Using the Event Log to find intrusion alerts (CLI)

The Event Log lists port security intrusions as:

W MM/DD/YY HH:MM:SS FFI: port A3 — Security Violation

where "W" is the severity level of the log entry and FFI is the system module that generated the entry. For further information, display the Intrusion Log, as shown below.

From the manager or Configuration level:


log <search-text>

For <search-text> , use ffi, security, or violation.

Log listing with and without detected security violations

For more Event Log information, see "Using the Event Log to identify problem sources" in the management and configuration guide for your switch.