106
edits
Incidents: Difference between revisions
add self-signed cert incident attribute
(add self-signed cert incident attribute) |
|||
| Line 328: | Line 328: | ||
prior to 4.4: <s>ssl_handshake</s>) | prior to 4.4: <s>ssl_handshake</s>) | ||
|This trigger is checked during handshake of each TLS connection. | |This trigger is checked during handshake of each TLS connection. | ||
|certificate_expires | |certificate_expires | ||
certificate_is_self_signed (firmware > 4.6) | |||
tls_alert_level | |||
|mandatory | |mandatory | ||
|Connection filter (src/dst IP and port) | |Connection filter (src/dst IP and port) | ||
| Line 372: | Line 374: | ||
* '''bytes_dropped''': The amount of bytes dropped by a ring buffer in the given timespan. | * '''bytes_dropped''': The amount of bytes dropped by a ring buffer in the given timespan. | ||
* '''certificate_expires''': This is the number of days until the certificate expires. If the certificate is already expired, the value is <= 0. | * '''certificate_expires''': This is the number of days until the certificate expires. If the certificate is already expired, the value is <= 0. | ||
* '''certificate_is_self_signed''': If a self-signed certificat is used. The trigger checks whether “Issuer” and “Subject” have the same value. It does not check whether the certificate is signed by a public Certificate Authority. | |||
* '''channel_status''': 0 means that the LACP port channel is not synchronized, 1 means that the LACP port channel is synchronized. | * '''channel_status''': 0 means that the LACP port channel is not synchronized, 1 means that the LACP port channel is synchronized. | ||
* '''duration''': | * '''duration''': | ||