Summary
Know what to do when a specific Deep Security Manager alert appears. This article enumerates the recommended actions for most common alerts.
Details
| Alert | Priority | Action | Log |
|---|---|---|---|
| Agent configuration package too large | Warning |
|
|
| Anti-Malware Component Update Failed | Warning | Check whether the AM license is expired or not. Confirm whether the agent can connect to relay. |
|
| Anti-Malware Engine Offline | Critical | Check this article: Troubleshooting guidelines for common Deep Security issues. | N/A |
| Anti-Malware protection is absent or out of date | Warning | Performing a security update will fix this alert. When the security update is finished, go to Computer > Update and it should show "Up-to-date". |
|
| Application Type Misconfiguration | Warning | Refer to this article: "There are one or more Application Type conflicts on this Computer..." appears in DPI Events when updating the Deep Security Agent (DSA). | N/A |
| Communications Problem Detected | Warning | Test the connection between DSA (4118) and DSM (4120) using telnet. Ensure that DSA and DSM can resolve its hostname. |
|
| Computer Reboot Required | Warning | When there is any change on the driver-related level, request a machine OS reboot for the changes to take effect. | N/A |
| Connection to Filter Driver Failure | Critical | N/A |
|
| Firewall Engine Offline | Critical | Follow this article: Intrusion Prevention and Firewall engines appear offline after upgrading Deep Security |
|
| Integrity Monitoring Engine Offline | Critical | Follow this article: Rebuild Baseline Failure, Integrity Monitoring Engine Offline and Anti-Malware Engine Offline errors shows after activating a VM. | N/A |
| Integrity Monitoring information collection has been delayed | Warning | Check this article: “Integrity Monitoring information collection has been delayed” appears in Deep Security. | N/A |
| Intrusion Prevention Engine Offline | Critical | Follow this article: Intrusion Prevention and Firewall engines appear offline after upgrading Deep Security |
|
| Log Inspection Engine Offline | Critical | Remove the rules one by one to narrow down the issue. |
|
| Relay Update Service Unavailable | Critical | Follow this article: The Deep Security Relay (DSR) Agent generates an alert "Relay Update Service Unavailable" after its own update. | N/A |
| Scheduled Malware Scan Failure (Agent/Appliance configuration error) | N/A | To resolve the issue:
|
|
| Scheduled Malware Scan Failure (Unable to communicate with Agent/Appliance) | N/A | To resolve the issue:
|
|
| Security Update: Pattern Update on Agent/Appliance Failed. | N/A | To resolve the issue:
|
|
| Send Policy Failed (Internal Server Error) | Critical | Reset and reactive the DSA. It is also recommended to upgrade to the latest version. |
|
| Software Update: Integrity Monitoring Module Installation Failed | N/A | To resolve the issue:
|
|
| Software Update: Intrusion Prevention Module Installation Failed | N/A | To resolve the issue:
|
|
| Software Update: Log Inspection Module Installation Failed | N/A | To resolve the issue:
|
|
| Software Update: Web Reputation Module Installation Failed | N/A | To resolve the issue:
|
|
| Unable to Upgrade the Agent Software | Warning | N/A |
|
| Virtual Machine Interfaces Out of Sync | Warning | Follow this article: “Interface out of sync” appears in the Deep Security Manager (DSM) console. | N/A |
