HP LaserJet Enterprise, HP PageWide Enterprise - HP Security Event Logging Messaging Reference (white paper)
Chapter 2 – Enhanced security event logging 16
Explanation:
HP Connection Inspector feature has entered protected mode.
Variables:
<device type> - see Table 2-2.
<timestamp> - see Table 2-2.
Message:
<device type>: HP Connection Inspector event; time="<timestamp>" event= dns_query
value="<host name>" outcome=failure
Interface(s):
N/A
Syslog severity:
Warning
Explanation:
HP Connection Inspector feature has detected dns query failure for a hostname.
Variables:
<device type> - see Table 2-2.
<timestamp> - see Table 2-2.
<host name> - Host name whose DNS lookup failed.
Intrusion detection
Message:
<device type>: Potential intrusion. Memory corruption detected.; time="<timestamp>"
source_IP="<local device IP address>"
Interface(s):
N/A
Syslog severity:
Alert
Explanation:
Memory corruption was detected.
NOTE: Corruption of memory could be indicative of injection of malware.
Variables:
<device type> - see Table 2-2.
<timestamp> - see Table 2-2.
<local device IP address> - IP address of the local device.
Message:
<device type>: Intrusion detection disabled. Unable to scan for memory corruption.;
time="<timestamp>" source_IP="<local device IP address>"
Interface(s):
N/A
Syslog severity:
Alert
Explanation:
The intrusion detection algorithm was disabled.
Variables:
<device type> - see Table 2-2.
<timestamp> - see Table 2-2.
<local device IP address> - IP address of the local device.
Message:
<device type>: Failed to initialize intrusion detection.; time="<timestamp>" source_IP="<local IP
address>"
Interface(s):
N/A
Syslog severity:
Alert
Explanation:
Initialization of the intrusion detection functionality failed.
Variables:
<device type> - see Table 2-2.
<timestamp> - see Table 2-2.
<local device IP address> - IP address of the local device.