Fan Events

Vendor Documentation

https://www.arubanetworks.com/techdocs/AOS-CX/10.07/HTML/5200-8214/Content/fir-int.htm

https://www.arubanetworks.com/techdocs/AOS-CX/10.07/PDF/5200-8214.pdf

Classification

Rule Name	Rule Type	Common Event	Classification
Fan Events	Base Rule	General Information Log Message	Information

Mapping with LogRhythm Schema

Device Key in Log Message	LogRhythm Schema	Data Type	Schema Description
Event ID	<vmid>	Number	Event ID 201, 202, 203, 204, 205, 206, 207, 208, 209, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224, 225
Severity	<severity>	Text/String	For All: Information For 204, 211, 212, 217, 221, 223, 224, 225: Warning For 208, 209, 213,214, 222: Error
Message	<subject> <quantity> <object>	Text/String	Event ID 201: Log the total number of fans in the subsystem
	<subject> <object> <amount>	Text/String	Event ID 202: Log the fan speed set
	<subject> <object>	Text/String	Event ID 203: Log the air flow direction
	<subject> <object>	Text/String	Event ID 204: Log event when a fan tray is removed from the chassis
	<subject> <object>	Text/String	Event ID 205: Log event when a fan tray is inserted into the chassis
	<subject> <object>	Text/String	Event ID 206: Log event when a fan module is removed from a fan tray
	<subject> <object>	Text/String	Event ID 207: Log event when a fan module is inserted into a fan tray
	<subject> <object>	Text/String	Event ID 208: Log event when an unsupported fan tray is inserted
	<subject> <amount> <objecttype> <action> <size>	Text/String/Number	Event ID 209: Log error when system shutdown is initiated due to critical fan faults
	<subject> <amount> <objecttype> <action> <size>	Text/String/Number	Event ID 211: Log error when the number of failures exceed the allowable limit
	<subject>	Text/String	Event ID 212: Log event when the shutdown timer is cancelled
	<subject> <objecttype> <size>	Text/String/Number	Event ID 213: Log error when there are fan faults
	<subject> <reason>	Text/String	Event ID 214: List out the faulty or missing fan names
	<subject> <object> <status>	Text/String	Event ID 215: Log the fan status
	<subject> <object> <status>	Text/String	Event ID 216: Log the change in fan status
	<subject> <quantity> <size>	Text/String/Number	Event ID 217: Log when minimum number of fans are not present.
	<subject> <object> <status>	Text/String	Event ID 218: Log when the fan speed index changes to and from the maximum for each thermal zone
	<subject> <object> <status>	Text/String	Event ID 219: Log event when a fan tray is powered on or off
	<subject> <object> <objectname>	Text/String	Event ID 220: Log event when a fan tray is inserted specifying its airflow direction
	<subject> <object>	Text/String	Event ID 221: Log event when a fan tray airflow is not matching with system airflow
	<subject> <amount> <objecttype> <action> <size>	Text/String/Number	Event ID 222: Log error when number of faulty/supported fans does not meet the allowable limit
	<subject> <object>	Text/String	Event ID 223: Log when fan tray SKU ID in FRU is mismatched
	<subject> <object>	Text/String	Event ID 224: Log event when a fan tray airflow is not matching with system airflow and is disabled
	<subject> <object> <result>	Text/String	Event ID 225: Log event when a misconfigured fan tray is enabled or disabled