Tectia

Appendix D Audit Messages

This appendix lists the audit messages generated by the Connection Broker.

1000 KEX_failure

Level: warning

Origin: Tectia Server, Connection Broker

The key exchange failed.

Default log facility: normal

ArgumentDescription
Username User's login name (not present for first KEX)
Algorithm KEX algorithm name (not present if failure happens before choosing the algorithm)
Text Error description
Session-Id Session identifier

1001 Algorithm_negotiation_failure

Level: warning

Origin: Tectia Server, Connection Broker

Algorithm negotiation failed - there was no common algorithm in the client's and server's lists.

Default log facility: normal

ArgumentDescription
Username User's login name (not present for first KEX)
Algorithm Algorithm type
Client algorithms Client's algorithm list
Server algorithms Server's algorithm list
Session-Id Session identifier

1002 Algorithm_negotiation_success

Level: informational

Origin: Tectia Server, Connection Broker

Algorithm negotiation succeeded.

Default log facility: normal

ArgumentDescription
Username User's login name (not present for first KEX)
Text Negotiated algorithms
Session-Id Session identifier

1003 KEX_success

Level: informational

Origin: Connection Broker

Key-exchange was successful.

Default log facility: normal

ArgumentDescription
Algorithm Kex method name.
Session-Id Session identifier.
Protocol-session-Id Protocol session identifier.

1100 Certificate_validation_failure

Level: informational

Origin: Tectia Server, Connection Broker

A received certificate failed to validate correctly under any of the configured CAs.

Default log facility: normal

ArgumentDescription
Username User's login name (not present for first KEX)
Text Resulting search states for all configured CAs.
Session-Id Session identifier

1101 Certificate_validation_success

Level: informational

Origin: Tectia Server, Connection Broker

A received certificate validated correctly under one or more configured CAs.

Default log facility: normal

ArgumentDescription
Username User's login name
CA List A list of CAs under which the user's certificate validated correctly.
Session-Id Session identifier

1110 CM_find_started

Level: informational

Origin: Tectia Server, Connection Broker

A low-level search was started in the certificate validation subsystem.

Default log facility: normal

ArgumentDescription
Ctx Search context
Search constraints Search constraints.

1111 CM_find_finished

Level: informational

Origin: Tectia Server, Connection Broker

A low-level find operation has finished in the certificate validation subsystem.

Default log facility: normal

ArgumentDescription
Ctx Context pointer that identifies the search

1112 CM_cert_not_in_search_interval

Level: informational

Origin: Tectia Server, Connection Broker

The certificate is not valid during the required time period.

Default log facility: normal

ArgumentDescription
SubjectName Subject name of the certificate
Text Error description
Ctx Search context

1113 CM_certificate_revoked

Level: informational

Origin: Tectia Server, Connection Broker

A certificate was found to be revoked.

Default log facility: normal

ArgumentDescription
SubjectName Subject name of the certificate
Ctx The context pointer of the search

1114 CM_cert_search_constraint_mismatch

Level: informational

Origin: Tectia Server, Connection Broker

The certificate did not satisfy the constraints set for the search.

Default log facility: normal

ArgumentDescription
SubjectName Subject name of the certificate
Text Description of the mismatch
Ctx Search context

1115 CM_ldap_search_started

Level: informational

Origin: Tectia Server, Connection Broker

An LDAP search for a CRL or a sub-CA is being started.

Default log facility: normal

ArgumentDescription
Text Search details

1116 CM_ldap_search_success

Level: informational

Origin: Tectia Server, Connection Broker

An LDAP search for a CRL or a sub-CA completed successfully.

Default log facility: normal

ArgumentDescription
Text Search details

1117 CM_ldap_search_failure

Level: informational

Origin: Tectia Server, Connection Broker

The attempt to contact an LDAP server was unsuccessful.

Default log facility: normal

ArgumentDescription
Text Error details

1118 CM_http_search_started

Level: informational

Origin: Tectia Server, Connection Broker

The certificate validation subsystem is initiating a search for a CRL or a sub-CA through the HTTP protocol.

Default log facility: normal

ArgumentDescription
Text Search target

1119 CM_http_search_success

Level: informational

Origin: Tectia Server, Connection Broker

An HTTP request for a CRL or a sub-CA completed successfully.

Default log facility: normal

ArgumentDescription
Text Status message detailing what was being retrieved

1120 CM_http_search_failure

Level: informational

Origin: Tectia Server, Connection Broker

An HTTP request for a CRL or a sub-CA failed.

Default log facility: normal

ArgumentDescription
Text Error details

1121 CM_crl_added

Level: informational

Origin: Tectia Server, Connection Broker

A new CRL was successfully added to the certificate validation subsystem.

Default log facility: normal

ArgumentDescription
Text CRL's issuer and validity period

1122 Certificate_end_point_id_check_success

Level: informational

Origin: Connection Broker

End point identity check succeeded.

Default log facility: normal

ArgumentDescription
Server Host name
Text Explanatory message

1123 Certificate_end_point_id_check_warning

Level: informational

Origin: Connection Broker

Certificate end point identity check warning.

Default log facility: normal

ArgumentDescription
Server Host name
Text Warning message

1124 Certificate_end_point_id_check_failure

Level: informational

Origin: Connection Broker

Certificate end point identity check failure.

Default log facility: normal

ArgumentDescription
Server Host name
Text Error message

1200 Key_store_create

Level: informational

Origin: Tectia Server, Connection Broker

Key store created.

Default log facility: normal

1201 Key_store_create_failed

Level: warning

Origin: Tectia Server, Connection Broker

Key store creation failed.

Default log facility: normal

1202 Key_store_destroy

Level: informational

Origin: Tectia Server, Connection Broker

Key store destroyed.

Default log facility: normal

1204 Key_store_add_provider

Level: informational

Origin: Tectia Server, Connection Broker

Added a provider to the key store.

Default log facility: normal

ArgumentDescription
Type Provider type

1205 Key_store_add_provider_failed

Level: warning

Origin: Tectia Server, Connection Broker

Adding a provider to the key store failed.

Default log facility: normal

ArgumentDescription
Type Provider type
EK error Error message

1206 Key_store_remove_provider

Level: informational

Origin: Tectia Server, Connection Broker

Removed a provider from the key store.

Default log facility: normal

ArgumentDescription
Init info Provider name

1208 Key_store_decrypt

Level: informational

Origin: Tectia Server, Connection Broker

A key was used successfully for decryption.

Default log facility: normal

ArgumentDescription
Key path Key path
Fwd path Fwd path

1209 Key_store_decrypt_failed

Level: warning

Origin: Tectia Server, Connection Broker

A key was used unsuccessfully for decryption.

Default log facility: normal

ArgumentDescription
Key path Key path
Fwd path Fwd path
Crypto error Error string

1210 Key_store_sign

Level: informational

Origin: Tectia Server, Connection Broker

A key was used successfully for signing.

Default log facility: normal

ArgumentDescription
Key path Key path
Fwd path Fwd path

1211 Key_store_sign_failed

Level: warning

Origin: Tectia Server, Connection Broker

A key was used unsuccessfully for signing.

Default log facility: normal

ArgumentDescription
Key path Key path
Fwd path Fwd path
Crypto error Error string

1212 Key_store_sign_digest

Level: informational

Origin: Tectia Server, Connection Broker

A key was used successfully for signing a digest.

Default log facility: normal

ArgumentDescription
Key path Key path
Fwd path Fwd path

1213 Key_store_sign_digest_failed

Level: warning

Origin: Tectia Server, Connection Broker

A key was used unsuccessfully for signing a digest.

Default log facility: normal

ArgumentDescription
Key path Key path
Fwd path Fwd path
Crypto error Error string

1214 Key_store_ek_provider_failure

Level: warning

Origin: Tectia Server, Connection Broker

External key provider failure.

Default log facility: normal

ArgumentDescription
Key path Key path
Text Key label
Text Error description

1300 Channel_inbound_statistics

Level: informational

Origin: Connection Broker, Tectia Server

Statistics for the inbound side of a channel (traffic arriving from the network)

Default log facility: normal

ArgumentDescription
Username User's login name
Session-Id Session identifier
Channel Id Local channel id
Packet count Protocol packet count
Packet size Average protocol packet payload size

1301 Channel_outbound_statistics

Level: informational

Origin: Connection Broker, Tectia Server

Statistics for the outbound side of a channel (traffic going to the network)

Default log facility: normal

ArgumentDescription
Username User's login name
Session-Id Session identifier
Channel Id Local channel id
Packet count Protocol packet count
Packet size Average protocol packet payload size
Packet size Final size of outbound channel buffer

6000 Broker_client_connect

Level: informational

Origin: Connection Broker

A client connected to the Broker.

Default log facility: discard

ArgumentDescription
Client Client name
Pid Process id
Local username Local user name

6001 Broker_client_connect_failed

Level: warning

Origin: Connection Broker

A client attempted to connect unsuccessfully to the Broker.

Default log facility: normal

ArgumentDescription
Client Client name
Pid Process id
Local username Local user name
Text Reason

6002 Broker_client_disconnect

Level: informational

Origin: Connection Broker

A client disconnected from the Broker.

Default log facility: discard

ArgumentDescription
Client Client name
Pid Process id
Local username Local user name

6004 Broker_exec_channel_open

Level: informational

Origin: Connection Broker

The Broker opened an exec channel.

Default log facility: discard

ArgumentDescription
Client Client name
Pid Client process id
Server Server host
Server Port Server port
Remote username Remote user name
Local username Local user name
Command Command
Text Exec parameters
Channel Id Channel ID
Session-Id Session ID

6005 Broker_exec_channel_open_failed

Level: warning

Origin: Connection Broker

The Broker failed to open an exec channel for a client.

Default log facility: normal

ArgumentDescription
Client Client name
Pid Client process id
Server Server host
Server Port Server port
Remote username Remote user name
Local username Local user name
Command Command
Text Exec parameters
Channel Id Channel ID
Text Reason
Session-Id Session ID

6006 Broker_tunnel_open

Level: informational

Origin: Connection Broker

The Broker opened a tunnel for a client.

Default log facility: discard

ArgumentDescription
Client Client name
Pid Client process id
Server Server host
Server Port Server port
Remote username Remote user name
Local username Local user name
Dst Destination host
Dst Port Destination port
Tunnel type Tunnel type
Session-Id Session ID

6007 Broker_tunnel_open_failed

Level: warning

Origin: Connection Broker

The Broker failed to open a tunnel for a client.

Default log facility: normal

ArgumentDescription
Client Client name
Pid Client process id
Server Server host
Server Port Server port
Remote username Remote user name
Local username Local user name
Dst Destination host
Dst Port Destination port
Tunnel type Tunnel type
Text Reason
Session-Id Session ID

6008 Broker_tunnel_listener_open

Level: informational

Origin: Connection Broker

The Broker opened a tunnel listener for a client.

Default log facility: discard

ArgumentDescription
Client Client name
Pid Client process id
Server Server host
Server Port Server port
Remote username Remote user name
Local username Local user name
Listener Listener host
Listener Port Listener port
Dst Destination host
Dst Port Destination port
Tunnel type Tunnel type
Text Tunnel listener parameters
Session-Id Session ID

6009 Broker_tunnel_listener_open_failed

Level: warning

Origin: Connection Broker

The Broker failed to open a tunnel listener for a client.

Default log facility: normal

ArgumentDescription
Client Client name
Pid Client process id
Server Server host
Server Port Server port
Remote username Remote user name
Local username Local user name
Listener Listener host
Listener Port Listener port
Dst Destination host
Dst Port Destination port
Tunnel type Tunnel type
Text Tunnel listener parameters
Text Reason
Session-Id Session ID

6010 Broker_channel_fd_strip

Level: informational

Origin: Connection Broker

The Broker destroyed a channel object (and returned the underlying fd to the client).

Default log facility: discard

ArgumentDescription
Client Client name
Pid Client process id
Channel Id Channel ID
Text Channel permanent?
Local username Local user name
Session-Id Session ID

6011 Broker_channel_fd_strip_failed

Level: warning

Origin: Connection Broker

The Broker failed to destroy a channel object (and return the underlying fd to the client).

Default log facility: normal

ArgumentDescription
Client Client name
Pid Client process id
Channel Id Channel ID
Text Channel permanent?
Local username Local user name
Text Reason
Session-Id Session ID

6012 Broker_channel_control

Level: informational

Origin: Connection Broker

The Broker sent a channel control message.

Default log facility: discard

ArgumentDescription
Client Client name
Pid Client process id
Channel Id Channel ID
Command Command
Args Arguments
Local username Local user name
Session-Id Session ID

6013 Broker_channel_control_failed

Level: warning

Origin: Connection Broker

The Broker failed to send a channel control message.

Default log facility: normal

ArgumentDescription
Client Client name
Pid Client process id
Channel Id Channel ID
Command Command
Args Arguments
Local username Local user name
Text Reason
Session-Id Session ID

6014 Broker_channel_close

Level: informational

Origin: Connection Broker

The Broker closed a channel.

Default log facility: discard

ArgumentDescription
Client Client name
Pid Client process id
Channel Id Channel ID
Exit Value Exit value
Local username Local user name
Session-Id Session ID

6015 Broker_channel_close_failed

Level: warning

Origin: Connection Broker

The Broker failed to close a channel.

Default log facility: normal

ArgumentDescription
Client Client name
Pid Client process id
Channel Id Channel ID
Local username Local user name
Text Reason

6018 Broker_server_version_request

Level: informational

Origin: Connection Broker

The Broker requested (and got) the server version.

Default log facility: discard

ArgumentDescription
Client Client name
Pid Client process id
Channel Id Channel ID
Ver Version
Local username Local user name
Session-Id Session ID

6019 Broker_server_version_request_failed

Level: warning

Origin: Connection Broker

The Broker failed to get the server version.

Default log facility: normal

ArgumentDescription
Client Client name
Pid Client process id
Channel Id Channel ID
Local username Local user name
Text Reason
Session-Id Session ID

6020 Broker_channel_process_exit

Level: informational

Origin: Connection Broker

Channel process exit request was successful.

Default log facility: discard

ArgumentDescription
Client Client name
Pid Client process id
Local username Local user name
Session-Id Session ID

6021 Broker_channel_process_exit_failed

Level: warning

Origin: Connection Broker

Channel process exit request failed.

Default log facility: normal

ArgumentDescription
Client Client name
Pid Client process id
Text Reason
Local username Local user name
Session-Id Session ID

6025 Broker_connector_license_check_failed

Level: warning

Origin: Connection Broker

Connector license check failed.

Default log facility: normal

ArgumentDescription
Text Error message
Session-Id Session identifier

6026 Broker_server_rekey

Level: notice

Origin: Connection Broker

The Broker requested rekeying and it was successful.

Default log facility: normal

ArgumentDescription
Client Client name
Pid Client process id
Channel Id Channel ID
Local username Local user name
Session-Id Session ID

6027 Broker_server_rekey_failed

Level: warning

Origin: Connection Broker

The Broker requested rekeying but it failed.

Default log facility: normal

ArgumentDescription
Client Client name
Pid Client process id
Channel Id Channel ID
Local username Local user name
Text Reason
Session-Id Session ID

6100 Broker_starting

Level: notice

Origin: Connection Broker

The Broker is starting.

Default log facility: normal

ArgumentDescription
Local username Local user name

6101 Broker_start_failed

Level: warning

Origin: Connection Broker

Starting the Broker failed.

Default log facility: normal

ArgumentDescription
Local username Local user name
Success | Error Error code
Text Error message

6102 Broker_running

Level: notice

Origin: Connection Broker

The Broker is running.

Default log facility: normal

ArgumentDescription
Local username Local user name
Text Message text

6104 Broker_stopping

Level: notice

Origin: Connection Broker

The Broker is stopping.

Default log facility: normal

ArgumentDescription
Local username Local user name

6106 Broker_reconfig_started

Level: notice

Origin: Connection Broker

Reconfiguration started.

Default log facility: normal

ArgumentDescription
Local username Local user name

6108 Broker_reconfig_finished

Level: notice

Origin: Connection Broker

Reconfiguration finished.

Default log facility: normal

ArgumentDescription
Local username Local user name
Success | Error Error code

6114 Broker_config_deprecated_element

Level: warning

Origin: Connection Broker

The Broker config contains a deprecated element.

Default log facility: normal

ArgumentDescription
Text Event description.

6200 Broker_tcp_connect

Level: informational

Origin: Connection Broker

Broker TCP connection attempt was successful.

Default log facility: discard

ArgumentDescription
Dst Destination host
Dst Port Destination port
Src Port Source port
Local username Local username

6201 Broker_tcp_connect_failed

Level: warning

Origin: Connection Broker

Broker TCP connection attempt failed.

Default log facility: normal

ArgumentDescription
Dst Destination host
Dst Port Destination port
Local username Local username
NIO error NIO error

6204 Broker_transport_connect

Level: informational

Origin: Connection Broker

A transport was connected through TCP.

Default log facility: discard

ArgumentDescription
Dst Destination host
Dst Port Destination port
Remote username Remote username
Src Port Source port
Local username Local username
Session-Id Session ID

6206 Broker_transport_gateway_connect

Level: informational

Origin: Connection Broker

A transport was connected through a gateway handle.

Default log facility: discard

ArgumentDescription
Dst Destination host
Dst Port Destination port
Remote username Remote username
Local username Local username
Session-Id Session ID

6208 Broker_connection_connect

Level: informational

Origin: Connection Broker

The Broker got successfully a Secure Shell connection up.

Default log facility: discard

ArgumentDescription
Dst Destination host
Dst Port Destination port
Local username Local username
Remote username Remote username
Uses gateway? Is this going through a gateway handle
Session-Id Session ID

6209 Broker_connection_connect_failed

Level: warning

Origin: Connection Broker

The Broker failed to get a Secure Shell connection up.

Default log facility: normal

ArgumentDescription
Dst Destination host
Dst Port Destination port
Local username Local username
Remote username Remote username
Uses gateway? Is this going through a gateway handle
Session-Id Session ID
Text Error code

6210 Broker_connection_disconnect

Level: informational

Origin: Connection Broker

A Secure Shell connection initiated by the Broker was disconnected.

Default log facility: discard

ArgumentDescription
Local username Local user
Session-Id Session identifier
Dst Destination host
Dst Port Destination port
Remote username Remote username

6211 Broker_unknown_hostkey_accepted

Level: warning

Origin: Connection Broker

* The Broker accepted an unknown hostkey without user interaction * because of configuration.

Default log facility: normal

ArgumentDescription
Text Key digest
Dst Destination host
Dst Port Destination port
Local username Local username
Remote username Remote username

6212 Broker_new_hostkey

Level: warning

Origin: Connection Broker

* First connection to a server or this server hostkey was never * saved before.

Default log facility: normal

ArgumentDescription
Text Key digest
Dst Destination host
Dst Port Destination port
Local username Local username
Remote username Remote username

6213 Broker_hostkey_changed

Level: warning

Origin: Connection Broker

* Server hostkey is different than the saved hostkey.

Default log facility: normal

ArgumentDescription
Text Key digest
Dst Destination host
Dst Port Destination port
Local username Local username
Remote username Remote username

6301 Broker_userauth_failure

Level: warning

Origin: Connection Broker

User authentication failed.

Default log facility: normal

ArgumentDescription
Text Reason
Session-Id Session identifier

6302 Broker_userauth_method_success

Level: informational

Origin: Connection Broker

A user authentication method succeeded.

Default log facility: discard

ArgumentDescription
Text Authentication method
Session-Id Session identifier

6303 Broker_userauth_method_failure

Level: warning

Origin: Connection Broker

A user authentication method failed.

Default log facility: discard

ArgumentDescription
Text Authentication method
Text Reason
Session-Id Session identifier

6401 Connector_filter_rule

Level: informational

Origin: Connection Broker

Connector not tunneling

Default log facility: discard

ArgumentDescription
Connector Connector action
DNS entry DNS entry ID
Application Application
Dst Address
Dst Port Port