The table explains system event messages for security of major, critical, or high severity.

Event Code

Event Severity

Alarm Triggered

Event Message

Description

11002

Critical

No

Unable to connect to vCenter Server Bad username/password.

vCenter Server configuration failed.

Action: Verify that the vCenter Server configuration is correct and the correct credentials are provided. See "Register vCenter Server with NSX Manager" in the NSX Administration Guide and "Connecting NSX Manager to vCenter Server" in the NSX Troubleshooting Guide.

11006

Critical

No

Lost vCenter Server connectivity.

Connection to vCenter Server was lost.

Action: Investigate any connectivity problem with vCenter Server. See "Connecting NSX Manager to vCenter Server" and "Troubleshooting NSX Manager Issues" in the NSX Troubleshooting Guide.

230000

Critical

No

SSO Configuration Task on NSX Manager failed.

Configuration of Single Sign On (SSO) failed. Reasons include invalid credentials, invalid configuration, or time out of sync.

Action: Review the error message and configure SSO again. See "Configure Single Sign On" in the NSX Administration Guide. Also, see "Configuring the NSX SSO Lookup Service fails" in the NSX Troubleshooting Guide.

230002

Critical

No

SSO STS Client disconnected.

Registering NSX Manager to the SSO service failed or connectivity to the SSO service was lost.

Action: Check for configuration issues, such as invalid credentials, out of sync issues, and network connectivity issues. This event might also occur due to specific VMware technical issues. See KB articles "SSL certificate of the STS service cannot be verified" (http://kb.vmware.com/kb/2121696) and "Registering NSX Manager to Lookup Service with External Platform Service Controller (PSC) fails with the error: server certificate chain not verified" (http://kb.vmware.com/kb/2132645).

240000

Critical

No

Added an entry {0} to authentication black list.

A user with a specific IP address failed to log in for 10 consecutive times and is locked out for 30 minutes.

Action: Investigate a potential security issue.