Medium System Log Messages
Focus
Focus

Medium System Log Messages

Table of Contents
End-of-Life (EoL)

Medium System Log Messages

E-Log

Log Tags:
auth
Event IDDescription
cas-message(profile id:<id>)<message>
auth-fail<type> with username "<name>" is invalid due to special characters
auth-failAllocated slot <id> for uid <uid> <id>
auth-failAdmin <name> failed to authenticate <num> times - the unsuccessful authentication attempts threshold reached.
auth-failAdmin <name>'s account is being disabled due to excessive failed authentication attempts.
auth-successCertificate validated for user '<name>'. <error>
auth-failCertificate validation failed for user '<user>'. <error> auth profile '<name>', vsys '<id>', reply message '<msg>' From: <name>.
auth-failfailed authenticated for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
user-password-change-failedfailed authenticated for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
auth-failKerberos SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
user-password-change-failedKerberos SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
auth-failSAML SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
user-password-change-failedSAML SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
auth-failCAS SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
user-password-change-failedCAS SSO authentication failed for user '<name>'. realm '<name>', EAP outer identity '<name>, inner identity '<name>', auth profile '<name>', vsys '<id>', server profile '<name>', server address '<addr>', admin role '<name>', access domain '<name>', reply message '<msg>' From: <name>.
ddns
Event IDDescription
ddns-unsupportedInterface <name> DDNS config for host <host> to <label> (<label>) is using a non-supported DDNS service provider. Please convert to a supported service.
dhcp
Event IDDescription
ip-already-in-useip address is already in use
server-no-free-ipDHCP server runs out of ip pool
dns-security
Event IDDescription
PAN_ELOG_EVENT_DNSSEC_DNS_CLOUD_QUERY_TIMEOUTDNS Security cloud query timeout.
dynamic-updates
Event IDDescription
palo-alto-networks-message<message>
fips
Event IDDescription
fips-entropy-rtciidRTC-IID error occurred - attempting recovery...
fips-entropy-rtciidRTC-IID - Reading record failure
general
Event IDDescription
generalCAS token sign cert "<name>" is invalid with error msg "<msg>"
generalPANDB: Authentication or Client Certificate failure.
generalPANDB: Client Certificate has expired or is not yet valid.
generalPANDB: Device Client Certificate unavailable.
generalPANDB: Mismatched Serial number in certificate and payload.
generalPANDB: Expired Client Certificate.
generalPANDB: Revoked Client Certificate.
generalPANDB: Reason - Unknown Issuer or Incomplete or Incorrect Certificate chain.
generalMLAV: Client Certificate has expired or is not yet valid.
generalMLAV: Device Client Certificate unavailable.
generalMLAV: Mismatched Serial number in certificate and payload.
generalMLAV: Expired Client Certificate.
generalMLAV: Revoked Client Certificate.
generalMLAV: Reason - Unknown Issuer or Incomplete or Incorrect Certificate chain.
generalWFRTSIG: Authentication or Client Certificate failure.
generalWFRTSIG: Client Certificate has expired or is not yet valid.
generalWFRTSIG: Device Client Certificate unavailable.
generalWFRTSIG: Mismatched Serial number in certificate and payload.
generalWFRTSIG: Expired Client Certificate.
generalWFRTSIG: Revoked Client Certificate.
generalWFRTSIG: Reason - Unknown Issuer or Incomplete or Incorrect Certificate chain.
generalServer Cert: <name> is invalid, its name does not match the server <server>
generalServer Cert: <name> is invalid for server <name>: <error>
generalSlot s<num>: Application Pod '<name> : <namespace>: <interface>' can't be served right now; All <num> ports (<num> pods) in use, waiting for ports availability (for <name>).
generalFailed to connect to wildfire-realtime cloud, retry after 30 seconds.
generalCONFIG_UPDATE_INC : Incremental update to DP failed please try to commit force the latest config
generalRequest made to <name> server returned with HTTP response code : <code>
hw
Event IDDescription
slot-upSlot <id> (PA-7000/5400-100G-NPC) ctd-mode is AHO
nat
Event IDDescription
fallback_reportOn vsys <id>, there are <num> NAT DIPP fallbacks happeing in NAT rule <name>.
ntpd
Event IDDescription
authNTP sync to server <addr> failed, authentication type autokey
authNTP sync to server <addr> failed, authentication type autokey
port
Event IDDescription
invalid-module<name>: requires an SFP+ module.
invalid-module<buf>: requires an optical or copper SFP module.
routing
Event IDDescription
routed-static-fqdn-changedRouted static fqdn mapping is changed
routed-static-fqdn-changedRouted static fqdn mapping is changed
routed-BGP-peer-mp-extension-negotiateBGP peer MP extension negotiation. MP-EXTENSION negotiation to peer name: <name>, peer IP: <ip> successful"
routed-BGP-peer-enter-establishedBGP peer session enters established state. peer name: <name>, peer IP: <ip>.
routed-BGP-refresh-sentROUTE REFRESH message sent to a BGP peer. peer name: <name>, peer IP: <ip>.
routed-BGP-ribout-recalcAn RIB-Out is being recalculated as a result of changed export policy. peer name: <name>, peer IP: <ip>.
routed-BGP-ribin-recalcAn RIB-In is being recalculated as a result of changed import policy. peer name: <name>, peer IP: <ip>.
satd
Event IDDescription
satd-portal-gateway-duplicateGlobalProtect portal config duplicated gateway.
syslog
Event IDDescription
syslog-conn-status<syslog-ng message>
url-filtering
Event IDDescription
dynamic-url-connection-downDynamic URL connection is unavailable please check if service.brightcloud.com (<ip>) is reachable
connection-failureFailed to connect to Brightcloud update server: Cannot fetch source IP address
url-download-failureThe URL cloud list file was not found on the cloud.
cloud-electionCLOUD ELECTION: cannot elect a cloud
url-cloud-connection-failureFailed to open connection with the cloud after "<num> consecutive tries.
error-msg-from-cloudERROR message from cloud. Invalid request.
error-msg-from-cloudERROR message from cloud. Invalid request.
error-msg-from-cloudERROR status from cloud
startup-failurePAN-DB engine startup failed.
update-version-failureFailed to update version <version>.
update-version-failureFailed to update version <version>.
update-version-failureFailed to update version <version>.
update-version-failureFailed to update version <version>.
update-version-failureFailed to update version <version>.
starts-from-empty-seedFailed to load the URL seed database, starting with an empty database.
ha-sync-failureUnable to initiate file sync to peer: <error>
url-backup-seed-failureFailed to back up PAN-DB
engine-startup-failureMay runs without URL filtering !!!
ha-sync-failureFailed to upload the new HA URL file to RAM, start loading old URL file.
starts-from-empty-seedFailed to upload the old URL file to RAM,Starting with an empty file.
engine-startup-failureRuns without URL filtering !!!
ha-sync-failureFailed to receive file completely from peer (<name>:<name>): <error>.
userid
Event IDDescription
connect-ldap-sever-failureldap cfg <name> failed to connect to server <server>: <error>
get-ldap-data-failureldap cfg <name> failed to get info from server <server>
connect-ldap-sever-failureldap cfg <name> failed to connect to server <server>: <error>
get-ldap-data-failureldap cfg <name> failed to get info from server <name>
wildfire
Event IDDescription
wildfire-conn-successSuccessfully registered to <description> <name>

Slog

  • Queue '<name>' reached the watermark limit at <num>
  • Removed Used AuthKey '<name>'
  • Removed Expired AuthKey '<name>'
  • Deleted AuthKey '<name>'
  • Created AuthKey '<name>' (Count:<num>, Life:< num>s, Type:'<type>', Serial-Count:<num>)
  • Failed to SCP out Deployment file: '<file>' (rc: <num>)
  • Failed to SCP out Deployment metafile: '<file>' (rc: <num>)
  • Failed to SCP in Deployment metafile: '<file>' (rc: <num>)
  • Failed to SCP in Deployment file: '<file>' (rc: <num>)
  • Could not access threat vault
  • Failed to upload the sample to the cloud.
  • Registration to cloud failed.
  • Created new devicecert '<name>'
  • Created new cert '<name>'
  • mail send: <status>
  • Tor status is checked and changed to: <name>.
  • Failed to send test email using email profile <name>.