SOC/4/hwBaseSocAttackTrap_active: Security Operation Center detected one attack. (EventNo=[hwSocAttackSeqNo],Probability=[hwSocAttackPossib],Reason=[hwSocAttackReason],Location=[hwSocAttackIfName],Interface= [hwSocAttackSubIfName],Vlan=[hwSocAttackVlanIndex],QinQ=[hwSocAttackUserQinQIndex],MAC=[hwSocAttackMacAddr],IP=[hwSocAttackIPAddr],IPv6=[hwSocAttackIPAddrV6],Vni=[hwSocAttackVniIndex]).
In VS mode, this log is supported only by the admin VS.
The CPU usage of the device and packet delivery process was high, and a large number of packets monitored by the Security Management Center were discarded.
| Parameter Name | Parameter Meaning |
|---|---|
|
hwSocAttackSeqNo |
Sequence number. |
|
hwSocAttackPossib |
Possibility of being attacked. |
|
hwSocAttackReason |
Reason for an attack. |
|
hwSocAttackIfName |
Name of a main interface that is being attacked. |
|
hwSocAttackSubIfName |
Name of a logic interface that is being attacked. |
|
hwSocAttackVlanIndex |
Name of a VLAN that is being attacked. |
|
hwSocAttackUserQinQIndex |
Name of a VLAN that is being attacked. |
|
hwSocAttackMacAddr |
MAC address of an attack source. |
|
hwSocAttackIPAddr |
IP address of an attack source. |
|
hwSocAttackIPAddrV6 |
IPv6 address of an attack source. |
|
hwSocAttackVniIndex |
Index of a VNI that is being attacked. |
1. Run the display attack-source-trace slot slot-id original-information command to check the Attack Source Data field. The packet header information cached by the attack source tracing module is displayed.
2. Collect alarm, log, and configuration information, and contact technical support engineers.
3. End