This table lists the Database Firewall messages. These messages are captured in the /var/log/messages file.
| Code ODF | Cause | Action |
|---|---|---|
|
10001 |
Internal error |
Contact Oracle Support. |
|
10100 |
The operation has completed successfully |
No action required. |
|
10101 |
Configuration change |
A configuration change is being applied. No action required. |
|
10102 |
Startup complete |
The process has completed its initialization and is ready to perform work. No action required. |
|
10103 |
Engine informational |
Informational message only. No action required. |
|
10104 |
ACE informational |
Informational message only. No action required. |
|
10105 |
Decoder informational |
Informational message only. No action required. |
|
10106 |
Connected to Audit Vault Server |
A connection has been successfully established to the Audit Vault Server. No action is required. |
|
10107 |
TrafficTrace starting |
The TrafficTrace logging system has started. No action is required. |
|
10108 |
TrafficTrace data |
The TrafficTrace logging system is logging data. No action is required. |
|
10109 |
TrafficTrace stopping |
The TrafficTrace logging system has stopped. No action is required. |
|
10110 |
Process Metrics |
Information about the performance of the process. No action is required. |
|
10111 |
Traffic capture is enabled |
Network traffic is being captured for diagnostic purposes. You should only see this message under the direction of Oracle Support. |
|
10112 |
Buffered Traffic written successfully |
Buffered network traffic has been written to file for diagnostic purposes. No action is required. |
|
10113 |
TCP connection successfully disrupted |
A client TCP connection to the database has been successfully disrupted. This action was taken as the Enforcement Point is in DPE mode, and the option to Maintain Existing Connections was not selected. No action is required. |
|
10114 |
Stopped receiving heartbeat data |
Information about the Enforcement Point. No action is required. |
|
10200 |
Failed parsing Exclude Addresses |
Check the configuration of the WAF Exclude Addresses. |
|
10201 |
Failed parsing alert forwarding address |
Check the configuration of the WAF Destination Host and Port for alert forwarding. |
|
10202 |
Failed parsing Cookie Prefixes |
Check the configuration of the WAF Cookie Prefixes. |
|
10203 |
Failed parsing F5 message |
Check that the F5 machine is configured as per the instructions in the Oracle Audit Vault and Database Firewall Administrator's Guide. |
|
10204 |
Failed parsing F5 HTTP headers |
Check that the F5 machine is configured as per the instructions in the Oracle Audit Vault and Database Firewall Administrator's Guide. |
|
10205 |
F5 device connected |
An F5 appliance has established a connection to the Database Firewall. No action required. |
|
10206 |
F5 device disconnected |
An F5 appliance has disconnected from the Database Firewall. Ensure that the F5 device is functioning correctly. |
|
10207 |
WAF messages dropped |
Messages from the WAF appliance have been dropped as the queue was full. Check the settings on your WAF appliance to ensure that the threshold for sending alerts is correct. |
|
10208 |
The HTTP Content-Type value is unsupported |
The Content-Type value found in the HTTP header is unsupported. Contact Oracle Support. |
|
10209 |
F5 message size too large |
The message from the F5 appliance is too large for the Database Firewall to process. Check that the F5 appliance is configured as per the instructions in the Oracle Audit Vault and Database Firewall Administrator's Guide. |
|
10210 |
F5 feed not established |
No F5 |
|
10211 |
Failed connecting to F5 |
Check the configuration for WAF Alert Forwarding. Check that the specified host is running and prepared to accept connections. |
|
10300 |
Host Monitor connected |
A remote Host Monitor process has established a connection to the Database Firewall. No action required. |
|
10301 |
Host Monitor disconnected |
A remote Host Monitor process has disconnected from the Database Firewall. This is normal behavior if the Host Monitor has been stopped. |
|
10302 |
Host Monitor not authorized |
A Host Monitor has attempted to connect to the Database Firewall from an unauthorized source. Investigate the source of this unexpected connection attempt. |
|
10400 |
No ASO records found |
Check that database has been configured for ASO as per the instructions in the Oracle Audit Vault and Database Firewall Administrator's Guide. |
|
10401 |
ASO traffic will not be decrypted |
ASO (encrypted) traffic to the database will not be decrypted. If you wish this traffic to be decrypted, follow the instructions in the Administrator's Guide. |
|
10402 |
Delayed response to ASO request |
The response to the ASO request was delayed that the request was purged from the queue before the response was received. Verify that the secured target is configured for ASO and is functioning correctly. |
|
10403 |
ASO is using unsupported encryption algorithm |
ASO processing found the session is using unsupported encryption algorithm. If the enforcement point is configured with DPE mode, the session will be terminated. In DAM mode the message is decoded and SQL statements extracted if there are any. |
|
10500 |
Unable to connect to Audit Vault Server |
A connection could not be established to the Audit Vault Server. This message is seen in normal operation when the Database Firewall is first associated with the Audit Vault Server. If the message persists, or is seen under different circumstances then check the settings of the Database Firewall and the Audit Vault Server in the GUI. |
|
10501 |
Failed connecting to Secured Target |
Check the secured target configuration. Check the secured target host is running and prepared to accept connections. |
|
10502 |
Failed connecting to remote database |
Check the configuration for the remote database in question, and that it is running and prepared to accept connections. |
|
10503 |
No connection to remote database |
Check the connection configuration, and that the remote database is running and prepared to accept connections. Note that this may be due to temporary unavailability of the remote database. |
|
10504 |
Network device error |
Check the configuration of the network devices on the Database Firewall. |
|
10505 |
Failed to resolve host name |
Check the DNS settings on your appliance, and that the host name is specified correctly. |
|
10506 |
IP packet fragmented |
An IP packet intercepted in DAM mode was marked as fragmented. Check your network infrastructure to determine the cause of the fragmentation. |
|
10507 |
TCP session re-use |
A closed TCP session to the database has been re-opened. This could lead to state from the previous session being applied to the new session. No action required. |
|
10508 |
Detected connection failure to Audit Vault Server |
A notification of message delivery has not been received for certain period of time. If the message persists then check the network connection between the Audit Vault Server and the Database Firewall, including the router or Firewall settings. |
|
10509 |
Failed to find MAC address |
Failed to find database MAC address. MAC address substitution will not work. The possible causes are:
Connect the Database and Firewall properly, and then reboot the Firewall. |
|
10510 |
The TCP connection to the Audit Vault Server has been lost |
Check the network path between the Database Firewall and the Audit Vault Server. Note: This problem may be seen when the Audit Vault Server is restarted. |
|
10511 |
IPC communication disrupted |
See other messages in log file for more information. |
|
10512 |
A badly formed TCP URG packet was received |
This problem has been seen in |
|
10513 |
SSL handshake failed |
An SSL client has failed to connect to the Database Firewall due a failure in the initial handshake. Examine the additional information in this message, and confirm that the client is correctly configured. |
|
10514 |
Peer has reset the connection |
The remote peer of this TCP session has reset the connection. Ensure that the remote peer is behaving correctly. Note: Although resetting a TCP connection is a hard close of the TCP session, it does not necessarily indicate that there is an error in the peer. |
|
10515 |
TCP connection attempt has failed |
An attempt to establish a TCP connection has failed. Examine other related error messages to determine the context of this failure. |
|
10516 |
Failed opening socket |
An attempt to open a socket has failed. Examine other related error messages to determine the context of this failure. |
|
10600 |
Invalid Secured Target IP address |
Ensure the secured target IP address has been correctly specified in the GUI. |
|
10601 |
Secured target clash |
Two secured targets with the same connection information ( |
|
10602 |
No |
The name of the |
|
10603 |
Reboot now to apply the new configuration as it cannot be applied to the system that is running |
The system management software failed to apply configuration to the running system. A reboot should apply the new settings. More information may be available in the debug log. |
|
10604 |
Cannot generate new configuration file. |
The system management software failed to generate the new configuration. Contact Oracle Support. |
|
10605 |
Cannot generate new configuration, retry the operation |
The system management software failed to generate the new configuration. Workaround is provided. |
|
10606 |
Internal error, invalid configuration |
Contact Oracle Support. |
|
10607 |
Value of system configuration |
The value of the system setting |
|
10608 |
Invalid argument for certificate operation |
Check the parameters or files you have provided. |
|
10609 |
Invalid certificate key pair |
The uploaded certificate was not generated from the correct certificate signing request. |
|
10610 |
Certificate Signing Request common name mismatch |
The uploaded certificate does not match the original common name. Verify your signing process. |
|
10611 |
Error processing certificate |
The uploaded certificate was not valid. Check the uploaded certificate. |
|
10612 |
Proxy-mode Enforcement Points clash |
More than one Enforcement Point is configured to use the same proxy port. Examine the Enforcement Points configured for the specific Database Firewall and resolve the conflict. |
|
10613 |
LVM out of space, add more storage and try again |
There is not enough storage available for the requested LVM operation. Add more storage and try again. |
|
10614 |
No TrafficTrace SQL statement provided in configuration file |
Edit the configuration file and add the SQL against key |
|
10615 |
Unable to parse the expiry time in configuration file |
Edit the configuration file and enter the expiry time against key EXPIRES_AT in the format |
|
10616 |
Expiry time has already passed |
Edit the configuration file and alter the EXRIRES_AT time as required. |
|
10617 |
TrafficTrace period set for greater than the permitted value |
Edit the configuration file and alter the EXRIRES_AT time as required. |
|
10618 |
Secure transport string unrecognised |
Edit the configuration file and alter the secure transport protocol string. |
|
10619 |
Insecure transport protocol |
Edit the configuration file and alter the secure transport protocol string to a more secure version. |
|
10620 |
There are public security vulnerabilities in this protocol version |
Edit the configuration file and alter the secure transport protocol string to a more secure version, if that option is available in your deployment. |
|
10621 |
Secure Transport Protocol configured |
This is an informational message. No action required. |
|
10700 |
Queue of messages destined for Audit Vault Server is full |
Check the status of the Audit Vault Server associated with the specific Database Firewall. Also check the Audit Vault Server and Database Firewall are correctly paired. |
|
10701 |
Network packets not intercepted |
Some network packets were not captured because the system was overloaded (DAM mode). |
|
10702 |
Capacity exceeded |
The system is not able to capture all the requested DAM mode traffic. |
|
10703 |
Capacity no longer exceeded |
The system is now capturing all the requested DAM mode traffic again. No action required. |
|
10704 |
Internal capacity exceeded |
Internal system capacity has been exceeded for the protected database. Contact Oracle Support. |
|
10705 |
SQL call failed |
Check that database is running, that the configured user has permission to execute the statement and has access to the required resources. |
|
10706 |
|
A message being processed for forwarding to the Audit Vault Server is too large to send. Contact Oracle Support. |
|
10707 |
Data truncation |
The size of an item of data exceeded a limit and has been truncated. |
|
10708 |
Failed sending |
Unable to start the Arbiter process. Examine the log file for other errors to determine the cause of this failure. |
|
10709 |
Failed to start monitoring processes |
Examine the debug log file for other errors to determine the cause of this failure. |
|
10710 |
Internal capacity no longer exceeded |
The system is now transferring all the requested DAM mode traffic again. No action required. |
|
10711 |
Could not find service name information in connection string |
The Oracle connection string did not contain recognizable service name information ( |
|
10712 |
|
Informational message only. No action required. |
|
10713 |
Failed connecting to the policy server |
This message is sometimes seen in heavily loaded systems during the shutdown or restart of an Enforcement Point. No action required, unless this error is seen repeatedly. |
|
10800 |
Generic GUI information |
Generic informational message. No action required. |
|
10801 |
Generic GUI warning |
Generic warning message. No action required. |
|
10900 |
Invalid user credentials |
The system does not recognize the account credentials (username, password) |
|
10901 |
Failed to set password |
The system has failed to set the password. |
|
11000 |
Migration file result: success |
This message is for audit trail and no specific action is required. |
|
11001 |
Migration file invocation |
This message is for audit trail and no specific action is required. |
|
11002 |
Migration group invocation |
This message is for audit trail and no specific action is required. |
|
11003 |
Migration stanza invocation |
This message is for audit trail and no specific action is required. |
|
11004 |
Migration stanza result: success |
This message is for audit trail and no specific action is required. |
|
11005 |
Migration group result: success |
This message is for audit trail and no specific action is required. |
|
11006 |
Migration file result: success |
This message is for audit trail and no specific action is required. |
|
11007 |
Migration stanza result: skipped |
This message is for audit trail and no specific action is required. |
|
11008 |
Confirm you wish to start upgrade |
Read the following messages, and re-run this utility as follows to begin upgrade:
|
|
11009 |
Check before continuing |
Power loss during upgrade may cause data loss. Do not power off during upgrade. |
|
11010 |
Check before continuing |
This upgrade will erase |
|
11011 |
Check before continuing |
Review |
|
11012 |
The install or upgrade has completed successfully |
This message is for audit trail and no specific action is required. |
|
11013 |
Last migration: success |
No further action needed. |
|
11014 |
Last migration: started |
The upgrade is in progress or was interrupted. Wait until the upgrade completes or contact support. |
|
11015 |
Last migration: failed |
Fix the failure cause. Migration can be executed again. |
|
11016 |
Last migration: failed |
Perform the actions necessary to get the system to the expected final state of migration. |
|
11017 |
Attempt to resume upgrade without confirmation |
Confirm that you have fixed the original error cause by running the tool again with |
|
11018 |
Attempt to resume upgrade without confirmation |
Confirm that you have fixed the original error cause by running the tool again with WARNING: Resuming upgrade on an unfixed system may further corrupt it. |
|
11019 |
Attempt to resume upgrade when not in recovery mode |
The system is not in recovery mode. There is nothing to resume. |
|
11030 |
Migration file result: completed with warnings |
Download the diagnostics package and contact Oracle Support. Review |
|
11031 |
Cannot resume upgrade or install: migration file does not match hash |
The migration index does not validate with the given hash, so it is not possible to resume the install or upgrade. Generate a new hash if you are using a new migration index. |
|
11060 |
Migration file result: |
Do not use this system in a production environment. Download the diagnostics package and contact Oracle Support. Review |
|
11061 |
Migration group result: |
Do not use this system in a production environment. Download the diagnostics package and contact Oracle Support. Review |
|
11062 |
Migration stanza result: failed to start because its preconditions were not met |
Do not use this system in a production environment. Download the diagnostics package and contact Oracle Support. Review |
|
11063 |
Migration file result: |
Download the diagnostics package and contact Oracle Support. Review |
|
11064 |
The install or upgrade is incomplete |
Download the diagnostics package and contact Oracle Support. Review |