Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Juniper Mist Alert Types

SUMMARY Juniper Mist™ provides various alerts that you can enable to track ongoing issues.

Infrastructure Alerts

In Juniper Mist, we present those events that don't fit neatly into the service-level experience (SLE) model as alerts. Whereas SLEs represent events that have already happened, alerts represent network and device issues that are ongoing. On the Monitor > Alerts dashboard, you can see three types of alerts: Infrastructure, Marvis, and Security. 

Juniper Mist categorizes alerts that potentially affect a large number of clients as infrastructure alerts. For example, an event during which a Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), or RADIUS server is unreachable can affect many clients. Similarly, if a power supply on a switch is in alarm state, a large number of clients and a large amount of traffic could be affected.

Table 1: Infrastructure Alerts by Severity
Severity Alert Name API Only
Critical ARP Failure
Note:

Click the pencil icon to set the threshold for this alert.
Critical DHCP Failure
Note:

Click the pencil icon to set the threshold for this alert.
Critical DNS Failure
Note:

Click the pencil icon to set the threshold for this alert.
Critical Mist Edge cpu usage high  
Critical Mist Edge disconnected from cloud  
Critical Mist Edge disk usage high  
Critical Mist Edge memory usage high  
Critical Mist Edge power input disconnected  
Critical Mist Edge service failed to start  
Critical Mist Edge unplugged from power  
Critical Virtual Chassis - Backup Member Elected
Critical Virtual Chassis - New device elected for Active Role
Critical Virtual Chassis Member Deleted
Critical Virtual Chassis Port Down
Informational ARP Recovered X
Informational BGP Neighbor State Changed
Informational BGP Neighbor Up
Informational Cellular Edge Connected to NCM  
Informational Cellular Edge Disconnected from NCM  
Informational Cellular Edge Firmware Upgraded  
Informational Cellular Edge Login Failure  
Informational Cellular Edge Login Success  
Informational Cellular Edge Rebooted  
Informational Cellular Edge SIM Door Closed  
Informational Cellular Edge SIM Door Opened  
Informational Cellular Edge WAN Cellular Connected  
Informational Cellular Edge WAN Cellular Service Type Changed  
Informational Cellular Edge WAN Ethernet Connected  
Informational Cellular Edge WAN Ethernet Plugged  
Informational Critical Switch Port Up
Note:

If you enable this alert, you also need to update the switch configuration to identify the critical ports. To do this:

  1. In your switch template, under Select Switches Configuration, select the rule for the ports that you want to configure. (Or add a new rule.)

  2. On the Port Config tab, select the port or port range that you want to configure.

  3. In the settings window, select the Enable critical alerts check box.

  4. Repeat these steps for all critical ports.

For more information about port configuration, see the Juniper Mist Wired Assurance Configuration Guide.
Informational Critical WAN Edge Port Up
Note:

If you enable this alert, you also need to update the WAN or LAN configuration to identify the critical ports. To do this:

  1. In your WAN Edge template, select the WAN or LAN configuration that you want to update. (Or add a new configuration.)

  2. Under Interface, enter the port or ports, and then select the Enable critical alerts check box.

  3. Repeat these steps for all critical ports.

For more information about WAN Edges configuration, see the Juniper Mist WAN Assurance Configuration Guide.
Informational Device reconnected X
Informational Device restarted
Informational DHCP Recovered X
Informational DNS Recovered X
Informational HA Control Link Up X
Informational Mist Edge connected to cloud  
Informational Mist Edge cpu usage normal  
Informational Mist Edge disk usage normal  
Informational Mist Edge memory usage normal  
Informational Mist Edge plugged to power  
Informational Mist Edge power input connected  
Informational Switch reconnected X
Informational Switch restarted
Informational Virtual Chassis Member Added
Informational VPN Peer Up
Informational WAN Edge BGP Neighbor Up
Informational WAN Edge reconnected x
Warning BGP Neighbor Down
Warning Cellular Edge WAN Cellular Disconnected  
Warning Cellular Edge WAN Ethernet Disconnected  
Warning Cellular Edge WAN Ethernet Unplugged  
Warning Critical Switch Port Down
Note:

If you enable this alert, you also need to update the switch configuration to identify the critical ports. To do this:

  1. In your switch template, under Select Switches Configuration, select the rule for the ports that you want to configure. (Or add a new rule.)

  2. On the Port Config tab, select the port or port range that you want to configure.

  3. In the settings window, select the Enable critical alerts check box.

  4. Repeat these steps for all critical ports.

For more information about switch configuration, see the Juniper Mist Wired Assurance Configuration Guide.
Warning Critical WAN Edge Port Down
Note:

If you enable this alert, you also need to update the WAN or LAN configuration to identify the critical ports. To do this:

  1. In your WAN Edge template, select the WAN or LAN configuration that you want to update. (Or add a new configuration.)

  2. Under Interface, enter the port or ports, and then select the Enable critical alerts check box.

  3. Repeat these steps for all critical ports.

For more information about WAN Edges configuration, see the Juniper Mist WAN Assurance Configuration Guide.
Warning Device offline
Note:

Click the pencil icon to set the threshold (in minutes) for this alert.
Warning HA Control Link Down
Warning Loop detected (by AP)
Warning Mist Edge service crashed  
Warning Switch Bad Optics
Warning Switch BPDU Error
Warning Switch DHCP Pool Exhausted
Warning Switch offline
Warning Switch PEM Alarm
Warning Switch PoE Alarm
Warning Switch Power Supply Alarm
Warning Switch Storage Partition Alarm
Warning Tunnel down
Warning VPN Peer Down
Warning WAN Edge BGP Neighbor Down
Warning WAN Edge DHCP Pool Exhausted
Warning WAN Edge offline x
Warning WAN Edge Source NAT Pool Threshold Exceeded

Marvis Alerts

Marvis alerts are tied into the Marvis Action Dashboard. These alerts are triggered whenever the corresponding Marvis Action is detected in your organization. For example, if an access point (AP) regularly fails health checks, Marvis notices and tracks this event.

The table below provides a listing of Marvis alerts, sorted by severity.

Table 2: Marvis Alerts by Severity
Severity Applies To Alert Name
Critical AP AP health check failed
Critical AP AP insufficient capacity
Critical AP AP insufficient coverage
Critical AP Bad cable
Critical AP Non-compliant
Critical AP Offline (Marvis)
Critical connectivity ARP failure (Marvis)
Critical connectivity Authentication failure (Marvis)
Critical connectivity DHCP failure (Marvis)
Critical connectivity DNS failure (Marvis)
Critical WAN edge Bad cable
Critical WAN edge Bad WAN Uplink
Critical WAN edge Negotiation mismatch
Critical WAN edge VPN Path Down
Critical switch Bad cable
Critical switch Missing VLAN
Critical switch Negotiation mismatch
Critical switch Port Stuck
Critical switch Switch STP Loop
Warning switch Port flap

Security Alerts

Security alerts warn you of activities or events on the network that can cost you in terms of lost data, unauthorized access to the network, or traffic that matches known security threats. Security alerts are raised by repeated events that could dramatically affect network security. For example, if a rogue AP is detected, that represents a potential security problem. If a client connects to a rogue AP, that could be even worse.

Juniper Mist lists all security alerts except those that relate to intrusion detection and prevention (IDP) or URL filtering on the Monitor > Alerts page. You can find IDP and URL filtering events and their severity on the Site > WAN Edge > Secure WAN Edge IDP/URL Events page.

Table 3: Security Alerts by Severity
Severity Alert Name
Critical Client Connection to rogue AP detected
Critical Rogue AP detected
Informational Air Magnet Scan detected
Informational EAP Handshake Flood detected
Warning Active Watched Station detected
Warning Adhoc Network detected
Warning BSSID Spoofing detected
Warning Disassociation Attack detected
Warning EAP Dictionary Attack detected
Warning EAP Failure Injection detected
Warning EAP Spoofed Success detected
Warning EAPOL-Logoff Attack detected
Warning ESSID Jack detected
Warning Excessive Clients detected
Warning Excessive EAPOL-Start detected
Warning Fake AP Flooding detected
Warning Honeypot SSID detected
Warning IDP attack detected
Warning Monkey Jack detected
Warning Out of Sequence detected
Warning Repeated Client Authentication Failures
Warning Replay Injection detected - KRACK Attack
Warning Security Policy Violation
Warning SSID Injection detected
Warning TKIP ICV Attack
Warning URL blocked
Warning Vendor IE Missing
Warning Zero SSID Association Request detected