SOC/6/SOCDEFEND: SOC (Security Operation Center) attack defend occur. (Slot=[Slot],Interface=[Interface],Location=[Location],PeVlan=[PeVlan],CeVlan=[CeVlan],Source MAC=[Source_MAC],Destination MAC=[Destination_MAC],Source IP=[Source_IP],Destination IP=[Destination_IP],Source Port=[Source_Port],Destination Port=[Destination_Port],Protocol=[Protocol])
In VS mode, this log is supported only by the admin VS.
| Parameter Name | Parameter Meaning |
|---|---|
|
Slot |
Slot ID |
|
Interface |
Interface name |
|
Location |
Physical interface |
|
PeVlan |
Outer VLAN ID (the value - indicates that this parameter is not applicable) |
|
CeVlan |
Inner VLAN ID (the value - indicates that this parameter is not applicable) |
|
Source_MAC |
Source MAC address (the value - indicates that this parameter is not applicable) |
|
Destination_MAC |
Destination MAC address (the value - indicates that this parameter is not applicable) |
|
Source_IP |
Source IP address (the value - indicates that this parameter is not applicable) |
|
Destination_IP |
Destination IP address (the value - indicates that this parameter is not applicable) |
|
Source_Port |
Source port number (the value - indicates that this parameter is not applicable) |
|
Destination_Port |
Destination port number (the value - indicates that this parameter is not applicable) |
|
Protocol |
Protocol number (the value - indicates that this parameter is not applicable) |
When an attack-defense-capable device was attacked and its CPU usage remained high for a period, the device delivered interface-based ACLs based on the attack packet characteristics to restrict the rate at which the attack packets were sent to the CPU.
In this case, this log was generated.
Collect alarm information, log information and configuration information, and then contact technical support personnel.