V 2.0 Distributed Management Event

V 2.0 Distributed Management Event

Base Rule

General Application Management Information

Information

V 2.0 EVID: 41000 Memory Statistics Not Found

Sub Rule

Memory Statistics Not Found

Warning

V 2.0 EVID: 41001 Total Memory Not Found

Sub Rule

Total Memory Not Found

Warning

V 2.0 EVID: 41002 Total Swap Not Found

Sub Rule

Total Swap Not Found

Warning

V 2.0 EVID: 41003 Disk Size Not Found

Sub Rule

Disk Size Not Found

Error

V 2.0 EVID: 41004 Disk Device Not Found

Sub Rule

Disk Device Not Found

Error

V 2.0 EVID: 41005 ISE Version Not Found

Sub Rule

Software Version Not Found

Error

V 2.0 EVID: 41007 ISE Node Record Found

Sub Rule

Generic Record

Information

V 2.0 EVID: 41008 ISE Node Record Override

Sub Rule

Object Overridden

Information

V 2.0 EVID: 41009 Default ISE Deployment Created

Sub Rule

Object Created

Access Success

V 2.0 EVID: 41010 Default ISE Node Created

Sub Rule

Object Created

Access Success

V 2.0 EVID: 41011 Node Status Initialized

Sub Rule

Node Status Initialized

Information

V 2.0 EVID: 41012 Secondary ISE Registered

Sub Rule

Device Registered

Other Audit Success

V 2.0 EVID: 41013 ISE Node Deregistered

Sub Rule

Device Unregistered

Warning

V 2.0 EVID: 41014 Software Version Not Found

Sub Rule

Software Version Not Found

Error

V 2.0 EVID: 41015 System Call Could Not Run

Sub Rule

Failed System Call

Error

V 2.0 EVID: 41016 System Call Could Not Run Stdout

Sub Rule

Failed System Call

Error

V 2.0 EVID: 41017 Hostname Not Found

Sub Rule

Hostname Not Found

Warning

V 2.0 EVID: 41018 Svc Selection Policy Update Fail

Sub Rule

Update Failed

Error

V 2.0 EVID: 41019 Relation Not Added

Sub Rule

Could Not Add Relation To Service Selection Policy

Error

V 2.0 EVID: 41020 Svc Selection Policy Init. Fail

Sub Rule

Initialization Failed

Error

V 2.0 EVID: 41021 ISE Node Object Not Updated

Sub Rule

Object Update Failed

Error

V 2.0 EVID: 41022 NodeInfo Collection Error Occur

Sub Rule

NodeInfo Collection Error

Error

V 2.0 EVID: 41023 Replication Status Collec Error

Sub Rule

Replication Status Error

Error

V 2.0 EVID: 41024 Error Loading Nodeinfo

Sub Rule

NodeInfo Loading Error

Error

V 2.0 EVID: 41025 NodeInfo Incomplete Information

Sub Rule

NodeInfo File Incomplete

Error

V 2.0 EVID: 41026 Mgmt Config Directory Not Create

Sub Rule

Directory Not Found

Other Operations

V 2.0 EVID: 41027 Nodinfo Could Not Be Created

Sub Rule

ACSNodeInfo Could Not Be Created

Error

V 2.0 EVID: 41028 MAC Address Not Found

Sub Rule

MAC Address Not Found

Warning

V 2.0 EVID: 41029 ISE Not Start As Record Unfound

Sub Rule

Error Retrieving Record

Error

V 2.0 EVID: 41030 MAC ID Not Found In ACSNodeInfo

Sub Rule

Invalid MAC Address

Error

V 2.0 EVID: 41031 Secondary Hostname Already Exist

Sub Rule

Hostname Already Exists

Warning

V 2.0 EVID: 41032 Secondary MAC Addr Already Exist

Sub Rule

MAC Address Already Exists

Warning

V 2.0 EVID: 41033 Deregistration Failed

Sub Rule

Deregister Failed

Error

V 2.0 EVID: 41034 Activation Failed

Sub Rule

Activation Failed

Error

V 2.0 EVID: 41035 Connection Failed

Sub Rule

Connection Failure

Error

V 2.0 EVID: 41036 ISE Node Deregistration Failed

Sub Rule

Deregister Failed

Error

V 2.0 EVID: 41037 Initialization Failed

Sub Rule

Initialization Failed

Error

V 2.0 EVID: 41038 Interface Config Not Found

Sub Rule

Configuration Notification Message Error

Error

V 2.0 EVID: 41039 Interface Eth0 Not Found

Sub Rule

Interface Not Found

Warning

V 2.0 EVID: 41040 Eth0 Hardware Address Not Found

Sub Rule

Default Address Not Found

Error

V 2.0 EVID: 41041 Eth0 Inet Address Not Found

Sub Rule

Default Address Not Found

Error

V 2.0 EVID: 41042 Eth0 Mask Not Found

Sub Rule

Invalid Mask

Warning

V 2.0 EVID: 41043 ACSNodeInfo Not Created

Sub Rule

ACSNodeInfo Could Not Be Created

Error

V 2.0 EVID: 41044 ACS Instance Reconnection Failed

Sub Rule

Reconnection ACS Instance Could Not Be Found

Error

V 2.0 EVID: 41045 Replacement Keyword Already Reg

Sub Rule

Keyword Associated With Instance

Error

V 2.0 EVID: 41046 ISE Instance Reg To Primary Node

Sub Rule

Instance Information

Information

V 2.0 EVID: 41047 Primary Node Full Data Sync

Sub Rule

Sync Started

Information

V 2.0 EVID: 41048 ACSNode Replace Success

Sub Rule

ACSNode Replaced

Information

V 2.0 EVID: 41049 ACSNode Reg To Primary Node

Sub Rule

Register Node

Information

V 2.0 EVID: 41050 ACSNode Activated On Primary

Sub Rule

Activating ACSNode

Information

V 2.0 EVID: 41051 ACSNode Deactivated On Primary

Sub Rule

ACS Node Deregistered

Information

V 2.0 EVID: 41053 ISE Inst Promoted To Prim. Node

Sub Rule

Instance Information

Information

V 2.0 EVID: 41054 ISE Inst Swtiching To Local Mode

Sub Rule

Instance Information

Information

V 2.0 EVID: 41055 Node Upgrading To New Version

Sub Rule

Upgrade Started

Information

V 2.0 EVID: 41056 Software Upgared Applied To ISE

Sub Rule

Upgrade Information

Information

V 2.0 EVID: 41057 Automatic Backup Being Created

Sub Rule

Creating Automatic Backup

Other Audit Success

V 2.0 EVID: 41058 Downloading Bundle For Primary

Sub Rule

Downloading Bundle

Information

V 2.0 EVID: 41059 Node Upgrade Complete

Sub Rule

Upgrade Complete

Information

V 2.0 EVID: 41060 Enabling Log Collector Target

Sub Rule

Enabled

Information

V 2.0 EVID: 41061 Disabling Log Collector Target

Sub Rule

Disabling Log Collector Target

Information

V 2.0 EVID: 41062 Log Collector Node Selected

Sub Rule

Log Collector Set

Information

V 2.0 EVID: 41063 Remote Syslog Target Created

Sub Rule

General Syslog Information

Information

V 2.0 EVID: 41064 Log Collector Deregister Failed

Sub Rule

Deregister Failed

Error

V 2.0 EVID: 41065 Apply Upgrade Diagnostic Message

Sub Rule

Apply Upgrade Diagnostic Message

Information

pri_num

N/A

N/A

Priority value of the message, a combination of the facility value and the severity value of the message. Priority value = (facility value * 8) + severity value.
The facility code valid options are:
LOCAL0 (Code = 16)
LOCAL1 (Code = 17)
LOCAL2 (Code = 18)
LOCAL3 (Code = 19)
LOCAL4 (Code = 20)
LOCAL5 (Code = 21)
LOCAL6 (Code = 22; default)
LOCAL7 (Code = 23)

time

N/A

N/A

Date of the message generation, according to the local clock of the originating Cisco ISE server, in the format Mmm DD hh:mm:ss.

IP address/hostname

N/A

N/A

IP address of the originating Cisco ISE node, or the hostname.

cat_name

<vendorinfo>

Text/String

Logging category name preceded by the CSCOxxx string.

msg_id

N/A

N/A

Unique message ID; 1 to 4294967295. The message ID increases by 1 with each new message. Message IDs restart at 1 each time the application is restarted.

total_seg

N/A

N/A

Total number of segments in a log message. Long messages are divided into more than one segment.
Note: The total_seg depends on the Maximum Length setting in the remote logging targets page. See Remote Logging Target Settings.

seg_num

N/A

N/A

Segment sequence number within a message. Use this number to determine what segment of the message you are viewing.

timestamp

N/A

N/A

Date of the message generation, according to the local clock of the originating the Cisco ISE node, in the following format: 
YYYY-MM-DD hh:mm:ss:xxx +/-zh:zm.

sequence_num

N/A

N/A

Global counter of each message. If one message is sent to the local store and the next to the syslog server target, the counter increments by 2. Possible values are 0000000001 to 999999999.

msg_code

<vmid>
<tag1>

Number

Message code as defined in the logging categories.

msg_sev

<severity>

Text/String

Message severity level of a log message.

msg_class

<subject> 

Text/String

Message class, which identifies groups of messages with the same context.

msg_text

<action> 

Text/String

English language descriptive text message.

Key1

N/A

N/A

N/A

Key2

N/A

N/A

N/A