Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

MSmeltzer
New Contributor

Critical Alert Email notifys IPS Session scan, entering fail open mode

Hey Guys, 

I am looking into the following log issues that I get emailed ever since I have enabled "critical" alerts email. Entires are as follows:

 

Message meets Alert condition

The following critical firewall event was detected: IPS session scan resumed.

date=2017-01-16 time=13:02:03 devname=internetgw01 devid=FG1K5XXXXXXXXXXX logid=0100022701 type=event subtype=system level=critical vd=root logdesc="IPS session scan resumed" msg="IPS session scan resumed, exit fail open mode."

 

Message meets Alert condition

The following critical firewall event was detected: IPS session scan paused.

date=2017-01-16 time=13:00:03 devname=internetgw01 devid=FG1K5XXXXXXXXXX logid=0100022700 type=event subtype=system level=critical vd=root logdesc="IPS session scan paused" action="drop" msg="IPS session scan, enter fail open mode"

 

Just wondering what they mean. I am not able to find the logid through the FAZ.

 

Thanks

Matt

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.