Service events

The table below lists the keys and values in a service event message.

Service event information

Key

Value

cs4

cs4Label

Event priority.

Always Medium.

This value is displayed by default.

cs1

cs1Label

Name of the security rule that the session matched.

This value is displayed by default.

rt

Date and time when the event was generated on the Kaspersky NGFW device (the session was removed and was recorded in the Kaspersky NGFW log).

Format: 2023-12-26T12:31:54Z.

dtz

Time zone on the Kaspersky NGFW device

Format: UTC+-hh:mm or +-hh:mm.

Default value: UTC+00:00.

msg

Body of the message.

Format: <Error text>. <Clarifying reason (optonal)>.

Event variants:

  • Security rule will expire soon. Rule expiration time = <one-time schedule expiration date>.
  • Security rule has expired.
  • Syslog server certificate will expire soon. CN:<common name>.
  • SIEM server certificate will expire soon. CN:<common name>.
  • KSN service is unavailable.
  • KSN service is available.
  • Local databases are out of date.
  • Local databases are totally out of date.
  • The device cannot get updates. Check your internet connection.

Page top