we are not monitoring Cisco IPT Cluster with security devices.
More to add in this.
We have CDR configured and Scheduled backup.is this will be the cause for this.?
What i have observed.
Today i have tried to occur same incident for my confirmation as per the description of the error.i have tried login with wrong user name and wrong password..Got Success in getting the alert again.(so my understaing from this practice some one trying to access the server)
Why this was occurred on all the Nodes in the cluster at the same time?
Is there any internal nodes communication issue ?/ Really someone is trying to access ?
Is there any way to check who was trying to login with wrong user name and password?
These are the paths to get to each CCX logs through CLI. They may be helpful if you are having issues accessing RTMT or downloading logs through it.
If you want to download them you have to prefix "file get " and you can add one of the options (re...