monitoring module found CPU util for device to be too high

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

cpuUtil

CPU Util

double



EventType: PH_LIB_TOPO_CUST_CONFIG_JOB_DOWNLOAD_SCRIPT_FAILED

Description: Discovery / Perf Monitoring module failed to download expect script from app server for custom config job

Severity: 9 (High)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

filePath

File Path

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_CHECK_PATH_ERROR

Description: Discovery / Perf Monitoring module failed to check configured path name for custom FIM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_DEVICE_UNAVAILABLE

Description: Discovery / Perf Monitoring module found that device is not available for custom FIM job

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

command

Command

string

exitValue

Command exit value

int32



EventType: PH_LIB_TOPO_CUST_FIM_JOB_FILE_TOO_LARGE

Description: Discovery / Perf Monitoring FIM module found that file is too large to be pulled

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

filePath

File Path

string

fileSize64

File Size64 Bytes

uint64



EventType: PH_LIB_TOPO_CUST_FIM_JOB_GET_DATA_FAILED

Description: Discovery / Perf Monitoring failed to get data for custom FIM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_GET_FILE_INFO_FAILED

Description: Discovery / Perf Monitoring failed to get general file info for FIM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_GET_MD5_FAILED

Description: Discovery / Perf Monitoring failed to get file MD5 for FIM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_GET_REMOTE_FILE_ERROR

Description: Discovery / Perf Monitoring failed to get remote file for FIM

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

filePath

File Path

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_INCORRECT_CRED

Description: Discovery / Perf Monitoring found incorrect username or password for custom FIM job

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

command

Command

string

exitValue

Command exit value

int32



EventType: PH_LIB_TOPO_CUST_FIM_JOB_RUN_SCP_FAILED

Description: Discovery / Perf Monitoring module failed to runScp.exp for FIM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_FIM_JOB_TOO_MANY_FILES

Description: Discovery / Perf Monitoring module found that files count exceeds the max files count limitation under one directory for custom FIM job

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

dirName

Directory Name

string



EventType: PH_LIB_TOPO_CUST_LOGIN_JOB_CREATE_EVENT_FAILED

Description: Discovery / Perf Monitoring module failed to create event for custom LOGIN job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_LOGIN_JOB_GET_DATA_FAILED

Description: Discovery / Perf Monitoring module failed to get data for custom LOGIN job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_SNMP_JOB_CREATE_EVENT_FAILED

Description: Discovery / Perf Monitoring module failed to create event for custom SNMP job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_SNMP_JOB_GET_DATA_FAILED

Description: Discovery / Perf Monitoring module failed to get data for custom SNMP job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_WMI_JOB_CREATE_EVENT_FAILED

Description: Discovery / Perf Monitoring module failed to create event for custom WMIjob

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_CUST_WMI_JOB_GET_DATA_FAILED

Description: Discovery / Perf Monitoring module failed to get data for custom WMI job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_ETHERMIB_STAT_LOOKUP_ERROR

Description: Discovery / Perf Monitoring module failed to get ethermib stat for interface

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

srcSnmpIntfIndex

Source Interface SNMP Index

uint16

SNMP index of the network interface through which a packet enters a network device. This information is typically present in Firewall logs.



EventType: PH_LIB_TOPO_EVENT_DROP_RULE_ENCODE_VALUE_GROUP_ERROR

Description: Discovery / Perf Monitoring module failed to encode value group

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_EVENT_DROP_RULE_PARSE_ERROR

Description: Parser module failed to parse event dropping rule

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_EXCLUDED_DISK_PARSE_ERROR

Description: Discovery / Perf Monitoring module failed to parse excluded disks

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_FCT_DEV_MAPPING_ENTRY_INVALID

Description: FortiClient device type mapping in /opt/phoenix/data-definition/FortiClientOSVersionMap.csv is invalid.

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FGT_FABRIC_DISCOV_FAIL

Description: FortiGate Fabric Discovery Failure, if security fabric not enabled, this may be normal

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FGT_GET_CONFIG_BACKUP_FAILED

Description: Failed to get config backup for FortiGate. Ensure that the FortiGate's rest api user role allows WRITE for System -> Administrator Users access permissions.

Severity: 6 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_FGT_GET_USER_DEV_STORE_FAIL

Description: FortiGate User Device Store record retrieval failed. This is optional data

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FGT_GET_USER_DEV_UNKNOWN

Description: FortiGate User Device Store identified an unknown device type. Add mapping to /opt/phoenix/data-definition/FortiClientOSVersionMap.csv

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FGT_INSTALLED_SW_FAIL

Description: FortiGate failed to collect software module status via /api/v2/monitor/license/status.

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FGT_SEC_POSTURE_RPT_API_FAIL

Description: FortiGate security posture report could not be retrieved via API on root fabric firewall.

Severity: 6 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_FILE_READ_ERROR

Description: Discovery / Perf Monitoring module failed to read file

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

filePath

File Path

string



EventType: PH_LIB_TOPO_FOUNDRY_HW_STATUS_ERROR

Description: Discovery / Perf Monitoring module failed to get hardware status for Foundry Iron device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

oid

Object Identifier

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_GEN_UPS_STATUS_GET_ERROR

Description: Discovery / Perf Monitoring module failed to get hardware status via SNMP for GEN UPS device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_GET_NETAPP_NFS_FAILED

Description: Discovery / Perf Monitoring module failed to get NFS metrics via SNMP or ONTAP SDK for NetApp Filer

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_H3C_CPU_UTIL_ERROR

Description: Discovery / Perf Monitoring module failed to get CPU Util of H3C via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

oid

Object Identifier

string



EventType: PH_LIB_TOPO_HP3COM_CPU_UTIL_ERROR

Description: Discovery / Perf Monitoring module failed to get CPU Util of Hp3Com via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

oid

Object Identifier

string



EventType: PH_LIB_TOPO_HP3COM_MEM_UTIL_ERROR

Description: Discovery / Perf Monitoring module failed to get CPU Util of Hp3Com device via SNMP

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

oid

Object Identifier

string



EventType: PH_LIB_TOPO_HPUX_PROC_CPU_MEM_TOO_HIGH

Description: Discovery / Perf Monitoring module found HPUX Process CPU Util or Mem Util too high

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

procName

Process Name

string

cpuUtil

CPU Util

double

memUtil

Memory Util

double



EventType: PH_LIB_TOPO_HYPERV_METRICS_GET_ERROR

Description: Discovery / Perf Monitoring module failed to get HyperV metrics

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_IMPORTANT_INTF_PARSE_ERROR

Description: Discovery / Perf Monitoring module failed to parse important interfaces

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_INTF_UTIL_ERROR

Description: Discovery / Perf Monitoring module found interface util monitoring data inconsistency

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

intfName

Host Interface Name

string

Name of a network interface in a host.



EventType: PH_LIB_TOPO_JSON_PARSE_FAILED

Description: Failed to parse JSON

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_JUNIPER_INTF_SPEED_GET_ERROR

Description: Discovery / Perf Monitoring module failed to get interface speed from Juniper firewall

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

intfName

Host Interface Name

string

Name of a network interface in a host.



EventType: PH_LIB_TOPO_LIEBERT_HVAC_STATUS_GET_ERROR

Description: Discovery / Perf Monitoring module failed to get hardware status via SNMP for LIEBERT HAVC device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_LOGIN_PING_FAILED

Description: Discovery / Perf Monitoring module failed to execute a login command for discovery pruposes

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

ipPort

IP Port

uint16

IP port number

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_MAINTENANCE_DURATION_INCORRECT

Description: Perf Monitoring module failed to properly parse device maintenance duration from App Server

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string



EventType: PH_LIB_TOPO_MEM_TOO_HIGH

Description: Discovery / Perf Monitoring module memory util for device to be too high

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

memUtil

Memory Util

double



EventType: PH_LIB_TOPO_NETAPP_AGGREGATE_STAT_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp Aggregate Stat via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_ANALYZE_VERSION_ERROR

Description: Discovery / Perf Monitoring module failed to analyze NetApp version via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_DISK_STAT_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp Disk Stat via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_GET_NFS_METRIC_ERROR

Description: Discovery / Perf Monitoring module failed to obtain NetApp NFS V3 metrics via ONTAPI

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_GET_VERSION_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp version -- volume latencies may not be correct

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_NETAPP_LUN_STAT_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp LUN Stat via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_PROTO_STAT_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp Protocol Stat via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NETAPP_VOLUME_STAT_ERROR

Description: Discovery / Perf Monitoring module failed to get NetApp Volume Stat via ONTAP SDK

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_NOT_SUPPORT_REST_API

Description: Rest API doesn't support in this fortigate version

Severity: 5 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_PARSE_INTF_MAP_FAILURE

Description: Discovery / Perf Monitoring module failed to parse device interface map

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_PERF_JOB_EXEC_FAILED

Description: Perf Monitoring module failed to execute a specific performance monitoring job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

jobId

Job Id

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_PERF_JOB_INIT_FAILED

Description: Perf Monitoring module failed to initialize the performance monitoring job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_PERF_JOB_REMOVE_FAILED

Description: Perf Monitoring module failed to remove performance monitoring job by JOB ID

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

jobId

Job Id

string



EventType: PH_LIB_TOPO_PERF_TEMPLATE_LOAD_ERROR

Description: Perf Monitoring module failed to load performance monitor template xml

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_PERF_TEMPLATE_PARSE_FAILURE

Description: Perf Monitoring module failed to parse performance monitor template xml

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_PERF_TEMPLATE_PARSE_WARNING

Description: Perf Monitoring module skipped one device type while loading Performance Monitor template xml

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_PORT_FILTER_PARSE_ERROR

Description: Perf Monitoring module failed to parse port filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_PORT_FILTER_PUSH_ERROR

Description: Perf Monitoring module found empty protocol name in Port Filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_PROC_CPU_MEM_TOO_HIGH

Description: Perf Monitoring module found process CPU Util or Mem Util to be too high

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

procName

Process Name

string

cpuUtil

CPU Util

double

memUtil

Memory Util

double



EventType: PH_LIB_TOPO_REST_API_FAILED

Description: Failed to call a REST API

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

infoURL

Informational URL

string

This field captures an URL if present in an event

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_RUN_SW_FILTER_PARSE_ERROR

Description: Discovery / Perf Monitoring module found failed to parse running software filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_RUN_SW_FILTER_PUSH_ERROR

Description: Discovery / Perf Monitoring module found empty name and path in running software Filter

Severity: 7 (Medium)

Event Category: 3 (System Logs)


EventType: PH_LIB_TOPO_SNMPWALK_ERROR

Description: Discovery / Perf Monitoring module found found empty or incomplete snmpwalk response

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

oid

Object Identifier

string



EventType: PH_LIB_TOPO_STM_JOB_EXEC_FAILED

Description: Discovery / Perf Monitoring module failed to execute STM job for device

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string



EventType: PH_LIB_TOPO_STM_JOB_INIT_FAILED

Description: Perf Monitoring module failed to initialize the STM job

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

jobName

Job Name

string

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_TEST_CONN_HTTP_AGENT_FAILED

Description: Discovery module failed to test connectivity for http java agent

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errorString

Error String

string

This is the error message, synonymous to attribute errReason



EventType: PH_LIB_TOPO_TEST_CONN_JDBC_AGENT_FAILED

Description: Discovery module failed to test connectivity for jdbc java agent

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errorString

Error String

string

This is the error message, synonymous to attribute errReason



EventType: PH_LIB_TOPO_TEST_CONN_JMX_AGENT_FAILED

Description: Discovery module failed to test connectivity for jmx java agent

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errorString

Error String

string

This is the error message, synonymous to attribute errReason



EventType: PH_LIB_TOPO_TRUNK_PORT_MAP_PARSE_ERROR

Description: Discovery module failed to parse trunk port map

Severity: 7 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_VALIDATE_ACCESS_FAILED

Description: Perf Monitor module found device credential issues during initialization

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_DATABASE_INSTANCE_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange Database instance metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_DATABASE_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange Database metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_MAIL_SUBMISSION_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange mail submission metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_PUB_MAILBOX_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange public mailbox metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_REG_MAILBOX_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange regular mailbox metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_REPLICATION_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange replication metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_RPC_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange RPC metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_SMTP_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange SMTP metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_STORE_INTF_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange store interface metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WIN_GET_EXCH_TRANSPORT_QUEUE_WARNING

Description: Discovery/Perf Monitor module failed to get Exchange transport queue metrics via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WMI_GET_CPU_COUNT_ERROR

Description: Discovery/Perf Monitor module failed to get Windows CPU count via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WMI_GET_CPU_WARNING

Description: Discovery/Perf Monitor module failed to get CPU info for Windows device

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WMI_GET_PAGE_ACTIVITY_ERROR

Description: Discovery/Perf Monitor module failed to get Windows paging activity via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WMI_GET_REAL_MEM_ERROR

Description: Discovery/Perf Monitor module failed to get Windows real memory via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_LIB_TOPO_WMI_GET_RUN_SW_PERF_ERROR

Description: Discovery/Perf Monitor module failed to get Windows running software performance via WMI

Severity: 5 (Medium)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

hostName

Host Name

string

This is the hostname of the device of interest in the event

hostIpAddr

Host IP

IP

This is the IP of the device of interest in the event.

errReason

Reason for Error

string

This is the reason for an error if given.



EventType: PH_MAX_DEVICES_EXCEEDED

Description: Max number of devices exceeded license

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_MAX_DEVICES_LIMIT_REACHED

Description: Max number of devices exceeded license

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_TEST_CONN_COMPLETE

Description: Test Connectivity completed

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_TEST_CONN_CONTACT_APP_SERVER

Description: Test Connectivity module contacting app server

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.

destIpPort

Destination TCP/UDP Port

uint16

This is the destination TCP or UDP port as identified in the event



EventType: PH_TEST_CONN_FAILED_INVALID_REQUEST

Description: Test Connectivity failed - invalid discovery request from App Server

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_TEST_CONN_FAILED_INVALID_REQUEST_XML

Description: Test Connectivity failed - invalid discovery request XML from App Server

Severity: 9 (High)

Event Category: 3 (System Logs)


EventType: PH_TEST_CONN_RECVD_VALID_REQUEST

Description: Received valid test connectivity request from app server

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.



EventType: PH_TEST_CONN_RESULT_SENT

Description: Test Connectivity results sent to app server

Severity: 1 (Low)

Event Category: 3 (System Logs)


EventType: PH_TEST_CONN_STARTED

Description: Starting test connectivity for a device

Severity: 1 (Low)

Event Category: 3 (System Logs)

Attributes:

Id

Display name

Type

Description

destIpAddr

Destination IP

IP

Destination IP of a device as identified in the event.