The table below describes firewall audit events logged by Kaspersky IoT Secure Gateway 1000 and the Kaspersky IoT Secure Gateway Network Protector application.
Firewall audit events
Event name |
Event text |
Severity |
Subject ID |
|---|---|---|---|
Audit: Audit subsystem start |
Audit subsystem is running |
Informational |
System: Audit |
admin: Log export user: Log export |
The log is exported |
Informational |
Administrator or user |
admin: Log export error user: Log export error |
Failed to export the log |
Warning |
Administrator or user |
Audit: Audit log overwrite |
Audit log is overwritten due to full storage |
Informational |
System: Audit |
Audit: Audit log is running out of space |
The audit log will be overwritten after |
Warning |
System: Audit |
TrafficController: Traffic blocking |
The traffic from the device |
Warning |
System: TrafficController |
TrafficController: Rule creation limit for IDSProxy |
Failed to block device |
Critical |
System: TrafficController |
TrafficController: Changing the configuration of firewall rules |
Configuration of the firewall rules is changed |
Informational |
System: TrafficController |
KscController: Changing the application routes |
Application routes are changed |
Informational |
System: KscController |
Launcher: Switching Kaspersky IoT Secure Gateway Network Protector to emergency mode |
Emergency mode activated for Kaspersky IoT Secure Gateway Network Protector application |
Critical |
System: Launcher |
Audit: Audit subsystem test message |
The test message was successfully recorded during audit subsystem diagnostics |
Informational |
System: Audit |
TrafficController: Error creating route |
User-defined route not applied: |
Warning |
System: TrafficController |