High System Log Messages
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
PAN-OS 11.0 (EoL)
- PAN-OS 11.1 & Later
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- Cloud Management of NGFWs
-
- Management Interfaces
-
- Launch the Web Interface
- Configure Banners, Message of the Day, and Logos
- Use the Administrator Login Activity Indicators to Detect Account Misuse
- Manage and Monitor Administrative Tasks
- Commit, Validate, and Preview Firewall Configuration Changes
- Commit Selective Configuration Changes
- Export Configuration Table Data
- Use Global Find to Search the Firewall or Panorama Management Server
- Manage Locks for Restricting Configuration Changes
-
-
- Define Access to the Web Interface Tabs
- Provide Granular Access to the Monitor Tab
- Provide Granular Access to the Policy Tab
- Provide Granular Access to the Objects Tab
- Provide Granular Access to the Network Tab
- Provide Granular Access to the Device Tab
- Define User Privacy Settings in the Admin Role Profile
- Restrict Administrator Access to Commit and Validate Functions
- Provide Granular Access to Global Settings
- Provide Granular Access to the Panorama Tab
- Provide Granular Access to Operations Settings
- Panorama Web Interface Access Privileges
-
- Reset the Firewall to Factory Default Settings
-
- Plan Your Authentication Deployment
- Pre-Logon for SAML Authentication
- Configure SAML Authentication
- Configure Kerberos Single Sign-On
- Configure Kerberos Server Authentication
- Configure TACACS+ Authentication
- Configure RADIUS Authentication
- Configure LDAP Authentication
- Configure Local Database Authentication
- Configure an Authentication Profile and Sequence
- Test Authentication Server Connectivity
- Troubleshoot Authentication Issues
-
- Keys and Certificates
- Default Trusted Certificate Authorities (CAs)
- Certificate Deployment
- Configure the Master Key
- Export a Certificate and Private Key
- Configure a Certificate Profile
- Configure an SSL/TLS Service Profile
- Configure an SSH Service Profile
- Replace the Certificate for Inbound Management Traffic
- Configure the Key Size for SSL Forward Proxy Server Certificates
-
- HA Overview
-
- Prerequisites for Active/Active HA
- Configure Active/Active HA
-
- Use Case: Configure Active/Active HA with Route-Based Redundancy
- Use Case: Configure Active/Active HA with Floating IP Addresses
- Use Case: Configure Active/Active HA with ARP Load-Sharing
- Use Case: Configure Active/Active HA with Floating IP Address Bound to Active-Primary Firewall
- Use Case: Configure Active/Active HA with Source DIPP NAT Using Floating IP Addresses
- Use Case: Configure Separate Source NAT IP Address Pools for Active/Active HA Firewalls
- Use Case: Configure Active/Active HA for ARP Load-Sharing with Destination NAT
- Use Case: Configure Active/Active HA for ARP Load-Sharing with Destination NAT in Layer 3
- HA Clustering Overview
- HA Clustering Best Practices and Provisioning
- Configure HA Clustering
- Refresh HA1 SSH Keys and Configure Key Options
- HA Firewall States
- Reference: HA Synchronization
-
- Use the Dashboard
- Monitor Applications and Threats
- Monitor Block List
-
- Report Types
- View Reports
- Configure the Expiration Period and Run Time for Reports
- Disable Predefined Reports
- Custom Reports
- Generate Custom Reports
- Generate the SaaS Application Usage Report
- Manage PDF Summary Reports
- Generate User/Group Activity Reports
- Manage Report Groups
- Schedule Reports for Email Delivery
- Manage Report Storage Capacity
- View Policy Rule Usage
- Use External Services for Monitoring
- Configure Log Forwarding
- Configure Email Alerts
-
- Configure Syslog Monitoring
-
- Traffic Log Fields
- Threat Log Fields
- URL Filtering Log Fields
- Data Filtering Log Fields
- HIP Match Log Fields
- GlobalProtect Log Fields
- IP-Tag Log Fields
- User-ID Log Fields
- Decryption Log Fields
- Tunnel Inspection Log Fields
- SCTP Log Fields
- Authentication Log Fields
- Config Log Fields
- System Log Fields
- Correlated Events Log Fields
- GTP Log Fields
- Audit Log Fields
- Syslog Severity
- Custom Log/Event Format
- Escape Sequences
- Forward Logs to an HTTP/S Destination
- Firewall Interface Identifiers in SNMP Managers and NetFlow Collectors
- Monitor Transceivers
-
- User-ID Overview
- Enable User-ID
- Map Users to Groups
- Enable User- and Group-Based Policy
- Enable Policy for Users with Multiple Accounts
- Verify the User-ID Configuration
-
- App-ID Overview
- App-ID and HTTP/2 Inspection
- Manage Custom or Unknown Applications
- Safely Enable Applications on Default Ports
- Applications with Implicit Support
-
- Prepare to Deploy App-ID Cloud Engine
- Enable or Disable the App-ID Cloud Engine
- App-ID Cloud Engine Processing and Policy Usage
- New App Viewer (Policy Optimizer)
- Add Apps to an Application Filter with Policy Optimizer
- Add Apps to an Application Group with Policy Optimizer
- Add Apps Directly to a Rule with Policy Optimizer
- Replace an RMA Firewall (ACE)
- Impact of License Expiration or Disabling ACE
- Commit Failure Due to Cloud Content Rollback
- Troubleshoot App-ID Cloud Engine
- Application Level Gateways
- Disable the SIP Application-level Gateway (ALG)
- Maintain Custom Timeouts for Data Center Applications
-
- Decryption Overview
-
- Keys and Certificates for Decryption Policies
- SSL Forward Proxy
- SSL Forward Proxy Decryption Profile
- SSL Inbound Inspection
- SSL Inbound Inspection Decryption Profile
- SSL Protocol Settings Decryption Profile
- SSH Proxy
- SSH Proxy Decryption Profile
- Profile for No Decryption
- SSL Decryption for Elliptical Curve Cryptography (ECC) Certificates
- Perfect Forward Secrecy (PFS) Support for SSL Decryption
- SSL Decryption and Subject Alternative Names (SANs)
- TLSv1.3 Decryption
- High Availability Not Supported for Decrypted Sessions
- Decryption Mirroring
- Configure SSL Forward Proxy
- Configure SSL Inbound Inspection
- Configure SSH Proxy
- Configure Server Certificate Verification for Undecrypted Traffic
- Enable Users to Opt Out of SSL Decryption
- Temporarily Disable SSL Decryption
- Configure Decryption Port Mirroring
- Verify Decryption
- Activate Free Licenses for Decryption Features
-
- Policy Types
- Policy Objects
- Track Rules Within a Rulebase
- Enforce Policy Rule Description, Tag, and Audit Comment
- Move or Clone a Policy Rule or Object to a Different Virtual System
-
- External Dynamic List
- Built-in External Dynamic Lists
- Configure the Firewall to Access an External Dynamic List
- Retrieve an External Dynamic List from the Web Server
- View External Dynamic List Entries
- Exclude Entries from an External Dynamic List
- Enforce Policy on an External Dynamic List
- Find External Dynamic Lists That Failed Authentication
- Disable Authentication for an External Dynamic List
- Register IP Addresses and Tags Dynamically
- Use Dynamic User Groups in Policy
- Use Auto-Tagging to Automate Security Actions
- CLI Commands for Dynamic IP Addresses and Tags
- Application Override Policy
- Test Policy Rules
-
- Network Segmentation Using Zones
- How Do Zones Protect the Network?
-
PAN-OS 11.1 & Later
- PAN-OS 11.1 & Later
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
-
- Tap Interfaces
-
- Layer 2 and Layer 3 Packets over a Virtual Wire
- Port Speeds of Virtual Wire Interfaces
- LLDP over a Virtual Wire
- Aggregated Interfaces for a Virtual Wire
- Virtual Wire Support of High Availability
- Zone Protection for a Virtual Wire Interface
- VLAN-Tagged Traffic
- Virtual Wire Subinterfaces
- Configure Virtual Wires
- Configure a PPPoE Client on a Subinterface
- Configure an IPv6 PPPoE Client
- Configure an Aggregate Interface Group
- Configure Bonjour Reflector for Network Segmentation
- Use Interface Management Profiles to Restrict Access
-
- DHCP Overview
- Firewall as a DHCP Server and Client
- Firewall as a DHCPv6 Client
- DHCP Messages
- Dynamic IPv6 Addressing on the Management Interface
- Configure an Interface as a DHCP Server
- Configure an Interface as a DHCPv4 Client
- Configure an Interface as a DHCPv6 Client with Prefix Delegation
- Configure the Management Interface as a DHCP Client
- Configure the Management Interface for Dynamic IPv6 Address Assignment
- Configure an Interface as a DHCP Relay Agent
-
- DNS Overview
- DNS Proxy Object
- DNS Server Profile
- Multi-Tenant DNS Deployments
- Configure a DNS Proxy Object
- Configure a DNS Server Profile
- Use Case 1: Firewall Requires DNS Resolution
- Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolution for Security Policies, Reporting, and Services within its Virtual System
- Use Case 3: Firewall Acts as DNS Proxy Between Client and Server
- DNS Proxy Rule and FQDN Matching
-
- NAT Rule Capacities
- Dynamic IP and Port NAT Oversubscription
- Dataplane NAT Memory Statistics
-
- Translate Internal Client IP Addresses to Your Public IP Address (Source DIPP NAT)
- Create a Source NAT Rule with Persistent DIPP
- PAN-OS
- Strata Cloud Manager
- Enable Clients on the Internal Network to Access your Public Servers (Destination U-Turn NAT)
- Enable Bi-Directional Address Translation for Your Public-Facing Servers (Static Source NAT)
- Configure Destination NAT with DNS Rewrite
- Configure Destination NAT Using Dynamic IP Addresses
- Modify the Oversubscription Rate for DIPP NAT
- Reserve Dynamic IP NAT Addresses
- Disable NAT for a Specific Host or Interface
-
- Network Packet Broker Overview
- How Network Packet Broker Works
- Prepare to Deploy Network Packet Broker
- Configure Transparent Bridge Security Chains
- Configure Routed Layer 3 Security Chains
- Network Packet Broker HA Support
- User Interface Changes for Network Packet Broker
- Limitations of Network Packet Broker
- Troubleshoot Network Packet Broker
-
- Enable Advanced Routing
- Logical Router Overview
- Configure a Logical Router
- Create a Static Route
- Configure BGP on an Advanced Routing Engine
- Create BGP Routing Profiles
- Create Filters for the Advanced Routing Engine
- Configure OSPFv2 on an Advanced Routing Engine
- Create OSPF Routing Profiles
- Configure OSPFv3 on an Advanced Routing Engine
- Create OSPFv3 Routing Profiles
- Configure RIPv2 on an Advanced Routing Engine
- Create RIPv2 Routing Profiles
- Create BFD Profiles
- Configure IPv4 Multicast
- Configure MSDP
- Create Multicast Routing Profiles
- Create an IPv4 MRoute
-
-
PAN-OS 11.2
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 8.1 (EoL)
- Cloud Management and AIOps for NGFW
End-of-Life (EoL)
High System Log Messages
E-Log
Log Tags:
- auth
- bfd
- clusterd
- dhcp
- dns-security
- dynamic-updates
- fips
- general
- globalprotect
- hw
- iot
- ipv6nd
- lldp
- port
- resctrl
- routing
- tls
- url-filtering
- userid
- wildfire
auth
Event ID | Message |
---|---|
saml-certificate-error | The certificate of SAML IdP entity Id "<name>" is not configured, but it is asked to validate it in IdP server profile "<name>" |
saml-certificate-error | Failed to get cert config on vsys <id> |
saml-certificate-error | Failed to find cert for <name> in vsys <id> |
saml-certificate-error | Failed to validate the signature in IdP certificate "<name>" of entity Id "<name>" |
saml-certificate-error | can't build CredentialResolver for public key "<key>" of IdP entity id "<name>" in server profile "<profile>" |
saml-certificate-error | can't tranform one line buffer for the public key "<key>" of IdP entity id "<id>" in server profile "<profile>" |
saml-certificate-error | User "<name>" is extracted from SAML SSO response from IdP "<name>", which doesn't have a certificate configured in server profile "<profile>" of auth profile "<profile>" |
saml-certificate-error | Request signing certificate (object name: <name>) in SAML auth profile "<name>" has expired |
saml-certificate-error | The certificate (object name: <name>) of SAML IdP entity Id "<name>" in IdP server profile "<name>" has expired |
saml-certificate-error | IdP "<name>" doesn't have a certificate, while incoming SAML message has signature without X509Certificate |
saml-certificate-error | SAML Assertion IdP certificate "<name>" (used in server profile "<name>") <reason> |
saml-certificate-error | SAML no certificate profile is configured to check the revoke status of IdP cert "<name>" (in server profile "<name>") |
saml-certificate-error | No IdP certificate is configured for IdP "<id>", no x509certificate in the incoming message, can't verify signature |
saml-certificate-error | SAML <type> failure for user '<name>' - IdP "<id>" certificate "<name>" for server profile "<name>" has expired |
saml-certificate-error | SAML <type> from IdP "<name>" (auth profile "<name>") is signed by unknown signer "<name>" and has been rejected |
saml-certificate-error | SAML <type> failure - Request signing certificate "<name>" for SAML auth profile "<name>" has expired |
saml-certificate-error | SAML simple sign the SAML message failed (signing certificate object: "<name>") |
saml-certificate-error | SAML sign the SAML message failed (signing certificate object: "<name>") |
saml-certificate-error | Failure while validating the signature of SAML message received from the IdP "<id>", because the certificate in the SAML Message doesn't match the IDP certificate configured on the IdP Server Profile "<profile>". (SP: "<type>"), (Client IP: <ip>), (vsys: <id>), (authd id: <id>), (user: <name>) |
saml-message-parse-error | SAML Assertion from '<name>' is malformed |
saml-message-parse-error | Failed to convert SAML message payload into xml tree |
saml-message-parse-error | SAML Assertion: InResponseToID "<id>" != OriginalReqID "<id>" |
saml-message-parse-error | SAML message from IdP "<name>" has no Assertion |
saml-message-parse-error | SAML SSO response from "<name>" has no usernameattribute and saml:Subject NameID field |
saml-message-parse-error | username: entered "<name>" != returned "<name>" from IdP "<name>" -> reject SAML auth due to security concerns |
saml-message-parse-error | SAML SLO request message from '<name>' is malformed |
saml-message-parse-error | SAML message is not of V2.0 |
saml-message-parse-error | SAML message has no IssueInstant |
saml-message-parse-error | SAML message from IdP "<id>" has no Issuer node |
saml-message-parse-error | SAML message from IdP "<id>" has empty Issuer node value |
saml-message-parse-error | SAML IdP entityID: parsed "<id>" != configured "<id>" |
saml-message-parse-error | SAML SLO request message has no signature, but validate-idp-certificate is enabled |
saml-message-parse-error | SAML message has no NameID |
saml-message-parse-error | SAML message has no SessionIndex |
saml-message-parse-error | SAML SLO response message from '<name>' is malformed |
saml-message-parse-error | SAML SLO: InResponseToID "<name>" != OriginalReqID "<id>" |
saml-message-parse-error | SAML SLO response status: received "<name>" != "urn:oasis:names:tc:SAML:2.0:status:Success" |
saml-message-parse-error | SAML SLO message has no Status |
saml-message-parse-error | SAML message is not of Version 2.0 |
saml-message-parse-error | SAML message from IdP "<name>" has no NameID |
saml-message-parse-error | SAML message from IdP "<name>" SSO: InResponseToID "<id>" != OriginalReqID "<id>" |
saml-message-parse-error | SAML message from IdP "<name>" has no Subject |
saml-message-parse-error | SAML message from IdP "<name>"(server profile "<name>") was created in the future (not_before "<time>" - max_clock_skew <num> > now <time>) |
saml-message-parse-error | SAML message from IdP "<name>" (server profile "<name>") was expired already (not_on_or_after "<time>" + max_clock_skew <num> <= now <time>) |
saml-message-parse-error | SAML message from IdP "<name>" has no Conditions |
saml-message-parse-error | SAML message from IdP "<name>" has no AuthnInstant |
saml-message-parse-error | SAML message from IdP "<name>" has no SessionIndex |
saml-message-parse-error | SAML message from IdP "<name>" has no AuthnStatement |
saml-message-parse-error | SAML message from IdP "<name>": Error to extract AttributeStatement |
saml-message-parse-error | Failed to verify signature against certificate of IdP "<name>" |
saml-message-parse-error | For user "<name>", SAML message has no Signature from IdP "<name>", whose certificate "<name>" is configured in server profile "<name>" of auth profile "<name>" |
saml-message-parse-error | SAML signature in message from IdP "<name>" can't be validated |
cas-message | (profile id:<id>)<message> |
general | Device cert is not available, to enable the cloud auth profile "<name>" on vsys "<name>" |
cas-token-invalidated | Failed to validate CAS token from client '<name>' from '<url>' with auth_session_id '<id>' and username '<name>' |
cas-certificate-warning | Expired CAS certificate '<name>' in region '<name>' |
cas-certificate-warning | Expired device certificate '<name>' |
cas-certificate-warning | CAS certificate '<name>' in region '<name>' will expire in <num> day[s] |
cas-certificate-warning | Device certificate '<name>' will expire in <num> day[s] |
saml-certificate-warning | SAML Assertion: signature is validated against IdP certificate (subject '<name>') for user '<name>' |
saml-certificate-warning | Certificate '<name>' of IdP server profile '<name>' in SAML authentication profile '<name>' is expired |
saml-certificate-warning | Request signing certificate '<name>' in SAML authentication profile '<name>' is expired |
saml-certificate-warning | Certificate '<name>' of IdP server profile '<name>' in SAML authentication profile '<name>' will expire in <num> day |
saml-certificate-warning | Request signing certificate '<name>' in SAML authentication profile '<name>' will expire in %d day%s |
cas-certificate-error | Device certificate "<name>" was expired for <num> seconds |
bfd
Event ID | Message |
---|---|
admin-down | BFD administrative down for BFD session <name> to neighbor <name> on interface <name>. Protocol: <proto> |
expired-time | BFD control detection time expired for BFD session <name> to neighbor <name> on interface <name>. Protocol: <name> |
neighbor-down | BFD neighbor signaled session down for BFD session <name> to neighbor <name> on interface <name>. Protocol: <name> |
session-state-change | BFD state changed to <name> for BFD session <name> to neighbor <name> on interface <name>. Protocol: <name> |
admin-down | BFD administrative down for BFD session <name> to neighbor <name> on interface <name>. Protocol: <name> |
admin-down | BFD administrative down for BFD session <name> to neighbor <name> on interface <name>. Protocol: <name> |
admin-down | BFD administrative down for BFD session <name> to neighbor <name> on interface <name>. Protocol: <name> |
clusterd
Event ID | Message |
---|---|
cluster-daemon-cfg-giveup | Cluster daemon is unable to get last cfg from cfgagent. Out of retries. |
cluster-other-ip-incompatible | Peer node IP is not compatible with current cluster interface IP |
dhcp
Event ID | Message |
---|---|
if-update-fail | DHCP <desc>: interface <name>, dhcp server: <name> |
if-update-fail | DHCP <name>: interface <name>, ip <ip> netmask <mask> dhcp server: <name> |
dns-security
Event ID | Message |
---|---|
PAN_ELOG_EVENT_DNSSEC_DNS_CLOUD_CONNECTION_NOHOST | DNS Security cloud service DNS resolution failed. |
PAN_ELOG_EVENT_DNSSEC_DNS_CLOUD_CONNECTION_NOROUTE | DNS Security cloud service network connectivity failed. |
PAN_ELOG_EVENT_DNSSEC_DNS_CLOUD_CONNECTION_REFUSED | DNS Security cloud service connection refused. |
PAN_ELOG_EVENT_DNSSEC_DNS_CLOUD_DOWN | DNS Security cloud service unavailable. |
dynamic-updates
Event ID | Message |
---|---|
palo-alto-networks-message | <message> |
fips
Event ID | Message |
---|---|
fips-zeroization | File zeroization error: <error> |
fips-zeroization | Ram zeroization error |
general
Event ID | Message |
---|---|
general | Error setting CURLOPT_WRITEDATA with fd = <id> (code: <id>; msg: <msg>) |
general | Error retrieving CRL from "<name>" (code: <id>; msg: <msg>) (curl timeout setting: <num> sec) |
general | Error loading CRL from "<name>" |
general | |
general | Failed to parse CRL <name> (reason: <reason>) |
general | Request made to the server "<url>" returned with HTTP response code : <id> |
general | Request made to the server "<url>" returned with HTTP response code : <id> |
general | Machine Learning engine for <name> stopped, please update your content |
general | MLAV cloud error, all machine Learning engines stopped |
bootstrap-failure | Failed to process registration from bootstrapped device <name>, since vm-auth-key not found in request. |
bootstrap-failure | Failed to process registration from bootstrapped device <name>, since vm-auth-key <name> is invalid. |
tac-login | TAC debug access failed for <name> from <ip> |
globalprotect
Event ID | Message |
---|---|
globalprotectgateway-invalid-license | GlobalProtect Subscription License has expired. Please activate the license by logging into Customer Support Portal to continue using GlobalProtect features. |
hw
Event ID | Message |
---|---|
bootstrap-license-failure | Failed to install license using authcode <id> |
slot-unsupported | Slot <id> (<model>) will not be utilized when the Session Distribution Policy is set to ingress-slot. The session distribution policy must be set to some value other than ingress-slot. |
bootstrap-license-failure | Failed to install license key for file <name> |
bootstrap-license-failure | Failed to install license using authcode <name> |
bootstrap-content-failure | Invalid iot image. Failed to get major version, minor version, and digest for file <name> |
bootstrap-content-failure | Invalid image. Failed to get major version, minor version, and digest for file <name> |
bootstrap-content-failure | Invalid image. Failed to get major version, minor version, and digest for file <name> |
bootstrap-content-failure | Invalid image. Failed to get major version, minor version, and digest for file <name> |
bootstrap-content-failure | Failed to schedule content install job for file <name> |
bootstrap-content-failure | Content cannot be installed. <error> |
iot
Event ID | Message |
---|---|
ha-queue-full | HA queue is full |
ipv6nd
Event ID | Message |
---|---|
inconsistent-ra-message-received | An inconsistent router advertisement was received from address <ip> on interface <name>. |
lldp
Event ID | Message |
---|---|
tooManyNeighbors timer cleared | TooManyNeighbors error cleared for <xx>:<xx>:<xx>:<xx>:<xx>:<xx> on interface <index> |
tx error | Receive error for <xx>:<xx>:<xx>:<xx>:<xx>:<xx> on interface <index> for TLV <index> |
rx error | Receive error for <xx>:<xx>:<xx>:<xx>:<xx>:<xx> on interface <index> for TLV <index> |
too many neighbors | Max MIB size reached: LLDP neighbor addition failed for <xx>:<xx>:<xx>:<xx>:<xx>:<xx> on interface <index> |
port
Event ID | Message |
---|---|
link-change | Port MGT: Down <type> |
resctrl
Event ID | Message |
---|---|
mem-limit-exceeded | Memory lmt exceeds. cgroup_name <name> memsw_limit_in_bytes <num> memsw_usage_in_bytes <num> |
routing
Event ID | Message |
---|---|
routed-BGP-peer-left-established | BGP peer session left established state. peer name: <name>, peer IP: <ip>. |
routed-BGP-peer-restarted | Initiated graceful-restart with a BGP peer. peer name: <name>, peer IP: <ip>. |
routed-BGP-peer-prefix-exceeded | BGP peer advertised more than maximum allowed prefixes. peer name: <name>, peer IP: <ip>. |
route-table-capacity | Route table capacity reached. |
routed-BGP-peer-left-established | BGP peer session left established state. |
routed-OSPF-neighbor-down | OSPF adjacency with neighbor has gone down. |
routed-RIP-peer-del | RIP peer disappeared. |
tls
Event ID | Message |
---|---|
tls-X509-validation-failed | <name> Server certificate validation failed. Dest Addr: <address>, Reason: <reason> |
tls-X509-validation-failed | <name> server certificate authentication failed |
url-filtering
Event ID | Message |
---|---|
url-download-failure | PAN-DB cloud list loading failed (ERROR:<error>). |
url-download-failure | Failed to download the cloud list from the master cloud. |
url-cloud-connection-failure | URL cloud list is empty. "Cannot initiate cloud connection. |
url-cloud-connection-failure | Could not open file /opt/pancfg/opt/pan/content/pan/urlcloud_list.txt. errno=<error>. |
url-cloud-connection-failure | Failed to send update request to the cloud |
url-cloud-connection-failure | Cloud is not ready Free <num> requests without processing. |
url-cloud-connection-failure | Cloud is not ready, There was no update from the cloud in the last <num> minutes. |
url-cloud-connection-failure | CLOUD CONNECTION: cloud not OK |
update-version-failure | Failed to update DP, update version <name>. |
update-version-failure | Failed to update version <version>. |
update-version-failure | Failed to update version <version>. |
update-version-failure | Failed to update version <version>. |
update-version-failure | Failed to update version <version>. |
seed-out-of-sync | PAN-DB sw <version> is not compatible with the cloud sw <version> Upgrade sw is required!!! |
url-cloud-connection-failure | Failed to create the Cloud Connection Agent. |
userid
Event ID | Message |
---|---|
connect-agent-failure | User-ID Agent peer's certificate RSA public key size is less than 2048 bits |
connect-agent-failure | User-ID Agent X509_verify_cert returned error <id>, error = '<error>' |
connect-agent-failure | User-ID Agent server cert revoked/invalid |
connect-agent-failure | User-ID Agent cert name validation failed |
connect-agent-failure | Redistribution Agent <name>(vsys<id>): <status> details: close connection to agent |
user-group-count | User Group count of <num> exceeds threshold of <num> |
connect-vm-info-source-failure | vm-info-source <name>(vsys<id>): failed to connected to <host>, status <message> |
connect-agent-failure | <agent> <name>(vsys<id>): <status> details: <details> |
HA-queue-full | HA queue is full |
HA-queue-full | CFG HA queue is full |
connect-agent-failure | User-ID Agent peer's certificate RSA public key size is less than 2048 bits |
connect-agent-failure | User-ID Agent X509_verify_cert returned error <num> error = '<error>' |
connect-agent-failure | User-ID Agent cert name validation failed |
connect-agent-failure | User-ID Agent server cert revoked/invalid |
connect-agent-failure | User-ID Agent peer's certificate RSA public key size is less than 2048 bits |
connect-agent-failure | User-ID Agent X509_verify_cert returned error <num> error = '<error>' |
connect-agent-failure | User-ID Agent cert name validation failed |
connect-agent-failure | User-ID Agent server cert revoked/invalid |
connect-agent-failure | User-ID Agent server cert revoked/invalid |
connect-agent-failure | User-ID Agent peer's certificate RSA public key size is less than 2048 bits |
connect-agent-failure | User-ID Agent X509_verify_cert returned error <num>, error = '<error>' |
connect-agent-failure | User-ID Agent cert name validation failed |
connect-server-monitor-failure | User-ID server monitor <name>(vsys<id>) <status> |
connect-server-monitor | User-ID WinRM server monitor <name>(vsys<id>): certificate RSA public key size is less than 2048 bits |
connect-server-monitor | User-ID WinRM X509_verify_cert returned error <num> error = '<error>' |
connect-server-monitor | User-ID WinRM cert name validation failed |
connect-server-monitor | User-ID WinRM server cert revoked/invalid |
connect-server-monitor-failure | Server monitor <name>(vsys<id>): connection failed, <error> |
connect-vm-info-source-failure | vm-info-source <name>(vsys<id>): failed to connected to <host>, status <status> |
connect-vm-info-source-failure | vm-info-source <name>(vsys<id>): failed to connected to <host>, status <status> |
connect-vm-info-source-failure | vm-info-source <name>(vsys<id>): failed to connected to GCE, status <status> |
connect-vm-info-source-failure | vm-info-source <name>(vsys<id>): failed to connected to <host>, status <status> |
wildfire
Event ID | Message |
---|---|
wildfire-auth-failed | WildFire failed to retrieve verdict.Authentication or Client Certificate failure. |
wildfire-auth-failed | WildFire failed to send query.Authentication or Client Certificate failure. |
wildfire-disabled-by-cloud | WildFire failed to send query.Client Certificate has expired or is not yet valid. |
wildfire-auth-failed | WildFire failed to send query."Authentication or Client Certificate failure. |
wildfire-invalid-cloud-info | WildFire <name> channel registration received invalid cloud info. Details in varrcvr.log. |
wildfire-no-license | WildFire <name> channel registration failed due to invalid WildFire license. |
wildfire-wrong-cloud-type | WildFire registration failed. Cloud type <type> (<name>) is not allowed for <name> channel. |
wildfire-auth-failed | WildFire registration failed.Authentication or Client Certificate failure. |
wildfire-auth-failed | WildFire registration failed.Mismatched Serial number in certificate and payload. |
wildfire-no-policy | WildFire <name> channel disabled. "Invalid <name> Cloud server configuration '<name>'. |
Slog
- GRPC status DEADLINE_EXCEEDED in intelligent offload
- Inserted 100G QSFP28 module "(Vendor '<name>';Part '<name>';id '<id>') is not supported on 40G (port <num>) of PA-5220.
- No valid dataplane ports found at startup.
- Failed to install SSL Inbound Certificate(s) in Data Plane.
- Memory error detected.
- <name>Drive error detected.
- Not enough space to load content to SHM
- device-server HA queue is full
- GlobalProtect data file version <version> failed to install version
- Number of hints on disk has exceeded <num> due to log forward failures.
- Created CSR Cert '<name>'
- Delete Cert '<name>'
- Created CA Cert '<name>'
- Signed Cert '<name>' for device '<name>'
- Signed Renewal Cert '<name>' for device '<name>'
- SC3 Device certificate state has been reset!
- Attempted to fix partition <name>. If any problems are encounted, it is advisable to update this partition
- Daily packet capture limit (directory <name> limit <num>) has been reached.
- Unable to get instance/domains for region
- Unable to get attributes for region:%s instance:%s
- Unable to get all regions
- dsc HA state is changed from %d to %d
- DPI: EAL message format is changed to Json[prev: %d]
- DPI: EAL message format is changed to protobuf[prev: %d]