SecurTrac Administration Guide

Pre-defined Events for use with the Intrusion Detection Monitor

SecurTrac provides a list of pre-defined events that a Notes Administrator can use to configure in the Intrusion Detection Monitor easily. The following table describes each one.

	*Event Wording*	*Description*
Authentication Failed - Public Key Not Found in Address Book(R4)	* FAILED TO AUTHENTICATE: YOUR PUBLIC KEY WAS NOT FOUND IN THE NAME AND ADDRESS BOOK	Log all attempts to access a Domino Server without an authorized public key (for Domino 4)
Authentication Failed - Public Key Not Found in Address Book(Domino 5/6/7/8)	* THE PUBLIC KEY THAT IS BEING USED DOES NOT MATCH THE ONE THAT WAS CERTIFIED*	Log all attempts to access a domino Server without an authorized public key (for Domino 5 & Domino 6/7/8)
Corrupt Event (with corrupt keyword)	CORRUPT	Log all events with the "CORRUPT" keyword
Database Deletion	DATABASE * DELETED BY *	Log all events of databases being deleted
Error Event (with error keyword)	ERROR	Log all events with the "ERROR" keyword
Failed Event (with fail keyword)	FAIL	Log all events with the "FAIL" keyword
Illegal Access Server (Web User for R5)	USER NOT AUTHENTICATED *	Log all attempts to access a Domino server through the Internet (HTTP) without authorization (for Domino 5)
Illegal Database Access Attempt	ATTEMPT TO ACCESS DATABASE * WAS DENIED	Log all attempts to access a database without authorization
Insufficient Event (with insufficient keyword)	INSUFFICIENT	Log all events with the "INSUFFICIENT" keyword
Live Console	OPENED LIVE REMOTE CONSOLE SESSION FOR *	Log all events of an administrator's live console sessions
New Database Creation	DATABASE * CREATED BY *	Log all events when a database is created
New User Session	OPENED SESSION FOR *	Log all events when a new Notes user session is opened
Passthru Connection	ESTABLISHED PASSTHRU SESSION FOR *	Log all events of Notes passthru sessions
Remote Console Command	REMOTE CONSOLE COMMAND ISSUED BY *	Log all events when issuing Remote Console commands
Security Event (with denied keyword)	DENIED	Log all events with the "DENIED" keyword
SecurTrac Error	SECURTRAC ERROR*	Log all events relating to SecurTrac errors
SecurTrac Info	SECURTRAC INFO*	Log all events relating to SecurTrac Informational messages
Unable Event (with unable keyword)	UNABLE	Log all events with the "UNABLE" keyword
Warning Event (with warning keyword)	WARNING	Log all events with the "WARNING" keyword

-------------------------------------------------------------------------------------------------------------------------------------------