cc/td/doc/product/iaabu/ics/ics10
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table Of Contents

Log Severity Levels


Log Severity Levels

Cisco ICS assigns more than one severity level to certain incidents and events. This appendix classifies the following events and incidents by severity level:

System Event Severity Levels Table C-1

Outbreak Event Severity Levels Table C-2

Server Update Severity Levels Table C-3

Deployment Event Severity Levels Table C-4

Connection Status Event Severity Levels Table C-5

Host Event Severity Levels Table C-6

Incident Severity Levels Table C-7

Table C-1 System Event Severity Levels 

System Events
Alert
Info
Error
Notice

The Cisco ICS service started.

 

Info

   

The Cisco ICS service stopped.

 

Info

   

The Cisco ICS service stopped for an unknown reason.

   

Error

 

The Cisco ICS administrator added, modified, or deleted an account.

     

Notice

The Cisco ICS administrator tried to but could not add or modify an account.

   

Error

 

A user added or removed a device.

     

Notice

The device license expired and all tasks applied to it stopped.

     

Notice

A DCS server registered to Cisco ICS.

     

Notice

A DCS server reregistered to Cisco ICS.

     

Notice

A DCS server was removed.

     

Notice

A DCS server was manually unregistered from Cisco ICS.

     

Notice

An OfficeScan server was added.

     

Notice

An OfficeScan server was removed.

     

Notice

Manual database backup was completed.

     

Notice

Manual database backup attempt was unsuccessful.

   

Error

 

Scheduled database backup was completed.

     

Notice

Scheduled database backup attempt was unsuccessful.

   

Error

 

Manual Log Deletion

     

Notice

Scheduled Log Deletion

     

Notice


Table C-2 Outbreak Event Severity Levels 

Outbreak Events
Alert
Info
Error
Notice

A user created or modified a new outbreak management task.

     

Notice

A user tried to create or modify a new outbreak management task but could not for an unknown reason, or because the maximum number of tasks (32) was exceeded.

   

Error

 

An outbreak management task stopped.

     

Notice

An OPACL was stopped manually.

     

Notice

An OPACL was stopped automatically.

     

Notice

A user generated a report.

     

Notice

A user tried to generate a report but could not.

   

Error

 

Table C-3 Server Update Severity Levels 

Server Update Events
Alert
Info
Error
Notice

Cisco ICS downloaded a component. For more information, see About Cisco ICS Components, page 1-3.

     

Notice

Cisco ICS tried to download a component but could not because the component was up-to-date. For more information, see About Cisco ICS Components, page 1-3.

     

Notice

Cisco ICS tried to download a component but could not because of an error, such as a network connection problem, invalid file type, or HTTP timeout. For more information, see About Cisco ICS Components, page 1-3.

   

Error

 

Table C-4 Deployment Event Severity Levels 

Deployment Events
Alert
Info
Error
Notice

Cisco ICS deployed a component. For more information, see About Cisco ICS Components, page 1-3.

 

Info

   

Cisco ICS tried to deploy a component but could not because the device was offline. For more information, see About Cisco ICS Components, page 1-3.

     

Notice

Cisco ICS tried to deploy a component but could not because of an error; for example, the device not was not online, or interfaces or VLANs were not selected. For more information, see About Cisco ICS Components, page 1-3.

   

Error

 

Table C-5 Connection Status Event Severity Levels 

Connection Status Events
Alert
Info
Error
Notice

Cisco ICS started or completed a manual or scheduled connection verification to a device.

 

Info

   

Cisco ICS was unable to connect to the device.

   

Error

 

Cisco ICS received a notification that a DCS server started.

 

Info

   

Cisco ICS received a notification that a DCS server stopped.

     

Notice


Table C-6 Host Event Severity Levels 

Host Event
Alert
Info
Error
Notice

Cisco ICS received a host cleanup notification from a DCS server (The cleanup might or might not have been successful.)

 

Info

   

A DCS server cleaned a host and the host was not automatically removed from the watch list.

 

Info

   

A user removed a host from a watch list.

 

Info

   

Cisco ICS removed a host from a watch list automatically after the host was cleaned.

 

Info

   

Table C-7 Incident Severity Levels 

Incidents
Alert
Info
Error
Notice

An IPS device detects traffic matching an OPSig.

Alert

     

A device detects traffic matching an OPACL.

     

Notice

The DCS server ran cleanup on a host that was already clean.

 

Info

   

An IPS device detected a virus and the DCS server cleaned the infected host.

 

Info

   

An IPS device detected a virus but the DCS server could not clean the infected host.

Alert

     

The DCS server could not access an infected host.

   

Error

 

An IPS device detected a virus but the DCS server took no action.

     

Notice


hometocprevnextglossaryfeedbacksearchhelp

Posted: Fri Apr 7 09:28:49 PDT 2006
All contents are Copyright © 1992--2006 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.