HP LaserJet Enterprise, HP PageWide Enterprise - HP Security Event Logging Messaging Reference (white paper)
Chapter 2 – Enhanced security event logging 118
• Certificates
• Kerberos
<user> - User who deleted the IPsec policy.
<client computer IP address> - IP address of the client computer that sent the request to delete
the IPsec policy.
<interface> - Networking interface on the local device that received the request to delete the
IPsec policy. Possible values are:
• Wired
• AP
• STA
IPsec policy with IKEv2
Message:
<device type>: IPsec policy added; time="<timestamp>" policy_name="<name>"
local_identity_authentication_option=<local identity authentication option>
local_identityType="<local identity type>" remote_identity_authentication_option=<remote
identity authentication option> remote_identity_type="<remote identity type>" user=”<user>”
source_IP="<client computer IP address>" outcome=success interface=<interface>
Interface(s):
EWS
Syslog severity:
Warning
Explanation:
An IKEv2 IPsec policy was added.
Variables:
<device type> - see Table 2-2.
<timestamp> - see Table 2-2.
<name> - IPsec/Firewall template name.
<local identity authentication option> - Authentication method the IPsec peer will use to
authenticate the local device. Possible values are:
• Pre-shared_key
• Certificates
<local identity type> - Identity type the IPsec peer will use to identify the local device. Possible
values are:
• Distinguished_Name
• FQDN
• E-mail
• IP_Address
• Key-ID
<remote identity authentication option> - Authentication method the local device will use to
authenticate the IPsec peer. Possible values are:
• Pre-shared_key
• Certificates
<remote identity type> - Identity type the local device will use to identify the IPsec peer. Possible
values are:
• Distinguished_Name
• FQDN
• E-mail
• IP_Address
• Key-ID
<user> - User who added the IPsec policy.
<client computer IP address> - IP address of the client computer that sent the request to add the
IPsec policy.