Security¶

Security | Abduct | Cable Abduct¶

Probable Causes

Multiple access links goes down almost in same time

Recommended Actions

Check electrics and send security team to catch the thief

Related Events

Event Class	Role
Security \| Abduct \| Cable Abduct	opening event

Security | Access | Case Open¶

Variables

Name	Description	Defaults
name	Name

Related Events

Event Class	Role
Security \| Access \| Case Close	closing event
Security \| Access \| Case Open	opening event

Security | Access | Door Open¶

Variables

Name	Description	Defaults
name	Name

Related Events

Event Class	Role
Security \| Access \| Door Close	closing event
Security \| Access \| Door Open	opening event

Security | Attack | Attack¶

Symptoms

Unsolicitized traffic from source

Probable Causes

Virus/Botnet activity or malicious actions

Recommended Actions

Negotiate the source if it is your customer, or ignore

Variables

Name	Description	Defaults
name	Attack name
interface	Interface
src_ip	Source IP
src_mac	Source MAC
vlan	Vlan ID
description	Interface description
vlan_name	Vlan name

Related Events

Event Class	Role
Security \| Attack \| Attack	opening event

Security | Attack | Blat Attack¶

Variables

Name	Description	Defaults
interface	Interface
src_ip	Source IP
description	Interface description

Related Events

Event Class	Role
Security \| Attack \| Blat Attack	opening event

Security | Attack | IP Spoofing¶

Variables

Name	Description	Defaults
interface	Interface
src_ip	Source IP
src_mac	Source MAC
description	Interface description

Related Events

Event Class	Role
Security \| Attack \| IP Spoofing	opening event

Security | Attack | Land Attack¶

Variables

Name	Description	Defaults
interface	Interface
src_ip	Source IP
description	Interface description

Related Events

Event Class	Role
Security \| Attack \| Land Attack	opening event

Security | Attack | Ping Of Death¶

Variables

Name	Description	Defaults
interface	Interface
src_ip	Source IP
src_mac	Source MAC
description	Interface description

Related Events

Event Class	Role
Security \| Attack \| Ping Of Death	opening event

Security | Attack | Smurf Attack¶

Variables

Name	Description	Defaults
interface	Interface
src_ip	Source IP
description	Interface description

Related Events

Event Class	Role
Security \| Attack \| Smurf Attack	opening event

Security | Attack | TCP SYNFIN Scan¶

Variables

Name	Description	Defaults
interface	Interface
src_ip	Source IP
description	Interface description

Related Events

Event Class	Role
Security \| Attack \| TCP SYNFIN Scan	opening event

Security | Attack | Teardrop Attack¶

Variables

Name	Description	Defaults
interface	Interface
src_ip	Source IP
src_mac	Source MAC
description	Interface description

Related Events

Event Class	Role
Security \| Attack \| Teardrop Attack	opening event

Security | Authentication | RADIUS server failed¶

Variables

Name	Description	Defaults
ip	RADIUS server address

Related Events

Event Class	Role
Security \| Authentication \| RADIUS server failed	opening event
Security \| Authentication \| RADIUS server recovered	closing event

Security | Authentication | TACACS+ server failed¶

Variables

Name	Description	Defaults
ip	TACACS+ server address

Related Events

Event Class	Role
Security \| Authentication \| TACACS+ server failed	opening event
Security \| Authentication \| TACACS+ server recovered	closing event