CHAPTER 37
IDP System Log Messages
This chapter describes messages with the IDP prefix. They are generated by the Intrusion
Detection and Prevention (IDP) process which enforces various attack detection and
prevention techniques on network traffic.
IDP_APPDDOS_APP_ATTACK_EVENT
System Log Message DDOS Attack at timestamp on ddos-application-name,
<source-zone-name:source-interface-name:source-address:source-port->destination-zone-name:destination-interface-name:destination-address:destination-port>
for protocol-name protocol and service service-name by rule rule-name of rulebase
rulebase-name in policy policy-name. attack: repeats repeat-count action action severity
severity, connection-hit-rate connection-hit-rate, context-name context-name, hit-rate
context-hit-rate, value-hit-rate context-value-hit-rate time-scope time-scope time-count
time-count time-period time-period secs, context value: context-value
Description The application-level distributed denial-of-service (AppDDoS) attack occurred when
the number of client transactions exceeded the user-configured connection, context and
time binding thresholds
Type Event: This message reports an event, not an error
Severity info
Facility LOG_PFE
IDP_APPDDOS_APP_STATE_EVENT
System Log Message DDOS Application threshold crossed at timestamp on ddos-application-name,
<destination-zone-name:destination-interface-name:destination-address:destination-port>
for protocol-name protocol and service service-name in rule rule-name of rulebase
rulebase-name in policy policy-name. repeats repeat-count message: message
context-value: context-value
Description The application-level distributed denial-of-service (AppDDoS) state transition occurred
when the number of application transactions exceeded the user-configured connection
or context thresholds
Type Event: This message reports an event, not an error
Severity info
Facility LOG_PFE
297Copyright © 2010, Juniper Networks, Inc.
To Next Page
Loading...
Need help?
General
