E-Log

auth
ddns
dhcp
dns-security
dynamic-updates
fips
general
hw
nat
ntpd
port
routing
satd
syslog
url-filtering
userid
wildfire

Event ID	Description
cas-message	(profile id:<id>)<message>
auth-fail	<type> with username "<name>" is invalid due to special characters
auth-fail	Allocated slot <id> for uid <uid> <id>
auth-fail	Admin <name> failed to authenticate <num> times - the unsuccessful authentication attempts threshold reached.
auth-fail	Admin <name>'s account is being disabled due to excessive failed authentication attempts.
auth-success	Certificate validated for user '<name>'. <error>
auth-fail	Certificate validation failed for user '<user>'. <error> auth profile '<name>', vsys '<id>', reply message '<msg>' From: <name>.
auth-fail	failed authenticated for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
user-password-change-failed	failed authenticated for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
auth-fail	Kerberos SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
user-password-change-failed	Kerberos SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
auth-fail	SAML SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
user-password-change-failed	SAML SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
auth-fail	CAS SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
user-password-change-failed	CAS SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.

Event ID	Description
ddns-unsupported	Interface <name> DDNS config for host <host> to <label> (<label>) is using a non-supported DDNS service provider. Please convert to a supported service.

Event ID	Description
ip-already-in-use	ip address is already in use
server-no-free-ip	DHCP server runs out of ip pool

Event ID	Description
PAN_ELOG_EVENT_DNSSEC_DNS_CLOUD_QUERY_TIMEOUT	DNS Security cloud query timeout.

Event ID	Description
palo-alto-networks-message	<message>

Event ID	Description
fips-entropy-rtciid	RTC-IID error occurred - attempting recovery...
fips-entropy-rtciid	RTC-IID - Reading record failure

Event ID	Description
general	CAS token sign cert "<name>" is invalid with error msg "<msg>"
general	PANDB: Authentication or Client Certificate failure.
general	PANDB: Client Certificate has expired or is not yet valid.
general	PANDB: Device Client Certificate unavailable.
general	PANDB: Mismatched Serial number in certificate and payload.
general	PANDB: Expired Client Certificate.
general	PANDB: Revoked Client Certificate.
general	PANDB: Reason - Unknown Issuer or Incomplete or Incorrect Certificate chain.
general	MLAV: Client Certificate has expired or is not yet valid.
general	MLAV: Device Client Certificate unavailable.
general	MLAV: Mismatched Serial number in certificate and payload.
general	MLAV: Expired Client Certificate.
general	MLAV: Revoked Client Certificate.
general	MLAV: Reason - Unknown Issuer or Incomplete or Incorrect Certificate chain.
general	WFRTSIG: Authentication or Client Certificate failure.
general	WFRTSIG: Client Certificate has expired or is not yet valid.
general	WFRTSIG: Device Client Certificate unavailable.
general	WFRTSIG: Mismatched Serial number in certificate and payload.
general	WFRTSIG: Expired Client Certificate.
general	WFRTSIG: Revoked Client Certificate.
general	WFRTSIG: Reason - Unknown Issuer or Incomplete or Incorrect Certificate chain.
general	Server Cert: <name> is invalid, its name does not match the server <server>
general	Server Cert: <name> is invalid for server <name>: <error>
general	Slot s<num>: Application Pod '<name> : <namespace>: <interface>' can't be served right now; All <num> ports (<num> pods) in use, waiting for ports availability (for <name>).
general	Failed to connect to wildfire-realtime cloud, retry after 30 seconds.
general	CONFIG_UPDATE_INC : Incremental update to DP failed please try to commit force the latest config
general	Request made to <name> server returned with HTTP response code : <code>

Event ID	Description
slot-up	Slot <id> (PA-7000/5400-100G-NPC) ctd-mode is AHO

Event ID	Description
fallback_report	On vsys <id>, there are <num> NAT DIPP fallbacks happeing in NAT rule <name>.

Event ID	Description
auth	NTP sync to server <addr> failed, authentication type autokey
auth	NTP sync to server <addr> failed, authentication type autokey

Event ID	Description
invalid-module	<name>: requires an SFP+ module.
invalid-module	<buf>: requires an optical or copper SFP module.

Event ID	Description
routed-static-fqdn-changed	Routed static fqdn mapping is changed
routed-static-fqdn-changed	Routed static fqdn mapping is changed
routed-BGP-peer-mp-extension-negotiate	BGP peer MP extension negotiation. MP-EXTENSION negotiation to peer name: <name>, peer IP: <ip> successful"
routed-BGP-peer-enter-established	BGP peer session enters established state. peer name: <name>, peer IP: <ip>.
routed-BGP-refresh-sent	ROUTE REFRESH message sent to a BGP peer. peer name: <name>, peer IP: <ip>.
routed-BGP-ribout-recalc	An RIB-Out is being recalculated as a result of changed export policy. peer name: <name>, peer IP: <ip>.
routed-BGP-ribin-recalc	An RIB-In is being recalculated as a result of changed import policy. peer name: <name>, peer IP: <ip>.

Event ID	Description
satd-portal-gateway-duplicate	GlobalProtect portal config duplicated gateway.

Event ID	Description
syslog-conn-status	<syslog-ng message>

Event ID	Description
dynamic-url-connection-down	Dynamic URL connection is unavailable please check if service.brightcloud.com (<ip>) is reachable
connection-failure	Failed to connect to Brightcloud update server: Cannot fetch source IP address
url-download-failure	The URL cloud list file was not found on the cloud.
cloud-election	CLOUD ELECTION: cannot elect a cloud
url-cloud-connection-failure	Failed to open connection with the cloud after "<num> consecutive tries.
error-msg-from-cloud	ERROR message from cloud. Invalid request.
error-msg-from-cloud	ERROR message from cloud. Invalid request.
error-msg-from-cloud	ERROR status from cloud
startup-failure	PAN-DB engine startup failed.
update-version-failure	Failed to update version <version>.
update-version-failure	Failed to update version <version>.
update-version-failure	Failed to update version <version>.
update-version-failure	Failed to update version <version>.
update-version-failure	Failed to update version <version>.
starts-from-empty-seed	Failed to load the URL seed database, starting with an empty database.
ha-sync-failure	Unable to initiate file sync to peer: <error>
url-backup-seed-failure	Failed to back up PAN-DB
engine-startup-failure	May runs without URL filtering !!!
ha-sync-failure	Failed to upload the new HA URL file to RAM, start loading old URL file.
starts-from-empty-seed	Failed to upload the old URL file to RAM,Starting with an empty file.
engine-startup-failure	Runs without URL filtering !!!
ha-sync-failure	Failed to receive file completely from peer (<name>:<name>): <error>.

Event ID	Description
connect-ldap-sever-failure	ldap cfg <name> failed to connect to server <server>: <error>
get-ldap-data-failure	ldap cfg <name> failed to get info from server <server>
connect-ldap-sever-failure	ldap cfg <name> failed to connect to server <server>: <error>
get-ldap-data-failure	ldap cfg <name> failed to get info from server <name>

Event ID	Description
wildfire-conn-success	Successfully registered to <description> <name>