Device Key in Log Message | LogRhythm Schema | Data Type | Schema Description |
|---|
Event ID | <vmid> | Number | Event ID 2601, 2602, 2603, 2604, 2605, 2606, 2607, 2608, 2609, 2610, 2611, 2612, 2613, 2614, 2615, 2616, 2617, 2618, 2619, 2620, 2621, 2622 |
Severity | <severity> | Text/String | For All: Information
For 2601, 2603: Fatal
For 2608: Warning
For 2614, 2615: Error |
Message | <subject>
<objecttype>
<object> | Text/String | Event ID 2601:
This log event informs packet allocation failed in MGMD subsystem. |
| <subject>
<sip> | Text/String/IP Address | Event ID 2602:
This log event used to log IGMP warning when IGMPv1 query is received. |
| <subject>
<size>
<object> | Text/String/Number | Event ID 2603:
This log event informs the user that MGMD could not allocate memory. |
| <subject>
<objecttype>
<dinterface> | Text/String | Event ID 2604:
This log event informs the user that IGMP/MLD detected other querier. |
| <subject>
<objecttype>
<dinterface>
<dip> | Text/String/IP Address | Event ID 2605:
This log event informs the user that IGMP/MLD has started querier election on interface. |
| <subject>
<objecttype>
<dinterface> | Text/String | Event ID 2606:
This log event informs the user that IGMP/MLD ended querier role on interface. |
| <subject>
<objecttype>
<dinterface>
<dip> | Text/String/IP Address | Event ID 2607:
This log event informs the user that MGMD started querier role on interface. |
| <subject>
<objecttype>
<dport>
<sip> | Text/String/Number/IP Address | Event ID 2608:
This log event informs the user that MGMD received packet on invalid port. |
| <subject>
<sip> | Text/String/IP Address | Event ID 2609:
This log event used to log IGMP warning when configured mode is IGMPv3 and IGMPv1 query is received. |
| <subject>
<sip> | Text/String/IP Address | Event ID 2610:
This log event used to log IGMP warning when configured mode is IGMPv3 and IGMPv2 query is received. |
| <subject>
<objecttype>
<status>
<object> | Text/String | Event ID 2611:
This log event informs the user that IGMP/MLD status on VLAN. |
| <subject>
<objecttype>
<status>
<dinterface> | Text/String | Event ID 2612:
This log event informs the user the IGMP/MLD status on the Interface. |
| <subject>
<objecttype>
<status>
<dport>
<object> | Text/String/Number | Event ID 2613:
This log event informs the user that the port mode has changed. |
| <subject>
<objecttype>
<object> | Text/String | Event ID 2614:
This log event informs the user that the IGMP/MLD is disabled on a VLAN due to internal errors. |
| <subject>
<objecttype>
<dport> | Text/String/Number | Event ID 2615:
This log event informs the user that the IGMP/MLD is disabled on a L3 interface due to internal errors. |
| <subject> | Text/String | Event ID 2616:
This log event informs the user that MGMD resource utilization has exceeded the supported limits |
| <subject> | Text/String | Event ID 2617:
This log event informs the user that MGMD resource utilization has reached 90 percent of the supported limits |
| <subject>
<objecttype>
<status>
<object> | Text/String | Event ID 2618:
This log event informs the user that whether IGMP/MLD snooping is operational. |
| <subject>
<sip> | Text/String/IP Address | Event ID 2619:
This log event used to log IGMP warning when IGMPv2 query is received. |
| <subject>
<sip> | Text/String/IP Address | Event ID 2620:
This log event used to log MLD warning when configured mode is MLDV2 and MLDV1 query is received. |
| <subject>
<sip> | Text/String/IP Address | Event ID 2621:
This log event used to log MLD warning when configured mode is MLDv2 and MLDv1 query is received. |
| <subject>
<status>
<dport>
<object> | Text/String/Number | Event ID 2622:
This log event used to log if ERPS Ring state changed to idle or protection. |
