Devices with failed logins (UNIX)

Module: Login Parameters

This check reports devices with failed logins and provides information about the failed logins if possible.

The following table lists the error messages for the check.

Table: Error messages for Devices with failed logins

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_FAILDEVICE Category: Policy Compliance	UNIX (5244)	Title: Devices with failed logins Description:The administrator can set different policies for logins at different terminals, depending on the site's physical and administrative needs. This check detects failed login attempts on devices. You should investigate all failed logins, especially any attempts on /dev/console or on a modem device.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_AIXPORTERROR Category: Policy Compliance	UNIX (5248)	Title: AIX /etc/security/portlog Description:This AIX system does not have an /etc/security/portlog file, or ESM cannot open or read the file.	Severity: green-0 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_AIXPORT Category: Policy Compliance	UNIX (5249)	Title: Devices with failed logins Description:The listed ports have failed logins on them. This information is obtained from reading the /etc/security/portlog file.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_FAILDEVICE

Category: Policy Compliance

UNIX (5244)

Title: Devices with failed logins

Description:The administrator can set different policies for logins at different terminals, depending on the site's physical and administrative needs. This check detects failed login attempts on devices. You should investigate all failed logins, especially any attempts on /dev/console or on a modem device.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_AIXPORTERROR

Category: Policy Compliance

UNIX (5248)

Title: AIX /etc/security/portlog

Description:This AIX system does not have an /etc/security/portlog file, or ESM cannot open or read the file.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_AIXPORT

Category: Policy Compliance

UNIX (5249)

Title: Devices with failed logins

Description:The listed ports have failed logins on them. This information is obtained from reading the /etc/security/portlog file.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]