Using the event log to find intrusion alerts, From the cli, Using the event log to find intrusion alerts -21 – HP 4100GL User Manual

Configuring and Monitoring Port Security

Reading Intrusion Alerts and Resetting Alert Flags

Intrusion Alert on port A1 is now cleared.

Figure 7-14. Example of Port Status Screen After Alert Flags Reset

For more on clearing intrusions, see “Note on Send-Disable Operation” on
page 7-17

Using the Event Log To Find Intrusion Alerts

The Event Log lists port security intrusions as:

W MM/DD/YY HH:MM:SS FFI: port A3 — Security Violation

where “

W

” is the severity level of the log entry and

FFI

is the system module

that generated the entry. For further information, display the Intrusion Log,
as shown below.

From the CLI.

Type the

log command from the Manager or Configuration

level.

Syntax:

log < search-text >

For

< search-text >, you can use ffi, security, or violation. For example:

Log Listing with
Security Violation
Detected

Log Listing with No
Security Violation
Detected

Log Command
with “security”
for Search String

Figure 7-15. Example of Log Listing With and Without Detected Security Violations

7-21