HP LaserJet Enterprise, HP PageWide Enterprise - HP Security Event Logging Messaging Reference (white paper)
Chapter 2 – Enhanced security event logging 117
• Certificates
• Kerberos
<user> - User who modified the IPsec policy.
<client computer IP address> - IP address of the client computer that sent the request to modify
the IPsec policy.
<interface> - Networking interface on the local device that received the request to modify the
IPsec policy. Possible values are:
• Wired
• AP
• STA
Message:
<device type>: IPsec policy modified; time="<timestamp>" policy_name="<name>"
item=authentication_type value=IKEv1 old_value=IKEv2 identity_authentication_option
value=<value> user=“<user>“ source_IP="<client computer IP address>" outcome=success
interface=<interface>
Interface(s):
EWS
Syslog severity:
Warning
Explanation:
An IKEv2 IPsec policy was modified and converted into an IKEv1 IPsec policy.
Variables:
<device type> - see Table 2-2.
<timestamp> - see Table 2-2.
<name> - IPsec policy name.
<value> - Authentication method that will be used by both endpoints to perform mutual
authentication. Possible values are:
• Pre-shared_key
• Certificates
• Kerberos
<user> - User who modified the IPsec policy.
<client computer IP address> - IP address of the client computer that sent the request to modify
the IPsec policy.
<interface> - Networking interface on the local device that received the request to modify the
IPsec policy. Possible values are:
• Wired
• AP
• STA
Message:
<device type>: IPsec policy deleted; time="<timestamp>" policy_name="<name>"
item=identity_authentication_option value=<value> user="<user>" source_IP="<client computer
IP address>" outcome=success interface=<interface>
Interface(s):
EWS
Syslog severity:
Warning
Explanation:
An IKEv1 IPsec policy was deleted.
Variables:
<device type> - see Table 2-2.
<timestamp> - see Table 2-2.
<name> - IPsec policy name.
<value> - Authentication method that was used by both endpoints to perform mutual
authentication. Possible values are:
• Pre-shared_key