There is a security violation on the switch when EFA (installed on TPVM) logs in and tries to access the switch with
different usernames. You observe the following logs on SLX
console: 1018 AUDIT,
2021/10/14-17:26:57 (GMT), [SEC-3021], INFO, SECURITY,
extreme/root/10.20.32.141/ssh/CLI,, SLX, Event: login, Status:
failed, Info: Failed login attempt through REMOTE, IP Addr:
10.20.32.141
1017 AUDIT,
2021/10/14-17:26:55 (GMT), [SEC-3020], INFO, SECURITY,
admin/admin/10.20.32.141/ssh/CLI,, SLX8720-32C, Event: login,
Status: success, Info: Successful login attempt via REMOTE, IP
Addr: 10.20.32.141
1002 AUDIT,
2021/10/14-17:26:41 (GMT), [SEC-3020], INFO, SECURITY,
admin/admin/10.20.32.141/ssh/CLI,, SLX8720-32C, Event: login,
Status: success, Info: Successful login attempt via NETCONF, IP
Addr: 10.20.32.141
|