z/OS Communications Server: IP Messages Volume 4 (EZZ, SNM)
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


EZZ9325I

z/OS Communications Server: IP Messages Volume 4 (EZZ, SNM)
SC27-3657-01

EZZ9325I
TRMD Log records missing:timestamp,logtype=logtype,logmissing=logmissing,probeid=probeid,sensorhostname=sensorhostname

Explanation

The Intrusion Detection Service (IDS) event recording capacity was exceeded and log entries for an intrusion type specified in an active policy have been lost.

timestamp is the date and time at which the log entries were lost.

logtype is the intrusion type for which log entries have been lost. logtype will be one of the following:
  • ATTACK
  • TCPTR
  • UDPTR
  • SCAN
  • SCANDT

logmissing is the number of log entries missing.

probeid is the unique identifier of the probe detection point. See z/OS Communications Server: IP and SNA Codes for a description of the Intrusion Detection Services probe IDs.

sensorhostname is the fully qualified host name of the IDS sensor.

System action

Processing continues.

Operator response

None.

System programmer response

Examine relevant syslog messages to determine the source of the log entries and either adjust the active policy to be less restrictive or investigate the logged intrusions.

Module

EZATRMD

Procedure name

WriteLogEntries

Parent topic: EZZ9xxxx messages

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014