Log Listing with
Security Violation
Detected
Log Listing with No
Security Violation
Detected
Figure 9-19. Example of Log Listing With and Without Detected Security Violations
Using the Event Log To Find Intrusion Alerts
The Event Log lists port security intrusions as:
W MM/DD/YY HH:MM:SS FFI: port A3 - Security Violation
where "
W
" is the severity level of the log entry and
that generated the entry. For further information, display the Intrusion Log,
as shown below.
From the CLI. Type the log command from the Manager or Configuration
level.
Syntax:
log [search-text ]
For search-text , you can use ffi, security, or violation. For example:
From the Menu Interface: In the Main Menu, click on 4. Event Log and use
Next page and Prev page to review the Event Log contents.
For More Event Log Information. See "Using the Event Log To Identify
Problem Sources" in the "Troubleshooting" chapter of the Management and
Configuration Guide for your switch.
Configuring and Monitoring Port Security
Reading Intrusion Alerts and Resetting Alert Flags
FFI
is the system module
Log Command with "security"
for Search String
9-35