|
ID
|
Severity
|
Event
|
Notes
|
|
Special Events
|
|||
|
0
|
Error
|
Unknown Agent/Appliance Event
|
|
|
Driver-Related Events
|
|||
|
1000
|
Error
|
Unable To Open Engine
|
|
|
1001
|
Error
|
Engine Command Failed
|
|
|
1002
|
Warning
|
Engine List Objects Error
|
|
|
1003
|
Warning
|
Remove Object Failed
|
|
|
1004
|
Error
|
Driver Upgrade Stalled
|
|
|
1005
|
Info
|
Upgrading Driver
|
|
|
1006
|
Error
|
Driver Upgrade Requires Reboot
|
|
|
1007
|
Info
|
Driver Upgrade Succeeded
|
|
|
1008
|
Error
|
Kernel Unsupported
|
|
|
1010
|
Warning
|
Trend Micro LightWeight Filter Driver has been disabled
|
|
|
1011
|
Info
|
Trend Micro LightWeight Filter Driver has been restarted
|
|
|
1012
|
Info
|
All Trend Micro LightWeight Filter Drivers have been restarted successfully
|
|
|
1013
|
Warning
|
Trend Micro LightWeight Filter Driver failed to bind on all network interfaces
|
|
|
Configuration-Related Events
|
|||
|
2000
|
Info
|
Policy Sent
|
|
|
2001
|
Warning
|
Invalid Firewall Rule Assignment
|
|
|
2002
|
Warning
|
Invalid Firewall Stateful Configuration
|
|
|
2003
|
Error
|
Save Security Configuration Failed
|
|
|
2004
|
Warning
|
Invalid Interface Assignment
|
|
|
2005
|
Warning
|
Invalid Interface Assignment
|
|
|
2006
|
Warning
|
Invalid Action
|
|
|
2007
|
Warning
|
Invalid Packet Direction
|
|
|
2008
|
Warning
|
Invalid Rule Priority
|
|
|
2009
|
Warning
|
Unrecognized IP Format
|
|
|
2010
|
Warning
|
Invalid Source IP List
|
|
|
2011
|
Warning
|
Invalid Source Port List
|
|
|
2012
|
Warning
|
Invalid Destination IP List
|
|
|
2013
|
Warning
|
Invalid Destination Port List
|
|
|
2014
|
Warning
|
Invalid Schedule
|
|
|
2015
|
Warning
|
Invalid Source MAC List
|
|
|
2016
|
Warning
|
Invalid Destination MAC List
|
|
|
2017
|
Warning
|
Invalid Schedule Length
|
|
|
2018
|
Warning
|
Invalid Schedule String
|
|
|
2019
|
Warning
|
Unrecognized IP Format
|
|
|
2020
|
Warning
|
Object Not Found
|
|
|
2021
|
Warning
|
Object Not Found
|
|
|
2022
|
Warning
|
Invalid Rule Assignment
|
|
|
2050
|
Warning
|
Firewall Rule Not Found
|
|
|
2075
|
Warning
|
Traffic Stream Not Found
|
|
|
2076
|
Warning
|
Intrusion Prevention Rule Not Found
|
|
|
2077
|
Warning
|
Pattern List Not Found
|
|
|
2078
|
Warning
|
Traffic Stream Conversion Error
|
|
|
2080
|
Warning
|
Conditional Firewall Rule Not Found
|
|
|
2081
|
Warning
|
Conditional Intrusion Prevention Rule Not Found
|
|
|
2082
|
Warning
|
Empty Intrusion Prevention Rule
|
|
|
2083
|
Warning
|
Intrusion Prevention Rule XML Rule Conversion Error
|
|
|
2085
|
Error
|
Security Configuration Error
|
|
|
2086
|
Warning
|
Unsupported IP Match Type
|
|
|
2087
|
Warning
|
Unsupported MAC Match Type
|
|
|
2088
|
Warning
|
Invalid SSL Credential
|
|
|
2089
|
Warning
|
Missing SSL Credential
|
|
|
2090
|
Error
|
Security Configuration Error
|
|
|
2091
|
Error
|
Security Configuration Error
|
|
|
Hardware-Related Events
|
|||
|
3000
|
Warning
|
Invalid MAC Address
|
|
|
3001
|
Warning
|
Get Event Data Failed
|
|
|
3002
|
Warning
|
Too Many Interfaces
|
|
|
3003
|
Error
|
Unable To Run External Command
|
|
|
3004
|
Error
|
Unable To Read External Command Output
|
|
|
3005
|
Error
|
Operating System Call Error
|
|
|
3006
|
Error
|
Operating System Call Error
|
|
|
3007
|
Error
|
File Error
|
|
|
3008
|
Error
|
Machine-Specific Key Error
|
|
|
3009
|
Error
|
Unexpected Agent/Appliance Shutdown
|
|
|
3010
|
Error
|
Agent/Appliance Database Error
|
|
|
3300
|
Warning
|
Get Event Data Failed
|
Linux error.
|
|
3302
|
Warning
|
Get Security Configuration Failed
|
Linux error.
|
|
3303
|
Error
|
File Mapping Error
|
Linux error. File type error.
|
|
3600
|
Error
|
Get Windows System Directory Failed
|
|
|
3601
|
Warning
|
Read Local Data Error
|
Windows error.
|
|
3602
|
Warning
|
Windows Service Error
|
Windows error.
|
|
3603
|
Error
|
File Mapping Error
|
Windows error. File size error.
|
|
3700
|
Warning
|
Abnormal Restart Detected
|
Windows error.
|
|
3701
|
Info
|
System Last Boot Time Change
|
Windows error.
|
|
Communications-Related Events
|
|||
|
4000
|
Warning
|
Invalid Protocol Header
|
Content length out of range.
|
|
4001
|
Warning
|
Invalid Protocol Header
|
Content length missing.
|
|
4002
|
Info
|
Command Session Initiated
|
|
|
4003
|
Info
|
Configuration Session Initiated
|
|
|
4004
|
Info
|
Command Received
|
|
|
4011
|
Warning
|
Failure to Contact Manager
|
|
|
4012
|
Warning
|
Heartbeat Failed
|
|
|
Agent-Related Events
|
|||
|
5000
|
Info
|
Agent/Appliance Started
|
|
|
5001
|
Error
|
Thread Exception
|
|
|
5002
|
Error
|
Operation Timed Out
|
|
|
5003
|
Info
|
Agent/Appliance Stopped
|
|
|
5004
|
Warning
|
Clock Changed
|
|
|
5005
|
Info
|
Agent/Appliance Auditing Started
|
|
|
5006
|
Info
|
Agent/Appliance Auditing Stopped
|
|
|
5007
|
Info
|
Appliance Protection Change
|
|
|
5008
|
Warning
|
Filter Driver Connection Failed
|
|
|
5009
|
Info
|
Filter Driver Connection Success
|
|
|
5010
|
Warning
|
Filter Driver Informational Event
|
|
|
5100
|
Info
|
Protection Module Deployment Started
|
|
|
5101
|
Info
|
Protection Module Deployment Succeeded
|
|
|
5102
|
Error
|
Protection Module Deployment Failed
|
|
|
5103
|
Info
|
Protection Module Download Succeeded
|
|
|
5104
|
Info
|
Protection Module Disablement Started
|
|
|
5105
|
Info
|
Protection Module Disablement Succeeded
|
|
|
5106
|
Error
|
Protection Module Disablement Failed
|
|
|
5107
|
Info
|
Agent Self-Protection enabled
|
|
|
5108
|
Info
|
Agent Self-Protection disabled
|
|
|
5109
|
Error
|
FIPS verification Error
|
|
|
5110
|
Error
|
Secure Boot Public Key Not Enrolled
|
This error can occur if the public key required to check the signature on the Trend
Micro kernel module is not successfully enrolled on the agent computer.
For details, see Linux Secure Boot support for agents.
|
|
5111
|
Error
|
Secure Boot 'On' Not Supported
|
The agent does not support this OS with Secure Boot enabled.
For details, see Linux Secure Boot support for agents.
|
|
5200
|
Info
|
File Backup Completed
|
|
|
5201
|
Error
|
Failure to Backup File
|
|
|
Logging-Related Events
|
|||
|
6000
|
Info
|
Log Device Open Error
|
|
|
6001
|
Info
|
Log File Open Error
|
|
|
6002
|
Info
|
Log File Write Error
|
|
|
6003
|
Info
|
Log Directory Creation Error
|
|
|
6004
|
Info
|
Log File Query Error
|
|
|
6005
|
Info
|
Log Directory Open Error
|
|
|
6006
|
Info
|
Log File Delete Error
|
|
|
6007
|
Info
|
Log File Rename Error
|
|
|
6008
|
Info
|
Log Read Error
|
|
|
6009
|
Warning
|
Log File Deleted Due To Insufficient Space
|
|
|
6010
|
Warning
|
Events Were Suppressed
|
|
|
6011
|
Warning
|
Events Truncated
|
|
|
6012
|
Error
|
Insufficient Disk Space
|
|
|
6013
|
Warning
|
Agent configuration package too large
|
|
|
Attack-, Scan-, and Probe-Related Events
|
|||
|
7000
|
Warning
|
Computer OS Fingerprint Probe
|
|
|
7001
|
Warning
|
Network or Port Scan
|
|
|
7002
|
Warning
|
TCP Null Scan
|
|
|
7003
|
Warning
|
TCP SYNFIN Scan
|
|
|
7004
|
Warning
|
TCP Xmas Scan
|
|
|
Download Security Update Events
|
|||
|
9050
|
Info
|
Update of Anti-Malware Component on Agent Succeeded
|
|
|
9051
|
Error
|
Update of Anti-Malware Component on Agent Failed
|
|
|
9100
|
Info
|
Security Update Successful
|
|
|
9101
|
Error
|
Security Update Failure
|
|
|
9102
|
Error
|
Security Update Failure
|
Specific information recorded in error message.
|
|
Relay Events
|
|||
|
9103
|
Info
|
Relay Web Server Disabled
|
|
|
9104
|
Info
|
Relay Web Server Enabled
|
|
|
9105
|
Error
|
Enable Relay Web Server Failed
|
|
|
9106
|
Error
|
Disable Relay Web Server Failed
|
|
|
9107
|
Error
|
Relay Web Server failed
|
|
|
9108
|
Info
|
Unable to Connect to Update Source
|
|
|
9109
|
Error
|
Component Update Failure
|
|
|
9110
|
Error
|
Anti-Malware license is expired
|
|
|
9111
|
Info
|
Security Update Rollback Success
|
|
|
9112
|
Error
|
Security Update Rollback Failure
|
|
|
9113
|
Info
|
Relay Replicated All Packages
|
|
|
9114
|
Error
|
Relay Failed to Replicate All Packages
|
|
|
9115
|
Info
|
Failed to download from the Relay Web Server
|
|
|
Integrity Scan Status Events
|
|||
|
9201
|
Info
|
Integrity Scan Started
|
|
|
9203
|
Info
|
Integrity Scan Terminated Abnormally
|
|
|
9204
|
Info
|
Integrity Scan Paused
|
|
|
9205
|
Info
|
Integrity Scan Resumed
|
|
|
9208
|
Warning
|
Integrity Scan failed to start
|
|
|
9209
|
Warning
|
Integrity Scan Stalled
|
|
|
Smart Protection Server Status Events
|
|||
|
9300
|
Warning
|
Smart Protection Server Disconnected for Web Reputation
|
|
|
9301
|
Info
|
Smart Protection Server Connected for Web Reputation
|
|
|
9302
|
Warning
|
Census, Good File Reputation, and Predictive Machine Learning Service Disconnected
|
|
|
9303
|
Info
|
Census, Good File Reputation, and Predictive Machine Learning Service Connected
|
|
Views: