Policy

The policy category contains events that are related to administration of network policy and the monitoring network resources for policy violations.

The following table describes the low-level event categories and associated severity levels for the policy category.

Table 1. Low-level categories and severity levels for the policy category
Low-level event category	Category ID	Description	Severity level (0 - 10)
Unknown Policy Violation	9001	Indicates an unknown policy violation.	2
Web Policy Violation	9002	Indicates a web policy violation.	2
Remote Access Policy Violation	9003	Indicates a remote access policy violation.	2
IRC/IM Policy Violation	9004	Indicates an instant messenger policy violation.	2
P2P Policy Violation	9005	Indicates a Peer-to-Peer (P2P) policy violation.	2
IP Access Policy Violation	9006	Indicates an IP access policy violation.	2
Application Policy Violation	9007	Indicates an application policy violation.	2
Database Policy Violation	9008	Indicates a database policy violation.	2
Network Threshold Policy Violation	9009	Indicates a network threshold policy violation.	2
Porn Policy Violation	9010	Indicates a porn policy violation.	2
Games Policy Violation	9011	Indicates a games policy violation.	2
Misc Policy Violation	9012	Indicates a miscellaneous policy violation.	2
Compliance Policy Violation	9013	Indicates a compliance policy violation.	2
Mail Policy Violation	9014	Indicates a mail policy violation.	2
IRC Policy Violation	9015	Indicates an IRC policy violation	2
IM Policy Violation	9016	Indicates a policy violation that is related to instant message (IM) activities.	2
VoIP Policy Violation	9017	Indicates a VoIP policy violation	2
Succeeded	9018	Indicates a policy successful message.	1
Failed	9019	Indicates a policy failure message.	4
Data Loss Prevention Policy Violation	9020	Indicates a data loss prevention policy violation.	2
Watchlist Object	9021	Indicates a watchlist object.	2
Web Policy Allow	9022	Indicates a new web policy allowance.	1