About Events

The Events page provides information about events generated in Wi-Fi Cloud. You can view, filter, locate, and acknowledge events, mark events as read or unread, and decide if the event contributes to the vulnerability of a location. You can also print the list of events for a specific location.

Events are classified as Security or System.

Security events are related to wireless security threats. For example, Wi-Fi Cloud generates a security alert if a rogue AP tries to access the network.

Security events are further categorized based on the wireless security threats:

  • Events generated by rogue APs
  • Events generated by misconfigured APs
  • Events generated by misbehaving clients
  • Events generated by ad hoc networks
  • Events generated by man-in-the-middle attacks
  • Events generated by DoS (denial of service) attacks
  • Events generated by MAC spoofing
  • Events generated because of prevention
  • Events generated by wireless reconnaissance
  • Events generated by cracking of the wireless network

System events refer to the health of the system. These are further categorized into Device and Server events.

For more details on the types of events that can occur, see Wi-Fi Cloud Events and Alerts.

The Events page is divided into two panes. The upper pane displays a list of events for the selected location. The lower pane displays widgets that contain sub-events, devices in the event, and sub-events that are related to the event you select in the upper pane. A maximum of 50 sub-events per event are presented in certain types of deployments. Other deployments can present up to 25 sub-events for an event.

When you select a device in the Devices in Selected Sub-event widget, you can view more information about the device. This device information is available in certain types of deployments only.

The toolbar contains icons that you can use to change the location, change the vulnerability status of events, acknowledge events, delete events, and print events.

This table describes the event-related fields displayed in the upper pane of the Events page.




System-generated event ID for the event.

Event Severity

Severity of the event indicated by icons. Severity could be high, medium or low.

Event Activity Status

Event status indicated by icons. The possible values are: live, instantaneous, updated, and expired.


Event description.


Event category.


Location where the event has occurred.

Start Time

Time at which the event has started.

Event Read Status

Indicates whether the event is read, unread, acknowledged, or unacknowledged.

Event Vulnerability Status

Indicates if the event vulnerability status is enabled or disabled. If the event enables the vulnerability status, the location where the security event occurred displays a red X on the icon of the location in Manage, or a red folder in Discover.

Event Type

Type of event. The type is indicated by icons. The possible values are: security, system, and performance.

Stop Time

Time at which the event stopped.