Topics on this page
Predefined alerts
The following table provides details on the predefined alerts.
| Alert | Default Severity | Dismissible | Description |
| A computer reboot is required to enable Deep Security Agent protection | Critical | Yes | The agent software upgrade was successful, but a computer reboot is required to disable Windows Defender and enable agent protection. |
| A Deep Security Relay cannot download security components | Critical | No | A relay cannot download security components. This might be due to network connectivity issues or misconfigurations in Workload Security under Administration > System Settings > Updates. Check your network configurations (for example, the proxy settings of the relay group) and System Settings, and then manually initiate an update on the relay using the Download Security Update option on the Administration > Updates > Software page. |
| Abnormal Restart Detected | Warning | Yes |
An abnormal restart has been detected on the computer. This condition may be caused by a variety of conditions. If the agent is suspected as the root cause, then the diagnostics package (located in the Support section of the Computer Details dialog) should be invoked. This alert indicates that the agent service was restarted abnormally. You can safely dismiss this alert, or, if the alert reoccurs, create a diagnostics package and open a case with Technical Support. |
| Account Balance Depleted | Critical | No | Your prepaid account balance has been depleted. You can no longer receive updates, including security updates, until your account is replenished. To ensure your security is maintained, contact your sales representative to add credit to your account. |
| Account Balance Low | Warning | No | Your prepaid account balance is running low. To ensure uninterrupted service, contact your sales representative to add more credit to your account. |
| Activation Failed | Critical | No | This may indicate a problem with the agent, but it also can occur if agent self-protection is enabled. In the Workload Security console, go to Computer editor > Settings > General. In Agent Self Protection, and then either deselect Prevent local end-users from uninstalling, stopping, or otherwise modifying the Agent or enter a password for local override. |
| Agent configuration package too large | Warning | Yes | This is usually caused by too many firewall and intrusion prevention rules being assigned. Run a recommendation scan on the computer to determine if any rules can be safely unassigned. |
| Agent Installation Failed | Critical | Yes |
The agent failed to install on one or more computers. Those computers are currently unprotected. You must reboot the computers which will automatically restart the agent install program. This may indicate a problem with the agent, but it also can occur if agent self-protection is enabled. In the Workload Security console, go to Computer editor > Settings > General. In Agent Self Protection, and then either deselect Prevent local end-users from uninstalling, stopping, or otherwise modifying the Agent or enter a password for local override. |
| Agent/Appliance Upgrade Recommended | Warning | No | Workload Security has detected an older agent version on the computer that does not support all available features. An upgrade of the agent software is recommended. (Deprecated in DSA version 9.5) |
| Agent/Appliance Upgrade Recommended (Incompatible Security Updates) | Warning | No | Workload Security has detected a computer with a version of the agent that is not compatible with one or more security updates assigned to it. An upgrade of the agent software is recommended. |
| Agent/Appliance Upgrade Recommended (New Version Available) | Warning | No | Workload Security has detected one or more computers with a version of the agent that is older than the latest version in Workload Security. An upgrade of the agent software is recommended. |
| Agent/Appliance Upgrade Required | Warning | No | Workload Security has detected a computer with a version of the agent that is not compatible with Workload Security. An upgrade of the agent software is required. |
| An update to the Rules is available | Warning | No | Updated rules have been downloaded but not applied to your policies. To apply the rules, go to Administration > Updates > Security and in the Rule Updates column, click Apply Rules to Policies. |
| Anti-Malware Alert | Warning | Yes | A malware scan configuration that is configured for alerting has raised an event on one or more computers. |
| Anti-Malware Component Failure | Critical | Yes | An anti-malware component failed on one or more computers. See the event descriptions on the individual computers for specific details. |
| Anti-Malware Component Update Failed | Warning | No | One or more agent or relay failed to update anti-malware components. See the affected computers for more information. |
| Anti-Malware Engine Offline | Critical | No | The agent has reported that the anti-malware engine is not responding. Check the system events for the computer to determine the cause of the failure. |
| Anti-Malware module maximum disk space used to store identified files exceeded | Warning | Yes | The Anti-Malware module was unable to analyze or quarantine a file because the maximum disk space used to store identified files was reached. To change the maximum disk space for identified files setting, open the Computer or Policy editor and select the Anti-malware > Advanced tab. |
| Anti-Malware protection is absent or out of date | Warning | No | The agent on this computer has not received its initial anti-malware protection package, or its anti-malware protection is out of date. Make sure a relay is available and that the agent has been properly configured to communicate with it. To configure relays and other update options, go to Administration > System Settings > Updates. | API Key Locked Out | Warning | No | API Keys can be locked out manually or by repeated failed validation attempts. |
| Application Control Engine Offline | Critical | No | The agent has reported that the Application Control engine failed to initialize. Check the system events for the computer to determine the cause of the failure. |
| Application Control Ruleset is incompatible with agent version | Critical | No | An application control ruleset could not be assigned to one or more computers because the ruleset is not supported by the installed version of the agent. Typically, the problem is that a hash-based ruleset (which is compatible only with agent version 11.0 or later) has been assigned to an earlier version agent. Agent version 10.x supports only file-based rulesets. For more information, see Differences in how 10.x and 11.x agents compare files.) To fix this issue, upgrade the agent to version 11.0 or later. Alternatively, if you are using local rulesets, reset application control for the agent. |
| Application Type Misconfiguration | Warning | No | Misconfiguration of application types may prevent proper security coverage. |
| Application Type Recommendation | Warning | Yes | Workload Security has determined that a computer should be assigned an application type. This could be because an agent was installed on a new computer and vulnerable applications were detected, or because a new vulnerability has been discovered in an installed application that was previously thought to be safe. To assign the application type to the computer, open the Computer Details dialog, click Intrusion Prevention Rules, and assign the application type. |
| AWS Contract License Exceeded | Critical | No | AWS Contract License expired or AWS Contract entitlements have been exceeded. |
| Azure Account Not Authorized to Read Resources Information | Critical | No | Azure Cloud Account cannot retrieve resources information from Azure API because the Azure Application is not authorized to read resources. Verify that the Reader role has been assigned to the application. |
| Azure Account Password Invalid | Critical | No | Azure Cloud Account cannot retrieve resources information from Azure API because the Azure Application password is invalid. |
| Azure Account Secret Expired | Critical | No | Azure Cloud Account cannot retrieve resources information from Azure API because the Azure Application secret key has expired. |
| Microsoft Entra ID Application Not Found | Critical | No | Azure Cloud Account cannot retrieve resources information from Azure API because the Azure Application is not found. The application possibly has been removed from Microsoft Entra ID. |
| Microsoft Entra ID Application Need Renew | Critical | No | The Microsoft Entra ID application can not synchronize the cloud data now. It is possible that the application password has expired or the application has been deleted. Renew the application via Computers > Properties (right click on the target group) > Renew Application Now. |
| Azure Key Pair Expired | Critical | No | The key pair for Azure services has expired. You can remove this alert by updating your key pair on the Azure service's property page. |
| Azure Key Pair Expires Soon | Warning | No | The key pair for Azure services will expire soon. You can remove this alert by updating your key pair on the Azure service's property page. | Azure Subscription Not Found | Critical | No | Azure Cloud Account cannot retrieve resources information from Azure API because the Azure Subscription cannot be found. |
| Census, Good File Reputation, and Predictive Machine Learning Service Disconnected | Warning | Yes |
Disconnected from Census, Good File Reputation, and Predictive Machine Learning Service. See the event details for possible solutions. Refer to Warning: Census, Good File Reputation, and Predictive Machine Learning Service Disconnected for troubleshooting tips. |
| Clock Change Detected | Warning | Yes | A clock change has been detected on the computer. Unexpected clock changes may indicate a problem on the computer and should be investigated before the alert is dismissed. |
| Cloud Computer Not Managed as Part of Cloud Account | Warning | Yes | An agent was activated on one or more computers belonging to a cloud account that is not synchronized with Workload Security. Click the link in the Action field to add the cloud account to Workload Security. The computers will be moved into the account and may be billed at a lower hourly rate. |
| Communications Problem Detected | Warning | Yes | A communications problem has been detected on the computer. Communications problems indicate that the computer cannot initiate communication with Workload Security because of network configuration or load reasons. Check the system events in addition to verifying communications can be established to Workload Security from the computer. The cause of the issue should be investigated before the alert is dismissed. |
| Computer Not Receiving Updates | Warning | No | These computers have stopped receiving updates. Manual intervention may be required. |
| Computer Reboot Required | Critical | Yes | The agent software upgrade was successful, but the computer must be rebooted for the installation to be completed. The computers should be manually updated before the alert is dismissed. |
| Computer Reboot Required for Activity Monitoring | Critical | No | The Activity Monitoring on Agent has reported that the computer needs to be rebooted. Check the system events for the computer to determine the reason for the reboot. |
| Computer Reboot Required for Anti-Malware Protection | Critical | No | The anti-malware protection on the agent has reported that the computer needs to be rebooted. Check the system events for the computer to determine the reason for the reboot. |
| Computer Reboot Required for Application Control Protection | Critical | No | The Application Control protection on Agent has reported that the computer needs to be rebooted. Check the system events for the computer to determine the reason for the reboot. |
| Computer Reboot Required for Integrity Monitoring Protection | Critical | No | The Integrity Monitoring protection on Agent has reported that the computer needs to be rebooted. Check the system events for the computer to determine the reason for the reboot. |
| Configuration Required | Warning | No | One or more computers are using a policy that defines multiple interface types where not all interfaces have been mapped. |
| Duplicate Computer Detected | Warning | Yes | A duplicate computer has been activated or imported. Remove the duplicate computer and reactivate the original computer if necessary. |
| Empty Relay Group Assigned | Critical | No | These computers have been assigned an empty relay group. Assign a different relay group to the computers or add relays to the empty relay groups. |
| Events Suppressed | Warning | Yes | The agent encountered an unexpectedly high volume of events. As a result, one or more events were not recorded (suppressed) to prevent a potential denial of service. Check the firewall events to determine the cause of the suppression. |
| Events Truncated | Warning | Yes | Some events were lost because the data file grew too large for the agent to store. This may have been caused by an unexpected increase in the number of events being generated, or the inability of the agent to send the data to Workload Security. For more information, see the properties of the Events Truncated system event on the computer. |
| Execution of Software Blocked | Warning | Yes | Execution of software was blocked on one or more computers. See the Application Control Events on the computers for more information. |
| Failed to Send SNS Message | Critical | No | Workload Security was unable to forward messages to Amazon SNS. |
| Failed to Send Syslog Message | Warning | No | Workload Security was unable to forward messages to one or more Syslog Servers. |
| Files could not be scanned for malware | Warning | No | Files could not be scanned for malware because the file path exceeded the maximum file path length limit or the directory depth exceeded the maximum directory depth limit. Check the system events for the computer to determine the reason. |
| Firewall Engine Offline | Critical | No | The agent has reported that the firewall engine is offline. Check the status of the engine on the agent. |
| Firewall Rule Alert | Warning | Yes | A firewall rule that is selected for alerting has been encountered on one or more computers. |
| Firewall Rule Recommendation | Warning | Yes | Workload Security has determined that a computer on your network should be assigned a firewall rule. This could be because an agent was installed on a new computer and vulnerable applications were detected, or because a new vulnerability has been discovered in an installed application that was previously thought to be safe. To assign the firewall rule to the computer, open the Computer Details dialog, click on the Firewall Rules node, and assign the firewall rule. |
| Incompatible Agent/Appliance Version | Error | No | Workload Security has detected a more recent agent version on the computer that is not compatible with Workload Security. |
| Insufficient Disk Space | Warning | Yes | The agent has reported that it was forced to delete an old log file to free up disk space for a new log file. You need to immediately free up disk space to prevent loss of intrusion prevention, firewall and agent events. See Warning: Insufficient disk space. |
| Integrity Monitoring Engine Offline | Critical | No | The agent has reported that the integrity monitoring engine is not responding. Check the system events for the computer to determine the cause of the failure. |
| Integrity Monitoring Rule Alert | Warning | Yes | An integrity monitoring rule that is selected for alerting has been encountered on one or more computers. |
| Integrity Monitoring Rule Compilation Error | Critical | No | An error was encountered compiling an integrity monitoring rule on a computer. This may result in the integrity monitoring rule not operating as expected. |
| Integrity Monitoring Rule Recommendation | Warning | Yes | Workload Security has determined that a computer on your network should be assigned an integrity monitoring rule. To assign the integrity monitoring rule to the computer, open the Computer Details dialog, click the Integrity Monitoring > Integrity Monitoring Rules node, and assign the integrity monitoring rule. |
| Integrity Monitoring Rule Requires Configuration | Warning | No | An integrity monitoring rule that requires configuration before use has been assigned to one or more computers. This rule will not be sent to the computers. Open the integrity monitoring rule properties and select the Configuration tab for more information. |
| Intrusion Prevention Engine Offline | Critical | No | The agent has reported that the intrusion prevention engine is offline. Check the status of the engine on the agent. |
| Intrusion Prevention Rule Alert | Warning | Yes | An intrusion prevention rule that is selected for alerting has been encountered on one or more computers. |
| Intrusion Prevention Rule Compilation Failed | Critical | Yes | This is usually caused by a misconfigured IPS Rule. The Rule name can be found in the Event's Properties window. To resolve this issue, identify the Rule and unassign it or contact Trend Micro Support for assistance. |
| Intrusion Prevention Rule Requires Configuration | Warning | No | An intrusion prevention rule that requires configuration before use has been assigned to one or more computers. This rule will not be sent to the computers. Open the intrusion prevention rule properties and select the Configuration tab for more information. |
| Invalid System Settings Detected | Critical | No | Workload Security detected invalid values for one or more system settings. |
| License Expired | Critical | No | Your Workload Security license has expired. You can no longer receive updates, including security updates, until your license is renewed. To ensure your security is maintained, contact your sales representative to renew your license. |
| License Expiring Soon | Warning | No | Your Workload Security license will expire soon. Contact your sales representative to renew your license. |
| Log Inspection Engine Offline | Critical | No | The agent has reported that the log inspection engine has failed to initialize. Check the system events for the computer to determine the cause of the failure. |
| Log Inspection Rule Alert | Warning | Yes | A log inspection rule that is selected for alerting has been encountered on one or more computers. |
| Log Inspection Rule Recommendation | Warning | Yes | Workload Security has determined that a computer on your network should be assigned a log inspection rule. To assign the log inspection rule to the computer, open the Computer Details dialog, click the Log Inspection > Log Inspection Rules node, and assign the log inspection rule. |
| Log Inspection Rule Requires Configuration | Warning | No | A log inspection rule that requires configuration before use has been assigned to one or more computers. This rule will not be sent to the computers. Open the Log Inspection Rule properties and select the Configuration tab for more information. |
| Maintenance Mode On | Warning | No | Maintenance mode is currently active for application control on one or more computers. While this mode is active, application control continues to enforce block rules (if you selected Block unrecognized software until it is explicitly allowed), but will allow software updates, and automatically add them to the inventory part of the ruleset. When the software update is finished for each computer, disable maintenance mode so that unauthorized software is not accidentally added to the ruleset. |
| MQTT Connection Configuration Failed | Warning | No | Failed to configure agent for MQTT connection. |
| MQTT Connection Offline | Warning | No | The agent is unable to connect to the MQTT endpoint. |
| Network Engine Mode Incompatibility | Warning | No | Setting Network Engine Mode to Tap is only available on agent versions 5.2 or later. Review and update the agent's configuration or upgrade the agent to resolve the incompatibility. |
| New Pattern Update is Downloaded and Available | Warning | No | New patterns are available as part of a security update. The patterns have been downloaded to Workload Security but have not yet been applied to your computers. To apply the update to your computers, go to the Administration > Updates > Security page. |
| New Rule Update is Downloaded and Available | Warning | No | New rules are available as part of a security update. The rules have been downloaded to Workload Security, but have not yet been applied to policies and sent to your computers. To apply the update and send the updated policies to your computers, go to the Administration > Updates > Security page. |
| Newer Versions of Software Available | Warning | No | New software is available. It can be downloaded from the Download Center. |
| Recommendation | Warning | Yes | Workload Security has determined that the security configuration of one of your computers should be updated. To see what changes are recommended, open the Computer editor and look through the module pages for warnings of unresolved recommendations. In the Assigned Rules area, click >Assign/Unassign to display the list of available rules and then filter them using the Show Recommended for Assignment viewing filter option. That is, select Show Recommended for Unassignment to display rules that can safely be unassigned. |
| Reconnaissance Detected: Computer OS Fingerprint Probe | Warning | Yes | The agent detected an attempt to identify the computer operating system via a fingerprint probe. Such activity is often a precursor to an attack that targets specific vulnerabilities. Check the computer's events to see the details of the probe and see Warning: Reconnaissance Detected. |
| Reconnaissance Detected: Network or Port Scan | Warning | Yes | The agent detected network activity typical of a network or port scan. Such activity is often a precursor to an attack that targets specific vulnerabilities. Check the computer's events to see the details of the probe and see Warning: Reconnaissance Detected. |
| Reconnaissance Detected: TCP Null Scan | Warning | Yes | The agent detected a TCP Null scan. Such activity is often a precursor to an attack that targets specific vulnerabilities. Check the computer's events to see the details of the probe and see Warning: Reconnaissance Detected. |
| Reconnaissance Detected: TCP SYNFIN Scan | Warning | Yes | The agent detected a TCP SYNFIN scan. Such activity is often a precursor to an attack that targets specific vulnerabilities. Check the computer's events to see the details of the probe and see Warning: Reconnaissance Detected. |
| Reconnaissance Detected: TCP Xmas Scan | Warning | Yes | The agent detected a TCP Xmas scan. Such activity is often a precursor to an attack that targets specific vulnerabilities. Check the computer's events to see the details of the probe and see Warning: Reconnaissance Detected. |
| Relay Upgrade Required For Agent Integrity Check | Warning | No | To enable Agent Integrity Check, upgrade relay. |
| SAML Identity Provider Certificate expired | Critical | No | One or more SAML Identity Provider Certificates expired. |
| SAML Identity Provider Certificate expires soon | Warning | No | One or more SAML Identity Provider Certificates expire soon. |
| SAP Virus Scan Adapter is not installed | Critical | No | The agent has reported that the SAP Virus Scan Adapter is not installed. Check the system events for the computer to determine the cause of the failure. |
| SAP Virus Scan Adapter is not up to date | Critical | No | The agent has reported that the SAP Virus Scan Adapter is not up to date. Check the system events for the computer to determine the cause of the failure. |
| Scheduled Malware Scan Missed | Warning | No | Scheduled malware scan tasks were initiated on computers that already had pending scan tasks. This may indicate a scanning frequency that is too high. Consider reducing the scanning frequency or selecting fewer computers to scan during each scheduled scan job. |
| Send Policy Failed | Critical | No | Inability to send policy may indicate a problem with the agent. Check the affected computers. |
| Smart Protection Server Connection Failed | Warning | Yes | Failed to connect to a Smart Protection Server. This could be due to a configuration issue or due to network connectivity. |
| Software Changes Detected | Warning | No | During ongoing file system monitoring, application control detected that new software had been installed, and it did not match any configured allow or block rule. If your system administrators did not install the software, and no other users have permissions to install software, this could indicate a security compromise. If the software tries to launch, depending on your lockdown configuration at that time, it may or may not be allowed to execute. |
| Unable to communicate | Critical | No | Workload Security has been unable to query the agent for its status within the configured period. Check your network configuration and the affected computer's connectivity. |
| Unable to Upgrade the Agent Software | Warning | Yes |
Workload Security was unable to upgrade the agent software on the computer. This may indicate a problem with the agent, but it also can occur if agent self-protection is enabled. In the Workload Security console, go to Computer editor > Settings > General. In Agent Self Protection, either deselect Prevent local end-users from uninstalling, stopping, or otherwise modifying the Agent or enter a password for local override. |
| Unresolved software change limit reached | Critical | No | Software changes detected on the file system exceeded the maximum amount. Application control will continue to enforce existing rules, but will not record any more changes, and it will stop displaying any of that computer's software changes. You must resolve and prevent excessive software change. |
| User Locked Out | Warning | No | Users can be locked out manually by repeated incorrect sign-in attempts, if their password expires, or if they have been imported but not yet unlocked. |
| User Password Expires Soon | Warning | No | The password expiry setting is enabled and one or more users have passwords that will expire within the next 7 days. This alert is only applicable to legacy Trend Cloud One - Endpoint & Workload Security accounts. |
| Web Reputation Event Alert | Warning | Yes | A web reputation event has been encountered on one or more computers that are selected for alerting. |
| WorkSpaces Disabled for AWS Account | Warning | Yes | An agent was activated on one or more Amazon WorkSpaces, but WorkSpaces are not enabled for your AWS account. To enable WorkSpaces, click Edit AWS Account and select Include Amazon WorkSpaces. Your WorkSpaces will be moved into the WorkSpaces folder of the AWS account and billed at a lower hourly rate, if you are using hourly billing. |
The following table lists alerts and their corresponding alert email subjects.
| Alert | Alert Email Subject |
|---|---|
| CPU Critical Threshold Exceeded | The CPU critical threshold of Manager Node ({1}) has been exceeded |
| CPU Warning Threshold Exceeded | The CPU warning threshold of Manager Node ({1}) has been exceeded |
| DSRU Recommended | DSRU recommended |
| Legacy Agent Software Detected | Legacy Agent software detected |
| User Locked Out | {0} User(s) locked out |
| User Password Expires Soon | {0} User(s) have passwords due to expire |
| Abnormal Restart Detected | Abnormal restart detected on {0} computer(s) |
| Clock Change Detected | Clock change detected on {0} computer(s) |
| Communications Problem Detected | Communications problem detected on {0} computer(s) |
| Events Truncated | Events truncated on {0} computer(s) |
| Agent Heartbeat Public Server Certificate Expired | Agent heartbeat public server certificate expired |
| Agent Heartbeat Public Server Certificate Expires Soon | Agent heartbeat public server certificate expires soon |
| Agent Installation Failed | Agent installation failed on {0} computer(s) |
| Insufficient Disk Space | Insufficient disk space detected on {0} computer(s) |
| Events Suppressed | Events suppressed on {0} computer(s) |
| Unable to communicate | Unable to communicate with {0} computer(s) |
| A Deep Security Relay cannot download security components | Unable to update security components on {0} relay(s) |
| Unable to Upgrade the Agent Software | Unable to upgrade the Agent software on {0} computer(s) |
| Incompatible Agent/Appliance Version | Incompatible agent/appliance version detected on {0} computer(s) |
| Agent/Appliance Upgrade Recommended (New Version Available) | Upgrade of the agent/appliance software is recommended on one or more computers. |
| Agent Upgrade Recommended (Incompatible with Appliance) | Upgrade of the agent software is recommended on {0} computer(s) in order to coordinate protection with the appliance |
| Agent/Appliance Upgrade Recommended (Incompatible Security Update(s)) | Upgrade of the agent/appliance software is recommended on {0} computer(s) in order to support the assigned security updates |
| Agent/Appliance Upgrade Required | Upgrade of the agent/appliance software is required on {0} computer(s) |
| Agent/Appliance Upgrade Recommended | Upgrade of the agent/appliance is recommended on {0} computer(s) |
| New Pattern Update is Downloaded and Available | New pattern update available for {0} agent/appliance(s) |
| AWS Account Migration Failed | AWS account migration failed |
| WorkSpaces Disabled for AWS Account | WorkSpaces disabled for AWS account |
| API Key Locked Out | {0} API key(s) locked out |
| Connection to Filter Driver Failure | Connection to filter driver failure |
| Software Package Not Found | Software package not found |
| Microsoft Entra ID Application Certificate Expired | Microsoft Entra ID application for {0} Azure service(s) has expired |
| Microsoft Entra ID Application Certificate Expires Soon | Microsoft Entra ID application certificate for {0} Azure service(s) expires soon |
| Microsoft Entra ID Application Need Renew | Microsoft Entra ID application for {0} Azure service(s) need renew |
| Azure Account Not Authorized to Read Resource Information | Microsoft Entra ID application for {0} Azure cloud account(s) does not have read permission |
| Microsoft Entra ID Application Not Found | Microsoft Entra ID application for {0} Azure cloud account(s) not found |
| Microsoft Entra ID Application Password Expires Soon | Microsoft Entra ID application password for {0} Azure service(s) expires soon |
| Azure Account Secret Expired | Microsoft Entra ID application secret key for {0} Azure cloud account(s) has expired |
| Azure Account Password Invalid | Invalid Microsoft Entra ID application secret for {0} Azure cloud account(s) |
| Azure Subscription Not Found | Azure subscription cannot be found for {0} Azure cloud account(s) |
| Azure Key Pair Expired | Key pair for {0} Azure service(s) has expired |
| Azure Key Pair Expires Soon | Key Pair for {0} Azure service(s) will expire soon |
| Census, Good File Reputation, and Predictive Machine Learning Service Disconnected | Disconnected from Census, Good File Reputation, and Predictive Machine Learning Service |
| Cloud Computer Not Managed as Part of Cloud Account | {0} computer(s) are in cloud environment but not managed as part of cloud account |
| Duplicate Computer Detected | {0} duplicate computer(s) detected |
| Duplicate Unique Identifiers Detected | {0} duplicate unique identifiers detected |
| Upgrade of the Filter Driver Recommended (New Version Available) | Upgrade of the filter driver is recommended on {0} ESXi Server(s) in order to take advantage of the latest features |
| Heartbeat Server Failed | Heartbeat server failed to start on Manager Node ({1}) |
| Configuration Required | Configuration required on {0} computer(s) |
| Computer Not Receiving Updates | {0} Computers(s) are not receiving updates |
| A computer reboot is required to enable Deep Security Agent protection | A computer reboot is required to enable Deep Security Agent protection |
| Invalid System Settings Detected | Invalid system settings detected |
| MQTT Connection Offline | MQTT connection offline for {0} computer(s) |
| MQTT Connection Configuration Failed | MQTT connection configuration failed for {0} computer(s) |
| Protection Module Licensing Expired | Licensing for {1} has expired |
| Protection Module Licensing Expires Soon | Licensing for {1} expires ({2}) |
| Low Disk Space | Manager node ({1}) has low disk space |
| Manager Offline | Manager node ({1}) is offline |
| Manager Time Out of Sync | The clock on Manager Node ({1}) is not synchronized with the clock on the database |
| Upgrade of the Workload Security Manager Software Recommended (Incompatible Security Update(s)) | Upgrade of the Workload Security Manager software is recommended because {0} computer(s) have assigned security updates that are incompatible with the current Workload Security Manager version |
| Memory Critical Threshold Exceeded | The memory critical threshold of Manager Node ({1}) has been exceeded |
| Memory Warning Threshold Exceeded | The memory warning threshold of Manager Node ({1}) has been exceeded |
| Virtual Machine Moved to Unprotected ESXi Server | Virtual Machine moved to unprotected ESXi server from a protected ESXi server |
| Multiple Activated Appliances Detected | Multiple activated appliances detected |
| Newer Versions of Software Available | Newer versions of software available |
| Newer Version of Workload Security Manager is Available | Newer version of Workload Security Manager is available |
| Number of Computers exceeds database limit | Number of computers exceeds the recommended limit for an embedded database |
| Number of Computers exceeds License | Number of computers exceeds the licensed computers allowed |
| Number of Manager Nodes Exceeds License | Number of Manager Nodes exceeds the {3} licensed Managers allowed |
| Critical database error while creating new table partitions during maintenance job | Critical database error while creating new table partitions during maintenance job |
| Recommendation | Recommendations have been made for {0} computer(s) |
| Relay Upgrade Required For Agent Integrity Check | To enable Agent Integrity Check, please upgrade relay. |
| SAML Identity Provider Certificate expired | {0} SAML Identity Provider certificate(s) expired |
| SAML Identity Provider Certificate expires soon | {0} SAML Identity Provider certificate(s) expire soon |
| SAML Service Provider Certificate expired | SAML Service Provider certificate expired |
| SAML Service Provider Certificate expires soon | SAML Service Provider certificate expires soon |
| Failed to Send SNS Message | Unable to forward messages to Amazon SNS |
| Software Updates Available for Import | Software updates are available for download |
| Failed to Send Syslog Message | Unable to forward messages to {0} Syslog Server(s) |
| Activation Failed | Failed to activate {0} computer(s) |
| Send Policy Failed | Failed to send policy(ies) to {0} computer(s) |
| Virtual Machine Unprotected after move to another ESXi | Virtual Machine unprotected after move to another ESXi |
| VMware Tools Not Installed | VMware tools not installed |
| An update to the Rules is available | An update to the Rules is available |
| New Rule Update is Downloaded and Available | New Rule update not applied |