Event ID lookup for audit logs
This guide provides definitions for Event IDs included in the audit logs for the SecureAuth® Identity Platform.
Please note that Event IDs listed in this guide may not apply to all product releases. Some features or functionalities, including specific Event IDs, might be introduced, modified, or deprecated in different product releases.
Event ID | Message | Definition |
|---|---|---|
10001 | Loading Realm | Load WebAdmin Base Page |
10001 | Saving Realm | Save Realm Button |
10002 | Loading Realm | Populate Realms |
10109 | Saved Access Control rules | Access Control Rules - Save |
10110 | Exception | Access Control Rules - Exception |
10111 | Defaulting to disabled. Exception | Enable App setting - Retrieve |
10112 | Exception | Enable App setting - Set |
10113 | Defaulting to debug group list. Exception | LDAP Groups - Retrieve |
10114 | Defaulting to debug realm list. Exception | SecureAuth Realms - Retrieve |
10114 | Defaulting to empty realm sets list. Exception | Access Control Rules - Retrieve |
Event ID | Message | Definition |
|---|---|---|
Workflow Page | ||
20000 | Authenticate the user successfully | Successful authentication |
20100 | CreateControlHierarchy | Security violation |
20990 | LogAuthTransaction message | LogAuthTransaction |
21000 | Land on login page | User browsed SecureAuth.aspx for login |
21001 | UerEntryState.OnTextEntry exception | User Entry - Exception |
21010 | Found user with user name successfully | Result after user typed in username on UI |
21020 | Found user, but the user’s group is not allowed | Result after user typed in username on UI |
21030 | appsetting msgDisabledAcct value | Disabeld Account |
21040 | appsetting msgProfileDataError value | Profile Data Error |
21050 | appsetting msgLockedAcct value | Locked Account |
21060 | User password is going to expire. | User Entry - PWD expiration Warning |
21061 | User password expired. | User Entry - PWD expiration |
21070 | IWA_Fallback, attempt | IWA Fallback |
21070 | Provider_Error, attempt | Provider Error |
21070 | User is not found | Cannot find the user based on username |
21070 | appsetting msgGetUserFailed value | Incorrect User |
21080 | Start registering DFP Credential | Start registering DFP Credential |
21090 | User / Password is invalid | Invalid username or password for username / password on the same page |
21100 | Land on login page | Log on Initialization |
21110 | User password expires or is going to expire. | User password expiration - Warning |
21120 | Change password failed | Incorrect Change Password |
21130 | appsetting msgGetUserMax value | Exceeded Max Change Password Attempts |
22100 | Validate password successfully for public mode | For password on a separate page |
22110 | appsetting msgValidateUserFailed value | Incorrect Kiosk Check Password |
22200 | Validate password successfully for cookie mode | For password on a separate page |
22210 | appsetting msgValidateUserFailed value | Incorrect Cookie Check Password |
22300 | Validate password successfully | For X509 / iOSDeviceID mode, password on a separate page |
22310 | appsetting msgValidateUserFailed value | Incorrect X509 Check Password |
22400 | Validate password successfully for Zombie cookie mode | For password on a separate page |
22500 | Validation of password after successful UBC credential check | For zombie cookie, password on a separate page |
22510 | appsetting msgValidateUserFailed value | Incorrect Zombie Cookie Check Password |
22600 | Validate password successfully for FingerPrint mode | For Fingerprint |
22610 | appsetting msgValidateUserFailed value | Incorrect Fingerprint Check Password |
22910 | appsetting msgValidateUserFailed value | Incorrect Standard Check Password |
23000 | FunctionalTokens: | Sate Initialization |
23001 | Initialize exception | Sate Initialization Exception |
23100 | Is ActiveX/Java-plugin installed: | IskioInstalled result |
23101 | Exception error: | OnResult Exception |
23110 | Verify result: | OnResult |
23120 | Personal certificate is found and verified by browser ActiveX component or Java plugin | For checking user’s X.509 certificate |
23130 | Need to renew certificate. | Renew certificate |
23300 | StateName + " - public mode, no need to check cookie" | State initialization in public mode |
23301 | Exception error: | State initialization exception |
23310 | Mobile cookie existence check | State initialization in private mode |
23310 | The cookie exists or not | For mobile cookie |
23311 | Cannot decrypt cookie value | State initialization in private mode exception |
23320 | The cookie value can be decrypted | State initialization in private mode |
23400 | Is ActiveX/Java-plugin installed: | State OnResult - Begin |
23401 | Exception error | State OnResult Exception |
23410 | Verify result: | State OnResult result verification Begin |
23420 | Personal certificate is found and verified by browser ActiveX component or Java plugin | For manually reload Java plugin |
23420 | appsetting msgCertValidationSuccess value | State OnResult result verification |
23500 | Cookie existence check | State Initialization Begin |
23501 | Cannot decrypt cookie value | State initialization exception |
23510 | The cookie value can be decrypted | State initialization - token check |
23511 | Exception Error | State initialization exception |
23600 | public mode, no need to check UBC credential | State initialization in public mode |
23601 | Exception error | State initialization exception |
23610 | Verified UBC Credential | For zombie cookie |
23610 | appsetting msgCertValidationSuccess value | State OnResult |
23611 | Exception error | State OnResult Exception |
23620 | UBC Credential not found | Certificate not found |
23620 | UBC Credential revoked | Certificate reset date failed |
23630 | UBC Credential not found | Not found |
23700 | iOS device ID is found | For iOS device |
23700 | iOS device ID is found | State initialize |
23701 | Exception error | State initialize exception |
23710 | iOS device ID is not found | State initialize ID not found in DB |
23800 | public mode, no need to check FingerPrint | State initialize public mode |
23801 | Exception error | State initialize exception |
23810 | Verified Fingerprint Credential | For Browser Attribute(s) |
23811 | Exception error | State OnResult exception |
23812 | Digital Fingerprint did not match. | State OnResult not matched |
24000 | Show OTP/PIN/KBA method options | For OTP, PIN, or KBA methods |
24010 | Email Link-to-Accept Selected | OTP Request method - Email Link |
24010 | Fido2 Selected | OTP Request method - Fido2 |
24010 | SMS Link-to-Accept Selected | OTP Request method - SMS Link |
24010 | YubiKey Method Selected | OTP Request method - YubiKey |
24010 | msgPushNotificationMethod | OTP Request method - Push Notification |
24010 | msgPushNotificationMethod | OTP Request method - Push Notification |
24010 | msgVIPCredentialMethod | OTP Request method - VIP Credential |
24010 | msgEmailMethod | OTP Request method - Email |
24010 | msgHelpMethod | OTP Request method - HELP |
24010 | msgKbaMethod | OTP Request method - KBA |
24010 | msgOATHMethod | OTP Request method - OATH |
24010 | msgPINMethod | OTP Request method - PIN |
24010 | msgPhoneMethod | OTP Request method - Phone |
24010 | msgSmsMethod | OTP Request method - SMS |
24020 | msgPickMethodError | OTP Request method - Error |
24100 | PIN verification succeeds | For PIN method |
24110 | KBA verification succeeds | For KBA method |
24120 | OTP verification succeeds | For OTP method |
24200 | Wrong PIN number attempt | For PIN method |
24210 | Wrong KBA attempt | For KBA method |
24220 | Wrong OTP attempt | For OTP method |
26010 | Update the existing token cookie | State Initialize |
26011 | Exception | State Initialize catch exception |
26020 | Add a token cookie | State Initialize null token |
26020 | Deliver a token cookie | For SecureAuth cookie credential |
26021 | Exception error | State Initialize Exception |
26110 | Registered UBC Credential | For zombie cookie credential |
26210 | Write iOS Device ID to database (AD) | For iOS Device ID |
26310 | Registered Fingerprint to datastore | For Browser Attribute(s) |
27000 | Start registering X509 with root cert | Register X509 Browser Start |
27001 | Exception error | State Result Action |
27010 | Registered the root cert | State Result Root Installed |
27010 | Registered the root cert | For X.509 certificate |
27020 | appsetting msgCertInstallFailed value | State Result cert install failed |
27030 | ActiveX/Java-plugin component is not installed or loaded correctly | State Result Action plugin not installed |
27100 | To initiate X509 CSR request | Register X509 Browser Request |
27101 | Exception error | State Result Exception |
27110 | Valid CSR and get approved PKCS response to install | Valid request and get approved response from CA to install |
27200 | To initiate X509 CSR request manually | Register X509 Browser Request ManualLoad |
27201 | Exception error | State Result Exception |
27210 | Valid CSR and get approved PKCS response to install manually | Valid Request |
27220 | Manually request failed | State result action |
27230 | ActiveX/Java-plugin component is not installed or loaded correctly. | Plugin component is not installed or loaded correctly |
27300 | To install user's personal X509 certificate | Register X509 Browser Install |
27301 | Exception error | State Result Action |
27310 | Install X509 certificate successfully | For X.509 certificate |
27320 | Installing X509 certificate failed | For X.509 certificate |
27330 | To Install X509 certificate manually | State Result Action |
27400 | To install user's personal X509 certificate manually | Register X509 Browser Install ManualLoad |
27401 | Exception error | State Result Action |
27410 | Install X509 certificate successfully | For manually reloading Java-plugin to install X.509 certificate |
27420 | appsetting msgCertInstallFailed value | cert installation failed |
27430 | ActiveX/Java-plugin component is not installed or loaded correctly. Installing X509 certificate failed. | NOT INSTALLED X509 |
27501 | Installing X509 certificate got exception: | Browser X509 Installation Failed |
27510 | appsetting msgCertInstallSuccess value | Browser X509 Installation Success |
Registration Method View User Control | ||
27610 | appsetting msgCertCountMax value | Cert count exceeded |
27620 | appsetting msgCertCountMax value | Expired certificate |
27630 | SecurityViolation_ExceededMaxOTPAttempts | MultiFactorLimitReached |
Security | ||
29000 | Hardstopped by Analyze Engine | Adaptive Authentication process |
29000 | Security Violation Message | Security Violation |
29010 | Security violation with message ID | Authentication issue |
29010 | previous state with message ID | Security Violation_X509 |
29020 | previous state with message ID | Security Violation_X509_Continue |
29021 | Exception error | OnResult Exception |
Security Violation User Control | ||
29100 | Hardstopped by Analyze Engine | Adaptive Authentication process |
29100 | Message | PrepareControlForRendering |
29101 | Error message | PrepareControlForRendering Exception |
Authentication Failed | ||
29980 | Authentication failed, the previous state | Redirect |
29990 | Authentication failed, the previous state | Failure State |
Event ID | Message | Definition |
|---|---|---|
Cisco ISE | ||
30000 | Landed on CiscoISE.aspx | Page Loading |
30000 | User Found! Proceeding with Authentication | Page Loading - Success |
30000 | CiscoISE.aspx: User not found! Redirecting user | Page Loading - Failed |
Consumer Manager | ||
31030 | SAML Assertion is successfully verified | ProcessSAML - Success |
31031 | SAML Assertion Failed Condition: IssueInstant time is not within the current validity time period | Check Audience - Failure |
31032 | SAML Assertion Failed Condition: Current time is not within the allowed time period | Check Audience - Failure |
31033 | SAML Assertion Failed Condition: Invalid Audience | Check Audience - Failure |
31034 | SAML Assertion Failed Condition: IssueInstant time is not available | Check Audience - Failure |
Windows SSO | ||
31000 | The current windows identity for desktop SSO | Page Loading - Begin |
31010 | The current WindowsIdentity is blank | Page Loading - Null User |
31010 | The current WindowsIdentity is different from logon user ID | Page Loading - Mismatching User |
31020 | Windows desktop SSO succeeds for user | Page Loading - Success |
Windows SSO2 | ||
31010 | The current WindowsIdentity is blank | Page Loading - Null User |
31100 | The current windows identity for desktop SSO | Page Loading - Begin |
31110 | The current Windows Identity is different from logon user Id | Page Loading - Mismatching User |
31120 | Windows desktop SSO succeeds for user | Page Loading - Success |
Windows SSO ID | ||
31000 | The current windows identity for desktop SSO | Page Loading - Begin |
31020 | Windows desktop SSO SID succeeds for user | Page Loading - Success |
SecureAuth | ||
31000 | MSConditionalAccess enabled | MSConditionalAccess - Enabled |
31000 | MSConditionalAccess: subClaim data saved | MSConditionalAccess - Data Saved |
31801 | MSConditionalAccess exception error: Invalid request. No ID token | MSConditionalAccess - Exception |
31801 | MSConditionalAccess exception error | MSConditionalAccess - Exception |
31801 | MSConditionalAccess exception error | MSConditionalAccess - Exception |
SMS Session | ||
32000 | Start session for SiteMinder integration | Start session |
32010 | SiteMinder integration, redirect user to: | Start session, redirect |
SecureAuth MD | ||
32100 | Landed on SecureAuthMD.aspx | Page Loading - Success |
32101 | SOAP Message Failed with | Post Soap - Exception |
32110 | Finding the user | Submit - user lookup |
31120 | User is found. Redirect to | Submit - user found |
32130 | User Not Found with Status | Submit - user not not found |
NFC Validation | ||
33000 | NFC ID: | Page Loading - Begin |
33090 | Redirect Str: | Page Loading - redirect |
Form Post | ||
33100 | The current identity from Form Post: | Page Loading - Begin |
33190 | Form Post succeeds for user: | Page Loading - Success |
OATH | ||
33010 | OATH Service Called - HttpMethod | Check OATH - Begin |
33020 | OATH Service Success | Check OATH - Success |
33030 | OATH Service OTP Failed | Check OATH- Failed |
33040 | OATH Service Username Failed | Check OATH- Failed |
33050 | OATH Service Failed | Check OATH- Exception |
33060 | OATH Service OTP Expired | Check OATH- Expired OTP |
OATH User Pass Validate | ||
33020 | OATH Service Success | Check OATH - Success |
33030 | OATH Service OTP Failed | Check OATH - Failed |
33040 | OATH Service - username | Check OATH - Begin |
33040 | OATH Service - isotpanduseronly | Check OATH - Begin |
33040 | OATH Service - otpLength | Check OATH - OTP User |
33040 | OATH Service - otpnumberLength | Check OATH - OTP User |
33040 | OATH Service - otpnumber | Check OATH - OTP User |
33040 | OATH Service - password length | Check OATH - OTP User |
33040 | OATH Service - otpStatus | Check OATH - OTP status |
33040 | OATH Service - ValidateUser | Check OATH - Validate User |
33040 | OATH Service password throttled, password Length | Check OATH - Password failed |
33050 | OATH Service Username Failed | Check OATH - User name failed |
33060 | Finding user failed | Check OATH - User lookup failed |
33070 | OATH Service OTP Expired | Check OATH - OTP expired |
Password Throttling MFA | ||
33300 | User exceeded {MaxFailedAttempts} incorrect password attempts in a span of {Interval} minutes. The account will be inaccessible for a short time. | IdP has recorded more than the configured maximum number of unsuccessful password attempts within the configured throttling interval. While this condition exists, further password attempts will not be sent to LDAP, and the user will not be able to access this realm in IdP. This does not affect the user's other uses of their LDAP account, e.g. through an company internal email client. |
33310 | User exceeded {MaxFailedAttempts} incorrect password attempts; the account is being locked. | If the realm is configured with "PWThrottleHardLockout" as true, exceeding the permitted maximum incorrect password attempts will result in the user's LDAP account being locked. The user will no longer be able to access any system that relies on their LDAP account, and will need to contact an administrator in order to unlock the account. |
Basic Auth | ||
34000 | The current Basic Auth identity | Page Loading |
34001 | Basic Auth fails. Headers | Page Loading - Exception |
34020 | Basic Auth succeeds for user | Page Loading - Success |
34021 | Basic Auth fails: Wrong user or password | Page Loading - Failed |
SAML 2.0 ECPR Receiver | ||
35000 | Landed on SAML20ECPReceiver.ashx | Process Request - begin |
35000 | After SendResponse at SAML20ECPReceiver.ashx | Process Request - end |
35003 | Membership ValidateUser Failed | Process Request - invalid attempt |
35003 | Membership ValidateUser Failed | Process Request - invalid password |
Event ID | Message | Definition |
|---|---|---|
Adaptive Authentication with Office 365 | ||
40601 | Credential validation passed | The call to ValidateUser by user ID and password was successful. |
40601 | ClaimsIdentity set | At least one element exists in the ClaimsPrincipal's identities collection. The first one in the collection will be used. |
40602 | RequestBlockingEngine | The WS-Trust Request Blocking Engine has rejected the request. After this error is logged, the BeginIssue call fails with a 401 Unauthorized and a "FailedAuthentication" FaultCode. |
40603 | WS-Trust token validation failed | The call to ValidateUser by user ID and password failed. After this error is logged, the BeginIssue call fails with a 401 Unauthorized and a "FailedAuthentication" FaultCode. |
40604 | AnalyzeEngineBlocking | The (optional) call to validate the client IP using the Analyze Engine has failed. This means the IP did not pass the Analyze Engine deny list / allow list filter or was rejected by the IP Risk service. It also may occur if the Analyze Engine configuration is incompatible with WS-Trust. |
Enrollment Complete | ||
41000 | Landed on the EnrollmentComplete page | Page Loading |
Password Reset | ||
41030 | Landed on the PasswordReset page | Page Loading |
41040 | No user ID value in the post-auth cookie | Page Loading - Empty User |
41050 | Google Apps Password Sync with user ID and status | Submit - Google sync |
41060 | Updating iOS Provision Password Mapping Field | Submit - Password update |
41060 | Google Apps Password is synced successfully with user ID and write sync date/time to AD | Submit - Google sync success |
41070 | Password was not changed | Submit - Password update failed |
41080 | Password was not changed | Submit - Password update failed |
42320 | Successfully unlocked user | Unlock - Success |
42321 | Failed to unlock user | Unlock - Failed |
42321 | Failed to unlock user | Submit - Unlock Failed |
42321 | Failed to unlock user because user was not found | Submit - Unlock Failed |
Manage Accounts | ||
41050 | Google Apps Password Sync with user Id | Reset Password |
41060 | Updating iOS Provision Password Mapping Field | Reset Password |
41060 | Google Apps Password is synced successfully with user and write sync date/time to AD | Reset Password - Success |
41070 | Password was not changed | Reset Password - Failed |
41070 | Exception while setting PIN | Reset PIN - Exception |
41070 | PIN was not changed | Reset PIN - Failure |
41070 | Exception while assigning device | Assign OTP Device - Exception |
41070 | Device was not assigned | Assign OTP Device - Failure |
41070 | Exception while assigning device | Assign HID Token - Exception |
41070 | Device was not assigned | Assign HID Token - Failure |
41080 | PIN was update successfully | Reset Password - Success |
41090 | User completed verification process | Verify User - Success |
41095 | Passwords do not match | Reset Password - pwd mismatch |
41095 | Password complexity has not been met | Reset Password - pwd bad complexity |
41095 | User cannot reset password of user | Reset Password - Failure |
41200 | Landed on ManageAccounts page | Page Loading |
41210 | No user ID value in the post-auth cookie | Page Loading - Empty User |
41220 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
41230 | The user is not found | Load User Data - User not found |
41231 | Loading user profile got exception | Load User Data - Exception |
41240 | Found the user and the profile data is loaded | Load User Data - User found |
41250 | The user profile is updated | Submit - Success |
41251 | Updating the user profile got exception | Submit - Exception |
Account Update | ||
41070 | Exception while assigning device | Assign OTP Device - Exception |
41070 | Device was not assigned | Assign OTP Device - Failed |
41070 | Exception while assigning device | AssignHidTokenDevice - Exception |
41080 | Device assigned successfully | Assign OTP Device - Success |
41100 | Landed on AccountUpdate page | Page Loading |
41101 | Loading user profile data to AccountUpdate page got exception | Page Loading - Exception |
41110 | No user ID value in the post-auth cookie | Page Loading - Empty User |
41130 | Loaded user profile data to AccountUpdate page | Page Loading- Success |
41140 | Updated user profile data | Save |
41140 | No email address to send to | Save - No email |
41140 | An email has been sent to | Save - Email sent |
41140 | Could not send email | Save - Email not sent |
41141 | Updating user profile data got exception | Save - Exception |
QR Code Provision | ||
41110 | No user ID value in the post-auth cookie | Page Loading - Username mismatch |
41110 | Unique ID generated for user | Page Loading - Success |
41110 | qrProvision Page Load exception | Page Loading - Success |
41110 | Saving OATH token with enrollment code | Enable |
41110 | qrProvision verify exception | Enable - Exception |
OATH Provision | ||
41110 | No user ID value in the post-auth cookie | Page Loading - Empty User |
41110 | Mdm Enforcement validation not successful | Enroll User - Failed |
41110 | Oath value not saved in session | Enroll User - Failed |
InterSite Transfer | ||
41400 | Landed on the inter-site transfer page | Page Loading |
41401 | Inter-site transfer error | Page Loading - Exception |
41410 | No user ID value in the post-auth cookie | Page Loading - Empty User |
41420 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
41430 | Federated user ID SAML target site consumer URL | Page Loading - End |
SAML 2.0 SP Init | ||
41500 | Landed on the SAML20SPInit page | Page Loading |
41501 | SAML20SPInit exception error | Page Loading - Exception |
41502 | SAML20SPInit: No SAMLRequest query string value | Page Loading - SAMLRequest param empty |
41503 | SAML20SPInit: No GAppsStartURL query string value | Page Loading - GAppsStartURL param empty |
41510 | No user ID value in the post-auth cookie | Page Loading - Empty User |
41520 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
41540 | Created user with synced password | PageLoading - Gapps created user |
41541 | Created user with synced password | Page Loading - Gapps create user |
41550 | Create user with random password | Page Loading - Gapps create user |
41560 | Enable email forwarding | Page Loading - Gapps enable email forwarding |
41570 | Disable email fowarding | Page Loading - Gapps disable email forwarding |
41580 | Exception while syncing password for user | Page Loading - Gapps Exception |
SAML 2.0 SP Init Post | ||
41600 | Landed on the SAML20SPInitPost page | Page Loading |
41601 | SAML20SPInitPost exception error | Page Loading - Exception |
41610 | No user ID value in the post-auth cookie | Page Loading - Empty User |
41620 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
41640 | Created user with synced password | PageLoading - Gapps created user |
41641 | Create user with synced password | Page Loading - Gapps create user |
41650 | Create user with random password | Page Loading - Gapps create user |
41660 | Enable email forwarding | Page Loading - Gapps enable email forwarding |
41670 | Disable email fowarding | Page Loading - Gapps disable email forwarding |
41680 | Synced user password with data/time | Page Loading - Gapps Sync user success |
SAML 2.0 SP Init WL | ||
41700 | Landed on the SAML20SPInitWL page | Page Loading |
41701 | SAML20SPInitWL exception error | Page Loading - Exception |
41710 | No user ID value in the post-auth cookie | Page Loading - Empty User |
41720 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
41740 | Created user with synced password | PageLoading - Gapps created user |
41741 | Create user with synced password | Page Loading - Gapps create user |
41750 | Create user with random password | Page Loading - Gapps create user |
41760 | Enable email forwarding | Page Loading - Gapps enable email forwarding |
41770 | Disable email fowarding | Page Loading - Gapps disable email forwarding |
41780 | Synced user password with data/time | Page Loading - Gapps Sync user success |
SAML 2.0 IDP Initiated | ||
41800 | Landed on the SAML20IdPInit page | Page Loading |
41801 | SAML20IdPInit exception error | Page Loading - Exception |
41810 | No user ID value in the post-auth cookie | Page Loading - Empty User |
41820 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
41840 | Google Apps - Created user with synced password | Page Loading - Created Google user |
41841 | Google Apps - Create user with synced password, exception | Page Loading - Failed user creation |
41850 | Google Apps - Create user with random password, result | Page Loading - Failed user creation |
41860 | Google Apps - Enable email forwarding | Page Loading - Email Forwarding Enable |
41870 | Google Apps - Disable email forwarding | Page Loading - Email Forwarding Disable |
41880 | Google Apps - Synced user password with data/time | Page Loading - sync user password success |
41890 | Sent SAML response with HTTP Post, consumer URL | Send SAML response - Success |
SAML 2.0 Transfer | ||
41900 | Landed on the SAML20SPInit page | Page Loading |
41901 | SAML20 Transfer got exception | Page Loading - Exception |
41902 | No SAMLRequest query string value | Page Loading - Empty SAMLRequest param |
41910 | No user ID value in the post-auth cookie | Page Loading - Empty User |
41920 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
41930 | Created user with synced password | Page Loading - Gapps created user |
41940 | Create user with random password | Page Loading - Gapps create user |
41950 | Enable email forwarding | Page Loading - Gapps enable email forwarding |
41960 | Disable email forwarding | Page Loading - Gapps disable email forwarding |
41970 | Synced user '{0}' password with data/time | Page Loading - Synced user |
41970 | Synced user '{0}' password with data/time | Page Loading - Synced user |
41980 | Processed SAML request with relay URL: | Page Loading - Success |
Create PFX | ||
42000 | Landed on CreatePFX page | Page Loading |
42010 | Creating PFX exception | Page Loading - Exception |
42010 | Deliver configuration template with PFX for iOS device | iOS Mobile Config template |
42020 | Deliver PFX | Deliver PFX |
Create PFX AutoLink | ||
42050 | Landed on CreatePFXAutoLink page | Page Loading |
42051 | Creating PFX and link exception | Page Loading - Exception |
42060 | Create PFX and the link | Create PFX and the link |
Create PFX Link | ||
42100 | Landed on CreatePFXLink page | Page Loading |
42101 | Creating PFX and link exception | Create PFX Exception |
42110 | Create PFX and the link | Create PFX |
Carrier Update | ||
42102 | PageLoad Exception | Page Loading - Exception |
42500 | Landed on Carrier Update page | Page Loading - Not postback |
42501 | No username value in the post-auth cookie | Page Loading - Empty User |
42510 | Approving number | Update carrier info to profile |
42520 | Deleting number from profile | Remove phone number from profile |
42530 | Ignoring number | Ignoring number for now |
Create Public Key Cryptography (P12) | ||
42150 | Landed on CreateP12 page | Page Loading |
42151 | Creating P12 exception | Create P12 Exception |
42160 | Deliver configuration template with P12 for iOS device | iOS Mobile Config template |
42170 | Deliver P12 | Deliver P12 |
Revoke Cert | ||
42200 | Landed on RevokeCert page | Page Loading |
42210 | No user ID value in the post-auth cookie | Page Loading - Empty User |
42220 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
42230 | Unable to identify CA | Revoke - Exception |
42230 | Revoke cert | Revoke - Success |
Reset Account | ||
42310 | User successfully changed password | Reset - Success |
42311 | User failed to change password | Reset - Failed |
42311 | User failed to change password | Reset - Failed |
42311 | User failed to change password because user was not found | Reset - Empty User |
42320 | Successfully unlocked user | Unlock - Success |
42321 | Failed to unlock user | Unlock - Failed |
42321 | Failed to unlock user | Unlock - Failed |
42321 | Failed to unlock user because user was not found | Unlock - Failed |
SPS Claim | ||
43000 | Landed on SPClaim page | Page Loading |
43001 | SPClaim exception error | Page Loading - Exception |
43010 | No user ID value in the post-auth cookie | Page Loading - Empty User |
43020 | Login user is different from user from post-auth cookie | Page Loading - Username mismatch |
43030 | Redirect to URL with user ID and hash to the URL | Page Loading - Redirect |
Live Connect | ||
43200 | Landed on LiveConnect page | Page Loading |
43201 | LiveConnect page exception error | Page Loading - Exception |
43202 | Getting live ticket token error, exception code internal code | Page Loading - Empty live ticket |
43210 | No user ID value in the post-auth cookie | Page Loading - Empty User |
43220 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
43230 | LiveConnect redirect with user ID and LiveSiteID to site | Page Loading - Redirect |
F5 Big IP | ||
43400 | Landed on F5BigIP page | Page Loading |
43401 | F5BigIP page exception error | Page Loading - Exception |
43410 | No user ID value in the post-auth cookie | Page Loading - Empty User |
43420 | Cannot redirect with user ID and cookie 'SAUTH' to empty target URL | Page Loading - Redirect failed |
43430 | Redirect with user ID and cookie 'SAUTH' to the URL | Page Loading - Redirect |
43440 | Cannot redirect with user ID and cookie 'SAUTH' to empty target URL | Page Loading - Redirect failed |
Encrypt User | ||
43500 | Landed on EncryptUser page | Page Loading |
43501 | EncryptUser page exception error | Page Loading - Exception |
43510 | No user ID value in the post-auth cookie | Page Loading - Empty User |
43520 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatching |
43530 | Redirect with user ID and cookie 'eu' to the URL | Page Loading - Redirect |
YubiKey Provisioning | ||
43600 | Landed on YubiKeyProvisioning page | Page Loading |
43601 | YubiKeyProvisioning page exception error | Page Loading - Exception |
43610 | No user ID value in the post-auth cookie | Page Loading - Empty User |
43620 | Login user is different from user from post-auth cookie | Page Loading - Username mismatch |
43640 | YubiKey saved successfully | Save - Success |
SM Login | ||
43700 | Landed on SMPostFromSM page | Page Loading |
OWA Post Auth | ||
43800 | Landed on OWAPostAuth page | Page Loading |
43810 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
Mobile Auth | ||
43900 | Landed on MobileAuth.aspx page | Page Loading |
43901 | No user ID value in the post-auth cookie | Page Loading - Empty User |
43910 | EncryptUser page exception error | Page Loading - Exception |
iOS Exchange | ||
44000 | Landed on iOSExchange page | Page Loading |
44001 | iOSExchange exception error | Page Loading - Exception |
44010 | No user ID value in the post-auth cookie | Page Loading - Empty User |
44020 | Login user is different from user id | Page Loading - Username mismatch |
44030 | Deliver iOS exchange provision template with upn and domain | Page Loading - End |
iOS Provision Email | ||
44100 | Landed on iOSProvisionEmail page | Page Loading |
44101 | iOSProvisionEmail exception error | Page Loading - Exception |
44110 | Failed to sync Google password, reset AD field to empty | Page Loading - Failure |
44120 | Synced Google password successfully | Page Loading - Success |
44130 | Deliver iOS activesync provision template with gmail address | Page Loading - Success |
44130 | Retrieved Encrtpyed Password. Username Encrypted Password | Page Loading - Success |
Forgot Username | ||
44560 | Display the username with the email address | Page Loading - Display Username |
45000 | Landed on ForgotUsername page | Page Loading - Begin |
45001 | FoundUsername page_load exception | Page Loading - Exception |
45001 | ForgotUsername SendEmail Exception | Send Email - Exception |
45010 | Email or Username missing from post-auth cookie | Page Loading - Empty email / Username |
45040 | Sent username to email | Page Loading - send email |
45050 | Failed to send username to email | Page Loading - send email failed |
45060 | Display the username with the email address | Page Loading - Display Username |
GUID Transfer | ||
45100 | Landed on GuidTransfer page | Page Loading |
45110 | No user ID value in the post-auth cookie | Page Loading - Empty User |
45120 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
45130 | Inserted user ID and GUID | Page Loading - Insert User ID and GUID |
45140 | Redirect user | Page Loading - Redirect |
Post Auth Basic Auth | ||
45500 | Landed on Post Authentication Basic Authentication page | Page Loading |
45501 | Post Auth Basic Authentication page exception error | Page Loading - Exception |
45510 | No user Id value in the post-auth cookie | Page Loading - Empty User |
45520 | Login user is different from user id from post-auth cookie | Page Loading - Username mismatch |
45530 | Login user is password requried from post-auth cookie | Page Loading - Empty password |
Submit Form Post | ||
46000 | Aborting POST. POST URL is not secure | Page Loading - Insecure URL |
46000 | Forwarding POST | Page Loading - Post |
46010 | Error | Page Loading - Exception |
Reporting | ||
49000 | Landed on Reporting page | Page Loading |
49010 | No user ID value in the post-auth cookie | Page Loading - Empty User |
49020 | Login user is different from user ID from post-auth cookie | Page Loading - Username mismatch |
49030 | Run the report with parameters:… | Search |
49031 | Running the report with parameters:… | Search - Exception |
Web Admin Charting | ||
49030 | Running charts with parameters | Search |
49031 | Running charts with parameters | Search - Exception |
5xxxx: User Membership and Profile Events
Event ID | Message | Definition |
|---|---|---|
51001 | GetUser: Exception | Exception when retrieving User |
51005 | CheckUAC: Exception | Exception when checking UAC |
51010 | Found the user with the name | Found the user in AD |
51020 | Cannot find the user with the name | Username not found in AD |
51080 | GetUser: return user membership data with the name: {userName} with the result code: {sResult} | User found |
51160 | Password cannot be validated | User password is incorrect |
51160 | Validation failed with name and password | User password is incorrect |
51170 | Password is validated | User password is correct |
52010 | Retrieved user profile data | Retrieved user profile from AD |
52060 | Set ‘[User profile attribute name]’ to ‘[AD attribute name]’ | Save data to AD with attribute name |
52070 | Updated user profile | Commit saving modified user profile data to AD |
SQL Membership Provider | ||
51411 | SqlMembershipProvider.GetUser: User Found, DataStoreResponseTime='{responseTime}' | Stored procedure successfully found a user. |
51420 | SqlMembershipProvider.GetUserNameByEmail: User Found, DataStoreResponseTime='{responseTime}' | Stored procedure successfully found a user via the email field. |
51421 | SqlMembershipProvider.GetPasswordWithFormat result: {result}, DataStoreResponseTime='{responseTime}' | Gets the password of the user for validation and returns a status of true if the password is not null, or false if the password is null. |
51431 | SqlMembershipProvider.ChangePassword success: {isValid}, DataStoreResponseTime='{responseTime}' | Changes the password for the given username and returns a status of true or false. (Validates the current password prior to validation.) |
51442 | SqlMembershipProvider.UpdatePassword success: {retVal}, DataStoreResponseTime='{responseTime}' | Updates the password for the given username and returns a status of true or false without prior validation. |
51450 | SqlMembershipProvider.EnableUser success: {result}, DataStoreResponseTime='{responseTime}' | Enables an end user account and returns a status of true or false. |
51455 | SqlMembershipProvider.DisableUser success: {result}, DataStoreResponseTime='{responseTime}' | Disables an end user account and returns a status of true or false. |
51460 | SqlMembershipProvider.CreateUser statusCode: {iStatus}, DataStoreResponseTime='{responseTime}' | Creates an end user account. |
51470 | SqlMembershipProvider.UnlockUser result: {result}, DataStoreResponseTime='{responseTime}' | Unlocks an end user account and returns a status of true or false. |
51475 | SqlMembershipProvider.LockUser result: {result}, DataStoreResponseTime='{responseTime}' | Locks an end user account and returns a status of true or false. |
51480 | SqlMembershipProvider.AddUserToGroup: for user: {userName}, Exception: {ex.Message} | Error occurred while adding the username to a group in the SQL database. |
51481 | SqlMembershipProvider.AddUserToGroup result: {retVal}, DataStoreResponseTime='{responseTime}' | Adds the username to a group in the SQL database and returns a value of true or false. |
SQL Profile Provider | ||
52405 | SqlProfileProvider.SetPropertyValues: set '{svcKey}' to '{cmdParamKey}' | Occurs each time a user logs in and specifies the property value (e.g., email1, phone1, etc.) that will be set in the database. |
52410 | SqlProfileProvider.GetPropertyValuesBase: User Properties Found, DataStoreResponseTime='{responseTime}' | The profile was successfully found. |
52412 | SqlProfileProvider.GetPropertyValues: getting 'kba' for user: {userName}, Exception: {ex.Message} | Error occurred while parsing the KBA property. |
52413 | SqlProfileProvider.GetPropertyValues: getting 'kba/kbq' for user: {userName}, Exception: {ex.Message} | Error occurred while parsing the KBQ property. |
52414 | SqlProfileProvider.GetPropertyValues: for user: {userName}, Exception: {ex.Message} | Error occurred while parsing the property values. This error can occur for any property other than KBA and KBQ. |
52420 | SqlProfileProvider.SetPropertyValuesBase DeriveParameters, DataStoreResponseTime='{responseTime}' | Derives the parameters of the set profile stored procedure. |
52423 | Set property 'KBA/KBQ' value with encoding | Can occur in the audit log if using the Base 64 format. Mutually exclusive to the next two messages. |
52423 | Set property 'KBQ' value with encryption | Can occur in the audit log if using the encryption format. Mutually exclusive to the previous and next messages. |
52423 | Clear property 'KBQ' value with encryption | Can occur in the audit log if no value is being saved. Mutually exclusive to the previous two messages. |
52423 | SqlProfileProvider.SetPropertyValues: setting 'kba/kbq' with kbversion '{_kbVersion}' for user: {userName}, Exception: {ex.Message} | Error occurred while setting KBA or KBQ. |
52423 | SqlProfileProvider.SetPropertyValues: for user: {userName}, Exception: {ex.Message} | Error occurred while setting property values for the specified username. |
52424 | Set property 'KBA' value with encryption | Can occur in the audit log if using the encryption format. Mutually exclusive to the next message. |
52424 | Clear property 'KBA' value with encryption | Can occur in the audit log if no value is being saved. Mutually exclusive to the previous message. |
52425 | SqlProfileProvider.SetPropertyValuesBase: ExecuteNonQuery success: {rets > 0}, DataStoreResponseTime='{responseTime}' | Sets the changed property values and returns a value to validate if the values were set. |
SQL Membership Provider and SQL Profile Provider Events | ||
52013 | for user: {userName}, Exception: {exMessage} | This message indicates that an exception occurred while retrieving property values for the user {userName} during the execution of the GetPropertyValuesBase method. Additional details about the error are provided in {exMessage} |
52014 | For user: {userName}, The attribute 'GetUserProfileSP' of SQL profile provider is empty. | This message indicates that the SQL profile provider failed to retrieve property values for the user {userName} because the GetUserProfileSP attribute is empty. |
52400 | connect to data source '{dataSource}' with account '{userID}' | This message indicates that the initialization of the SQL Profile Provider has been successfully completed, and a connection to the database has been established using the specified data source and user account. |
52401 | exception: {exMessage} | This message indicates that an exception has occurred during the initialization of the SQL Profile Provider, and provides additional details about the error in {exMessage}. Error code 52401 is used to log this exception. |
52402 | SetObject Exception | This log indicates an exception that occurred while setting the object value in the user profile. It logs the specific exception message along with the method name (SetObject) and the severity level (LOGERROR). Additionally, it includes the logging category (int)Logging.LogEnum.ProfileProvider + 402. This log helps in identifying and troubleshooting issues related to setting object values in the user profile. |
52403 | GetPropertyValues | This log message indicates that property values are being retrieved from the database for a specific user ({userName}). It logs the key ({svcKey}) and the corresponding property value as text. Additionally, it includes the method name (GetPropertyValues), the severity level (LOGDEBUG), and the error number (int)Logging.LogEnum.ProfileProvider + 403. This log helps in tracking the retrieval and decryption of property values from the database. |
52404, 52405 | SetPropertyValues | This log message indicates that a property value ({svcKey}) is being set to a command parameter ({cmdParamKey}) for a specific user ({userName}). It includes the value being set and the method name (SetPropertyValues). The severity level is LOGDEBUG, and the error number is (int)Logging.LogEnum.ProfileProvider + 404. Additionally, an extended log message (int)Logging.LogEnum.ProfileProvider + 405 is logged, indicating the property is being set. This log assists in tracking the process of setting property values to command parameters during user profile updates. |
52411 | User Properties Found, DataStoreResponseTime='{responseTime}' | This message indicates that user properties have been successfully found during the execution of the GetPropertyValuesBase method. The DataStoreResponseTime parameter provides the response time in milliseconds. |
52412 | Response time is above threshold. DataStoreResponseTime='{responseTime}' | This message indicates that the response time for retrieving user properties during the execution of the GetPropertyValuesBase method has exceeded the specified threshold. The DataStoreResponseTime parameter provides the response time in milliseconds. |
52420 | DataStoreResponseTime='{responseTime}' | This message indicates that parameters have been derived for updating the user profile and displays the response time in milliseconds. |
52421 | Response time is above threshold. DataStoreResponseTime='{responseTime}' | This message warns that the response time for deriving parameters during the user profile update has exceeded the specified threshold. |
52422 | for user: {userName}, KBVersion: {_kbVersion} | This message indicates that the user profile property values are being set, along with the KB version used. |
52423 | set 'KBA/KBQ' for user: {userName} with encoding | Indicates that the user's security questions and answers have been set with encoding. |
52424 | set 'KBA' for user: {userName} with encryption | Indicates that the user's security answers have been set with encryption. |
52425 | success: {rets > 0}, DataStoreResponseTime='{responseTime}' | This message confirms that the execution of the query is successful and displays the response time in milliseconds. |
52426 | Response time is above threshold. DataStoreResponseTime='{responseTime}' | Warns that the response time for executing the query during the user profile update has exceeded the specified threshold. |
53xxx: OTP Provider Events
Event ID | Message | Definition |
|---|---|---|
Help Desk Email Provider | ||
53000 | Before sending OTP with | Send - Begin |
53001 | Sending OTP with {0}, Exception | Send - Exception |
53010 | After sending OTP with | Send - End |
53020 | Response time of sending OTP with | Send - End |
HTML Email Provider | ||
53100 | Before sending OTP with | Send - Begin |
53101 | Sending OTP with {0}, Exception | Send - Exception |
53110 | After sending OTP with | Send - End |
53120 | Response time of sending OTP with | Send - End |
Text Email Provider | ||
53200 | Before sending OTP with email | Send OTP |
53200 | Before sending OTP | Send OTP |
53201 | Sending OTP, Exception | Send OTP - Exception |
53210 | After sending OTP | Send OTP - End |
53220 | Response time of sending OTP | Send OTP - Response time |
SMS 3 Provider | ||
53300 | Before sending {mechanismStr} in domestic call/WSE | Send - Begin |
53301 | Sending OTP/LTA, Exception | Send - Exception |
53310 | Response time of sending in domestic call/WSE | Send - Success |
53320 | Before sending {mechanismStr} in international call/WSE | Send - Begin |
53330 | Response time of sending in international call/WSE with | Send - Success |
53340 | Before sending {mechanismStr} in domestic call with | Send - Begin |
53350 | Response time of sending in domestic call | Send - Success |
53360 | Before sending {mechanismStr} in international call with | Send - Begin |
53370 | Response time of sending {0} in international call with | Send - Success |
Telephone Provider | ||
53400 | Before sending OTP | Send - Begin |
53401 | Sending OTP with {0}, Exception | Send - Exception |
53410 | Response time of sending OTP with | Send - Success |
Telephony 3 Provider | ||
53402 | Sending OTP with {0}, Exception | Send - Exception |
53420 | Before sending OTP in domestic call/WSE with | Send - Begin |
53430 | Response time of sending OTP in domestic call/WSE with | Send - Success |
53440 | Before sending OTP in international call/WSE | Send - Begin |
53450 | Response time of sending OTP in international call/WSE with | Send - Success |
53460 | Before sending OTP in domestic call with | Send - Begin |
53470 | Response time of sending OTP in domestic call with | Send - Success |
53480 | Before sending OTP in international call with | Send - Begin |
53490 | Response time of sending OTP in international call with | Send - Success |
Titan Telephony Provider | ||
53402 | Sending OTP with {0}, Exception | Send - Exception |
53450 | Before sending OTP in Phone call | Send - Begin |
53600 | send failure | Send - Failure |
Titan SMS Provider | ||
53460 | Before sending OTP in SMS with | Send - Begin |
53600 | send failure | Send - Failure |
Number Profile Provider Base | ||
53500 | Status | GetNumberProfileModel - Status |
53501 | number profile is null | GetNumberProfileModel - number profile is null |
53502 | not configured for blocking | GetNumberProfileModel - not configured for blocking |
53510 | properties: | Update Number Profile |
53520 | properties: | Remove Number Profile |
Mobile Services Push Provider | ||
53501 | Send push2accept, Exception | Send - Exception |
54xxx: Certificate Request and Response Events
Event ID | Message | Definition |
|---|---|---|
54000 | Before sending CSR in WSE call | Certificate Request WSE |
54001 | Sending CSR in KEYGEN, Exception | Certificate Request - Exception |
54002 | Sending CSR in KEYGEN, Exception | Certificate Request - Exception |
54003 | Revokes the certificate with Exception | Revoke Certificate - Exception |
54004 | Check CA status, Exception | CA status check - Exception |
54020 | Before sending CSR | Certificate Request |
54040 | Before sending CSR in KEYGEN/WSE call | Certificate Request |
54060 | Before sending CSR in KEYGEN | Certificate Request |
54080 | Revoke cert in WSE call | Revoke Certificate WSE |
54090 | Revoke cert | Revoke Certificate not WSE |
54100 | Check CA status in WSE call | CA status check WSE |
54200 | Before sending CSR in SCEP call | Certificate Request SCEP -Begin |
54201 | Sending CSR in SCEP call, Exception | Certificate Request SCEP - Exception |
54210 | Received response, response time of CSR in SCEP call | Certificate Request SCEP - Success |
55xxx: Link-to-Accept (LTA) Provider Events
Event ID | Message | Definition |
|---|---|---|
55200 | Before sending LTA | Send LTA - Begin (AuditExtendedOTPLog) |
55200 | Before sending LTA | Send LTA - Begin |
55201 | Sending LTA Exception | Send LTA - Exception |
55210 | Response time of sending LTA | Send LTA - Response Time |
55220 | After sending LTA | Send LTA - End |
55300 | Requesting one-time link from SA Cloud | SA Cloud Login Request info |
55300 | Requesting one-time link from Titan | Titan Login Request info |
55310 | One-time link status returned from SA Cloud | SA Cloud Link Request Status |
55320 | Received response | Titan Link Request Status |
55320 | Polling expired | Titan Link Request Timeout |
Event ID | Message | Definition |
|---|---|---|
API Events | ||
60000 | HMAC authentication validation failed log | Filter action |
60101 | User controller entry point log of request to retrieve Multi-Factor collection for user | Controller action |
60102 | User controller exit point log of response to retrieve Multi-Factor collection for user | Controller action |
60103 | User controller entry point log of request to retrieve profile for user | Controller action |
60104 | User controller exit point log of response to retrieve profile for user | Controller action |
60105 | User controller entry point log of request to update user profile | Controller action |
60106 | User controller exit point log of response to update user profile | Controller action |
60107 | User controller entry point log of request to associate a single user with a single group | Controller action |
60108 | User controller exit point log of response to associate a single user with a single group | Controller action |
60109 | User controller entry point log of request to associate multiple users with a single group | Controller action |
60110 | User controller exit point log of response to associate multiple users with a single group | Controller action |
60111 | User controller entry point log of request to associate multiple groups with a single user | Controller action |
60112 | User controller exit point log of response to associate multiple groups with a single user | Controller action |
60113 | User controller entry point log of request to create new user | Controller action |
60114 | User controller exit point log of response to create new user | Controller action |
60115 | User controller entry point log of request to reset password | Controller action |
60116 | User controller exit point log of response to reset password | Controller action |
60117 | User controller entry point log of request to change password | Controller action |
60118 | User controller exit point log of response to change password | Controller action |
60121 | Attempt to add groups to user | AddGroupsToUser - Begin |
60122 | Response | AddGroupsToUser - Response |
60123 | Attempt to retrieve multi-factor throttle count | GetThrottle- Begin |
60124 | Response | GetThrottle- Response |
60125 | Attempt to modify multi-factor throttle count | UpdateThrottle - Begin |
60126 | Response | UpdateThrottle - Response |
60127 | Attempt to retrieve OTP validate throttle count | GetOtpValidateThrottle - Begin |
60128 | Response | GetOtpValidateThrottle - Response |
60129 | Attempt to modify OTP validate throttle count | UpdateOtpValidateThrottle - Begin |
60130 | Response | UpdateOtpValidateThrottle - Response |
60131 | Attempt to retrieve user status | GetUserStatus - Begin |
60132 | Response | GetUserStatus - Response |
60133 | Attempt to post user status | PostUserStatus - Begin |
60134 | Response | PostUserStatus - Response |
60201 | Authentication controller entry point log of request to perform some type of authentication | Controller action |
60202 | Authentication controller exit point log of response of an invalid user ID | Controller action |
60203 | Authentication controller exit point log of response to perform some type of authentication | Controller action |
60204 | Authentication controller entry point log of request to get Push-to-Accept status | Controller action |
60206 | Authentication controller entry point log of request to create Access History record | Controller action |
60207 | Authentication controller exit point log of response of an invalid user ID | Controller action |
60208 | Authentication controller exit point log of response to create Access History record | Controller action |
60221 | Auth controller invoked | PostOathSettingsRequest - Begin |
60222 | Response | PostOathSettingsRequest - Response |
60223 | Response | PostOathSettingsRequest - Response |
60224 | Response | PostOathSettingsRequest - Response |
60225 | Response | PostOathSettingsRequest - Response |
60251 | msgValidateUserSuccess config | ValidateUserIdAndPassword - Success |
msgOTPFailed config | ValidateOTP - Failure | |
60252 | msgValidateUserFailed config | ValidateUserIdAndPassword -Failure |
60301 | IP evaluation controller entry point log of request to evaluate IP threat level | Controller action |
60302 | IP evaluation controller exit point log of response to evaluate IP threat level | Controller action |
60401 | Mobile DFP controller entry point log of request to validate mobile DFP | Controller action |
60402 | Mobile DFP controller exit point log of response to validate mobile DFP | Controller action |
60501 | Adaptive Auth controller entry point log of request to invoke analyze engine | Controller action |
60502 | Adaptive Auth controller exit point log of response of an invalid user ID | Controller action |
60503 | Adaptive Auth controller exit point log of response of analyze engine results | Controller action |
60701 | SecureAuth controller entry point of request to check Push-to-Accept status. USED INTERNALLY BY IdP | Controller action |
Device Recognition Events | ||
60601 | DFP controller entry point log of request to validate / score a device fingerprint | After a DFP request is made |
60602 | DFP controller exit point log of response of an invalid user ID | Validation after a bad user DFP response |
60603 | DFP controller exit point log of response to validate / score a device fingerprint | Validation after a DFP request is made |
60604 | DFP controller entry point log of request to confirm a previously scored device fingerprint | Confirmation after a DFP request is made |
60605 | DFP controller exit point log of response of an invalid user ID | Confirmation after a bad user DFP response |
60606 | DFP controller exit point log of response to confirm a previously scored device fingerprint | Response after a DFP request is made |
60607 | DFP controller invoked | PostScoreDfp - Begin |
60608 | Returning response | PostScoreDfp - Response |
60609 | Returning response | PostScoreDfp - Response |
60610 | DFP controller invoked | PostSaveDfp - Begin |
60611 | Returning response | PostSaveDfp - Response |
60612 | Returning response | PostSaveDfp - Response |
Event ID | Message | Definition |
|---|---|---|
70010 | FIDO Service BeginEnroll | Enrollment Begin - Begin |
Timeout reached | Enrollment Begin - Timeout | |
70020 | EnrollmentComplete | Enrollment Complete - Result |
Timeout reached | Enrollment Complete - Timeout | |
70030 | FIDO Service BeginLogin | Login - Result |
Timeout reached | Login - Timeout | |
70040 | FIDO Service LoginComplete | Login Complete - Result |
Timeout reached | Login Complete - Timeout | |
70050 | FIDO Service GetTokens | GetTokens - Result |
Timeout reached | GetTokens - Timeout | |
70060 | FIDO Service DeleteToken | Delete Token - Result |
Timeout Reached | Delete Token - Timeout | |
70070 | FIDO Service UpdateToken | Update Token - Result |
Timeout Reached | Update Token - Timeout |
Event ID | Message | Definition |
|---|---|---|
System | ||
90000 | Application - Start | Web page starts |
90010 | Session - Start | New session starts |
90020 | Application - Begin request | Appears for each web request |
90030 | Application - End request | Appears for each web request |
90040 | (value in milliseconds for response time of each web page request) | Response time when user browses a web page |
90050 | Session - End | Session ends |
90060 | Application - End | Web page ends |
Analyze Engine | ||
92010 | Failed to initialize analyze engine | Initialization failed |
92020 | Final state | Final state reached |
92030 | Temporary state | Temporary state reached |
92100 | Check IP Risk action | IP Risk action check - Start |
92101 | Check IP Risk failed | IP Risk action check - Failed |
92110 | Check if IP is in the IP list | Check IP on "in" action list |
92120 | Check if IP is not in the IP list | Check IP on "not in" action list |
92130 | Failed to get IP geo-location | Get IP geo-location failure |
92140 | IPV6 cannot be evaluated | IPV6 evaluation failure |
92150 | IP is whitelisted | Whitelisted IP success |
92160 | Failure Checking Block IP to Dynamic IP Blocking Service | Check IP Block failure |
92170 | Reported IP from Dynamic IP Blocking Service | Check IP Block result |
92200 | Check if the user is in allowed group | Check allowed check |
92210 | Check if the user is in denied group | Denied user check |
92220 | Check if username is in the specified list | User "in" list check |
92230 | Check if username is not in the specified list | User "not in" list check |
92240 | Check if username matches regex | User "match" list check |
92250 | Check if username does not match regex | User "not match" list check |
92260 | Messages from AnalyzeApi | Get user risk |
92261 | Threat Level | User risk result |
92262 | SecureAuth LOA and Confidence Level | LOA score and Confidence level results |
92300 | Checking GeoVelocity | GeoVelocity check - Start |
92301 | Getting current access history | Check GeoFencing / GeoVelocity |
92302 | Checking if IP is private | Check GeoFencing / GeoVelocity |
92303 | IP is private, result | Check GeoFencing / GeoVelocity |
92304 | Getting previous access history | Getting previous access history |
92305 | GetPreviousAccessHistory Exception | GetPreviousAccessHistory Exception |
92306 | Current IP is same as the previous IP | IP check |
92307 | Check GeoVelocity | |
92308 | Geo-Location service failed to retrieve data on one of the IPs | Check GeoVelocity - failure |
Behavorial Biometrics | ||
93010 | BehaveBiometrics Score and Confidence | Get Scores - Result |
93020 | BehaveBiometrics Total Score and Total Confidence | Get Scores - Result |
93030 | TrainProfile - Request sent to data store | Get Behavior Profile |
Mobile Devices | ||
94010 | status and response time | GetDevices status and response time |
94020 | status and response time | DeleteDevice status and response time |
94030 | status and response time | AddDevice status and response time |
94040 | status and response time | ValidateTOTP status and response time |
94060 | status and response time | NewEnrollment status code and response time |
94070 | status and response time | CompleteEnrollment status and response time |
94080 | status and response time | ValidateEnrollment status and response time |
94090 | status and response time | SendPushNotification status and response time |
94095 | status and response time | GetPushStatus status and response time |
Broker Services | ||
96010 | DataStore ID has credentials but they are not supported | Get datastore - failure |
The credentials in securestorage were not deleted | Delete datastore - failure | |
StatusCode | Get datastores - result | |
Timeout reached | Get datastores - timeout | |
96030 | Broker CreateDataStore | Datastore creation |
Timeout reached | Datastore creation - timeout | |
Broker DeleteDataStore | Datastore deletion | |
Broker UpdateDataStore | Datastore update | |
Secure Storage | ||
97010 | SecureStorage GetCredentials | GetCredentials result |
Timeout reached | GetCredentials timeout | |
SecureStorage DeleteCredentials | Credentials deletion | |
SecureStorage StoreCredentials | StoreCredentials result | |
Timeout reached | StoreCredentials timeout | |
Configuration Services | ||
98010 | Twilight GetApplicationById | GetApplicationById result |
Timeout reached | GetApplicationById timeout | |
Twilight GetApplicationsByDataStoreId | GetApplicationsByDataStoreId result | |
Timeout reached | GetApplicationsByDataStoreId timeout | |
StatusCode | ConfigServices result | |
Timeout reached | ConfigServices timeout | |