Appendix Appendix
Total Page:16
File Type:pdf, Size:1020Kb
13 Appendix Appendix View the detailed information about audit events, error codes, and the Open API list used in the Admin Portal. You can also refer to the glossary to understand the technical terms and abbreviations used in this guide. This chapter explains the following topics: → Lists of audit events → Lists of error codes → List of Open API → Glossary Appendix 507 Lists of audit events View the detailed information of audit events. You can view the lists of the audit events for the user devices, servers, and the Admin Portal. Device audit events The list of device audit events for user devices while using Knox Manage is as follows: Event Category Event Name • Cert Issue Fail (Key Generation Error) • Cert Verification Fail (Unknown) • BasicConstraints Check Error • Path Check Error • Valid Date Check Error • CRL Check Error Certificate Status • Cert Verification Fail (Unknown) • Cert Issue Request • Cert Issue Success • Cert Issue Fail (Parameter Error) • Cert Issue Fail (Not-initialized Object Error) • Cert Issue Fail (Internal Error) • Violated version control policy (Device) Compliance • Violated recording prevention policy (Device) • Check System Forgery Appendix 508 Event Category Event Name • Failed to lock EMM screen (Device) • Log on status is changed to logout (Device) • Managed Google Play token issuance (Device) • Managed Google Play account registration (Device) • Managed Google Play account report (Device) • Managed Google Play account removal (Device) • SIM Card changed • Network usages resetted. Device • Cellular data limit reached. • Call limit reached. • Agent has been started. • Agent has been shutdowned. • Failure of the randomization process. • Failure of policy validation. • Result of importing the certificates to be used for authentication of Agent communications. • Keepalive Time Limited • Keepalive Notice • Device Command Received • Verify Device Command • Device Command Added • Device Command Process Started • Device Command Process Finished • Failure Installation Package • Failure Installation Package in KNOX Device Command • Failure Uninstallation Package • Failure Uninstallation Package in KNOX • Device Diagnosis Information • Device Lock/Unlock History • Failure Installation Package in Work Profile • Failure Uninstallation Package in Work Profile • Policy violation detected • Exit due to policy violation • Change Trigger State • Change Profile Appendix 509 Event Category Event Name • Device Boot Completed • Change Network Connectivity EMM Agent • Change Agent Context • Initialize Agent • EMM Login Failed • EMM Client Screen UnLock Failed EMM Client • EMM Login Failed Count Exceeded • EMM Client Screen UnLock Failed Count Exceeded • Change Screen Lock Password EMM Client • Push Registration Succeeded • Push Unregistration Succeeded • Enroll EMM Agent Started • Enroll EMM Agent • Unenroll EMM Agent Started • Unenroll EMM Agent Enrollment • Enable Device Admin • Disable Device Admin • Activate ELM License • Activate KLMS License • Enrollment Request by UMC Agent • Report Enrollment Completed to UMC Agent • Report Unenrollment Completed to UMC Agent • Application installation request (Kiosk) Kiosk Launcher • Application list request (Kiosk) • Start Audit Logging Logs • Send Audit Log To Server • Send EMM Agent Log • Device Password Attempts Failed Count Exceeded • Scheduler Raised Profiles • KioskMode Result • SIM card PIN code change • Factory Reset Protection policy configured successfully. User • Agreed to disable fingerprint lock (Device) Appendix 510 Server audit events The list of server audit events for the Knox Manage server and the external requests or inventory scheduler from devices is as follows: Event Category Event Name • Start external sync work • Stop external sync work • Add User By Sync • Modify User By Sync • Delete User By Sync • Ignore AD/LDAP Synced User • Error Occurred While Synching User • Add Organization By Sync • Modify Organization By Sync AD/LDAP Sync • Delete Organization By Sync • Ignore AD/LDAP Synced Organization • Error Occurred While Synching Organization • Initialize Sync Process • Finish Sync • Start external sync operation • Stop external sync operation • Automatically send profile to target users after synchronization ends • Request managed apps mapping action to target users after synchronization ends Administrators • Delete the export files that have elapsed the retention period • Failed to request the authentication token for Android Enterprise device Android Enterprise enrollment • Failed to update Google Device ID (Google → Device) • Modify App Status Due To App Service Expiration Date • Failed to import the app information from the multiple apps Applications • Request the Uninstall App device command in a group or organization • Request to transfer App Install Device Command to assigned device • Report policy violation • Start Keepalive Check Compliance • Close Keepalive Check • Handle Keepalive violations Appendix 511 Event Category Event Name • Check Point MTP Malware detection information • Update Device Status (System Block) Compliance • Run Keepalive task • No Keepalive task or not configured • Update Device Status (Disconnected) • Request Content List Contents • Report Content Status • Distribute the latest device management profile/app information (Device control transmit) • Distribute the latest device management profile (Device control transmit) • Distribute the latest information on internal application (Device control transmit) • Implement User-defined event - Activate (Device control transmit) • Implement User-defined event - Deactivate (Device control transmit) • Implement Gate event - Activate (Device control transmit) • Implement Gate event - Deactivate (Device control transmit) • Disable Exchange block - Activate (Device control transmit) • Disable Exchange block - Deactivate (Device control transmit) • Install app (Device control transmit) • Implement app (Device control transmit) • Close app (Device control transmit) Device Command • Delete app data (Device control transmit) • Delete app (Device control transmit) • Allow/Disallow running an app - Allow (Device control transmit) • Allow/Disallow running an app - Disallow (Device control transmit) • Lock/Unlock the device - Lock (Device control transmit) • Lock/Unlock the device - Unlock (Device control transmit) • Reset screen password (Device control transmit) • Factory reset (Device control transmit) • Power off the device (Device control transmit) • Reboot the device (Device control transmit) • Initialize external SD card (Device control transmit) • Activate/Deactivate CC mode - Activate (Device control transmit) • Activate/Deactivate CC mode - Deactivate (Device control transmit) Appendix 512 Event Category Event Name • Lock screen (Device control transmit) • Attestation (Device control transmit) • Initialize information on blocking (Device control transmit) • Deactivate service (Device control transmit) • Collect Audit log -Agent (Device control transmit) • Collect log -Agent (Device control transmit) • Collect diagnosis information (Device control transmit) • Update License (Device control transmit) • Update System app (Device control transmit) • H/W status (Device control transmit) • List of apps installed (Device control transmit) • Location (Device control transmit) • SIM verification (Device control transmit) • Report the status (Device control transmit) • Lock/Unlock container - Lock (Device control transmit) • Lock/Unlock container - Unlock (Device control transmit) • Reset container lock passcode (Device control transmit) Device Command • Delete container (Device control transmit) • Install container app (Device control transmit) • Run container app (Device control transmit) • Close container app (Device control transmit) • Delete container app data (Device control transmit) • Delete container app (Device control transmit) • Apply security policy (Device control transmit) • Distribute the latest app management profile (Device control transmit) • Check if a device has been rooted (Device control transmit) • Unlock EMM Client (Device control transmit) • Send a message (Device control transmit) • Delete an account (Device control transmit) • Lock screen (Device control transmit) • Collect Audit log - Client (Device control transmit) • Collect log -Client (Device control transmit) • Collect diagnosis information (Device control transmit) • Update user information (Device control transmit) Appendix 513 Event Category Event Name • Update system app (Device control transmit) • Location (Device control transmit) • Apply security policy (Device control transmit) • Apply security policy - Deactivate (Device control transmit) • Transfer event information (Device control transmit) • Install AndroidForWork app (Device control transmit) • Delete AndroidForWork app (Device control transmit) • Deactivate service (Device control transmit) • Invite program (Device control transmit) • Invite To Program (Response) • Check if an app has been installed (Device control transmit) • Activate event to time - Deactivate (Device control transmit) • Activate event to time - Activate (Device control transmit) • Notice of a fail to activate service (Device control transmit) • Request to activate visitor policy request (Device control transmit) • Deactivate visitor policy request (Device control transmit) • Agent Invalid protocol Device Command • Agent Invalid request • Agent Request to distribute device management profile (Device → Server) • Agent Respond to the request to distribute device management