Audit Trail Events from CyberKeys
CyberLock Events Cyber Access Events
| Event | Description | |||
| 1 | Reset | For keys manufactured after October 2008 this is a non-power related CPU reset. For keys manufactured before that time it is a general reset that applies to all the categories shown below as event -3 to -22. | ||
| 2 | Multi-key access key 1 | The first key for multi-key access was accepted by the lock. | ||
| 3 | Multi-key access key 2 | The second key for multi-key access was accepted by the lock. | ||
| 4 | Multi-key access key 3 | The third key for multi-key access was accepted by the lock. | ||
| 5 | Multi-key access key 4 | The fourth key for multi-key access was accepted by the lock. | ||
| 6 | Authorized to open | * | ||
| 8 | Authorized to open (bypass multikey) | Lock has a multi-key setting bypassed from instruction in schedule. | ||
| 8 | Authorized to open (bypass delay) | Lock has a delay setting bypassed from instruction in schedule. | ||
| 8 | Authorized to open (b) | Lock had no multi-key or delay setting when key was configured. Key was configured to bypass multi-key or delay for this lock. | ||
| 7 | Master key authorized | * | ||
| 9 | Programmer or No-Open contact | Programmer contact -or- Contact with lock using a No-Open schedule. Key beeped 3 times. | ||
| 10 | Lock reset attempted | Subsystem reset keys or Gen2 CyberKeys with CyberLocks in Gen 2 mode only. | ||
| 11 | Unprogrammed lock - authorized | If a key is operating within its key schedule (i.e. not expired) and if the key is not disabled, it is automatically authorized to open a lock that is not programmed. | ||
| 12 | No lock ID - authorized | This event should never occur. It indicates that the lock was not set up with an ID. It cannot be programmed and will not function in a CyberAudit system. | ||
| 13 | Key in lock more than 1 minute -or- removed from lock | Keys in a subsystem may be configured to report all "removed from lock" events. The message text will depend on this setting | ||
| 14 | Access code failed | This message will occur if:
|
||
| 15 | Key authorization blocked by lock | The key has been disabled either by:
|
||
| 16 | Hardware mismatch - access denied | This event indicates:
|
||
| 17 | Out of schedule for lock | The key found the lock ID in its lock list but the time of contact with the lock was not during the associated
schedule valid operating time.
|
||
| 18 | Key expired or out of schedule | If it is a master key, it could generate this event if:
|
||
| 19 | Access Denied - No Permissions | The ID of the Lock was not found in the key's lock list. | ||
| 20 | Key disabled | This is a special "out of schedule" condition set by communicators to disable a CyberKey when it is prompting for a PIN or returning a CyberKey to a Vault. | ||
| 25 | CyberKey programmed by Grand Master | A Grand Master records this event when it programs an emergency key. | ||
| 64 | Generation 2 CyberKey error code | A Generation 2 CyberKey recorded an error condition with an error code. | ||
| 66 | WiFi Network Connection | Indicates an attempt by CyberKey Air to connect to a wifi network. Indicates an attempt, success, or failure to connect to either an adhoc or infrastructure wLAN. | ||
| 67 | Generation 2 Key Temporary Activation-CyberLock | Indicates an expired Generation 2 CyberKey contacted a CyberLock or CyberPoint that extended its expiration for an amount of time. | ||
| 80 | CyberLock access denied - delayed activation | A Generation 2 CyberKey contacted a lock or CyberPoint but the key's activation was delayed. | ||
| 81 | Lock activation completed-CyberLock | A Generation 2 CyberKey contacted a lock or CyberPoint that met it's requirement for a delayed activation. | ||
| 82 | Mobile activation completed | A Generation 2 CyberKey Blue 2, CyberKey Blue 3 or CyberKey Flash met a delayed activation requirement via its Bluetooth® connection. | ||
| 83 | Delayed activation completed | A Generation 2 CyberKey met all of its requirements for delayed activation and was activated for use. | ||
| 84 | Deactivated by Bluetooth device | A CyberKey Blue 2 or CyberKey Flash CyberKey received a deactivation command from an Android or iOS Bluetooth device and will not open locks until it is activated again using the Bluetooth device. | ||
| 85 | Bluetooth connection verified | A CyberKey Blue 2 or CyberKey Flash CyberKey connected was verified to a permitted Android or iOS Bluetooth device. | ||
| 86 | Bluetooth disconnected | A CyberKey Blue 2 or CyberKey Flash CyberKey disconnected from a verified Android or iOS Bluetooth device. | ||
| 87 | Parameters denied by lock | Access to the lock was denied because the access parameters sent to the CyberLock in Gen2 mode did not meet the lock's requirements. | ||
| 88 | Corrupt cyberLock memory | The CyberLock reported memory corruption. If this error is repeatable a CyberLock Programmer II may be used to reset and reprogram the lock. | ||
| 89 | Incompatible lock setting | A Gen2 CyberKey or CyberLock Programmer II attempted to program a CyberLock in Gen2 mode with invalid settings from the server. | ||
| 90 | No Access Code for lock | The Gen 2 CyberKey has the correct access permissions but does not have an access code to open the lock. | ||
| 91 | Multi-key wrong lock | A Gen2 CyberKey is already authorized to open a multi-key CyberLock but touched a different CyberLock. Access is denied. | ||
| 92 | Multi-key wrong key | A Gen2 CyberKey touched a CyberLock that has authorized a different CyberKey for multi-key access. Access is denied. | ||
| 93 | Access Code Mismatch | A Gen2 CyberKey is authorized to open a CyberLock that's in Gen2 mode but the lock is currently in Gen1 mode. | ||
| The following events are associated with IR access to FlashLocks and CyberLock Blue | ||||
| 117 | Out of schedule for lock | The Gen2 CyberKey found the lock ID in its lock list but the time of contact with the
lock was not during the associated schedule valid operating time.
|
||
| 118 | Key expired or out of schedule | This event could occur if:
|
||
| 119 | Access Denied - No Permissions | The ID of the lock was not found in the key's lock list. | ||
| 120 | Key is disabled | When the CyberKey attempted to open the lock it immediately failed because the key was previously disabled by a CyberLock or communicator. | ||
| 130 | Lock comm failed | A CyberKey or fob found a lock but failed to establish communications with it. | ||
| 131 | No Lock found | A CyberKey or fob failed to find a lock within its eight second search time. | ||
| 133 | Access granted to Lock | * | ||
| 135 | Access denied by Lock | This may occur for one of two reasons:
|
||
| 137 | Out of schedule for Lock | The fob found the lock ID in its lock list but the time of contact with the
lock was not during the associated schedule valid operating time.
|
||
| 138 | Access denied - no permisssions | The ID of the lock was not found in the fob's lock list. | ||
| 141 | Lock is not programmed | The lock granted access to the CyberKey or fob but the lock has not been programmed with its access code and is not secured. | ||
| The following CyberKey events are associated with IR access to doors | ||||
| 150 | Door IR Access Error | A CyberKey Flash, CyberKey Air2, or CyberKey Blue 3 attempted access by sending
an IR signal to a FlashReader or FlashReader Keypad and received an error.
Error numbers are as follows:
|
||
| 151 | No credentials for IR door access | IR access requires the CyberKey to have credentials. If no credentials have been loaded into the key, this event will occur when a reader responds to an IR request. | ||
| 152 | IR door access granted | * | ||
| 153 | Out of schedule for door | The key holder has door access permission but not at the current time. | ||
| 154 | No permission for door | The person has no access permissions for the door. | ||
| 155 | wrong access code for door | The key presented an incorrect access code for the door. This could occur if the key does not belong to the system. | ||
| 156 | Door lockdown | The door is currently locked down via an inter-hub signal and does not permit access. | ||
| 157 | Door clock unreliable | Due to a power outage or hardware issue, the clock on the Flex II controller is not reliable and cannot grant access. | ||
| 158 | Door cache expired | The Flex II controller has been off line too long and has invalidated its cached records. Access is denied. | ||
| 159 | Access approved - waiting for PIN | IR access to the key has been approved pending a correct PIN entry. | ||
| 160 | Key Expired or Out of Schedule (door) | The CyberKey is expired or out of schedule. It may not be used to gain access to a door. | ||
| 161 | Door access denied-Delayed Activation | The CyberKey's activation is delayed and may not be used to gain access to a door. | ||
| 167 | Geneneration 2 Key Temporary Activation-IR | Indicates an expired Generation 2 CyberKey contacted a lock by IR that extended its expiration for an amount of time. | ||
| 180 | Lock access denied-delayed activation | A Generation 2 CyberKey attempted to open a lock but the key's activation was delayed. | ||
| 181 | Lock activation completed-IR | A Generation 2 CyberKey communicated with a lock that met it's requirement for a delayed activation. | ||
| 183 | Delayed activation completed by IR | A Generation 2 CyberKey met all of its requirements for delayed activation and was activated for use. | ||
| 184 | CyberLock Blue Command Fail | A Generation 2 CyberKey encountered an error when attempting to open a CyberLock Blue. | ||
| 185 | Key Not Configured for CyberLock Blue | A Generation 2 CyberKey must be issued to a person be programmed with a mission to open a CyberLock Blue. A disabled key or subsystem key cannot open a CyberLock Blue. | ||
| -2 | No Open Contact | Contact with a CyberPoint or contact with a lock using a No-Open schedule. | ||
| -3 | Low Battery | The key's battery was below its threshold during one of the key's periodic reads or during a lock opening. If the read was during a lock opening, the key emitted a low tone beep once every eight seconds for one minute. Lock column contains voltage data from battery and capacitor. Applies to Generation 1 CyberKey's manufactured after October 2008. | ||
| -4 | Dead Battery | The battery voltage dropped below operating voltage during one of it periodic reads or during a lock opening. If the read was during a lock opening, the key emitted a single high tone beep followed by a low tone beep once every eight seconds for one minute. Lock column contains voltage data from battery and capacitor. Applies to Generation 1 CyberKeys manufactured after October 2008. | ||
| -5 | Scheduled Battery Reading | The key reads and records its battery level daily, after midnight local time. Lock column contains voltage data from battery and capacitor. Applies to Generation 1 CyberKey's manufactured after October 2008. | ||
| -6 | Power restored | When the key comes up from low or no voltage, the processor starts and triggers this event. Applies to Generation 1 CyberKey's manufactured after October 2008 and CyberKey X. | ||
| -7 | Power restored | When the key comes up from low or no voltage, the processor starts and triggers this event. Applies to some Generation 1 CyberKey's . | ||
| -9 | E2 Access | Failure to read memory. Applies to Generation 1 CyberKey's manufactured after October 2008. | ||
| -10 | Write Event Failed | Failure to write to memory. Applies to Generation 1 CyberKey's manufactured after October 2008. | ||
| -14 | Bluetooth Init Fail | CyberKey Blue failed to start its Bluetooth® engine | ||
| -15 | Format Dataflash | CyberKey II formatted its audit trail data storage memory. This can occur with certain firmware updates. | ||
| -17 | Corrupt Key Event | CyberKey II internal code found a problem with an audit trail event. | ||
| -18 | Corrupt RAM | CyberKey II internal code found a problem with its code execution memory. | ||
| -19 | CyberKey II - Corrupt Dataflash | CyberKey II internal code found a problem with its data storage memory. | ||
| -20 | Audit Trail Events Removed | CyberKey II received an instruction to clear its audit trail data. This occurs after the key is downloaded and the data is captured in the communicator or by CyberAudit-Web. | ||
| -22 | Gen 2 Key Startup | The Generation 2 CyberKey system has restarted. Battery voltage is measured at that time. | ||
Audit Trail Events from CyberLocks
CyberKey Events
Cyber Access Events
| Event | Description | |
| 34 | Multi-key access key 1 | The first key for multi-key access was accepted by the lock. |
| 35 | Multi-key access key 2 | The second key for multi-key access was accepted by the lock. |
| 36 | Multi-key access key 3 | The third key for multi-key access was accepted by the lock. |
| 37 | Multi-key access key 4 | The fourth key for multi-key access was accepted by the lock. |
| 38 | Authorized to open | * |
| 39 | Master key authorized | * |
| 40 | Authorized to open (b) | The key was granted access and no multi-key or delay lock setting was found. |
| 40 | Authorized to open (bypass multikey) | Lock had a multi-key setting which the key bypassed from an instruction in the schedule corresponding to the lock |
| 40 | Authorized to open (bypass delay) | Lock had a delay setting which the key bypassed from an instruction in the schedule corresponding to the lock |
| 41 | Programmer or No-Open contact | Programmer contact -or- Contact with lock using a No-Open schedule. Key beeped 3 times. |
| 42 | Lock reset successful | System reset keys only - if a reset key grants access but does not successfully reset the lock, the lock will record a "Master key authorized" event. |
| 43 | Unprogrammed lock - authorized | * |
| 44 | No lock ID - authorized | This event should never occur. It indicates that the lock was not set up with an ID. It cannot be programmed and will not function in a CyberAudit system. |
| 46 | Access denied | The lock reports this event when it receives a "bad access code." Keys in a subsystem may be set to generate"no access" events in locks they are not permitted to open. In those cases where access is denied, they send a "bad access code" to the lock to generate this event. |
| 47 | Key authorization blocked | The key has been disabled by the lock because the key was designated as "lost" and the lock was designated as a disabling point. |
| 48 | Hardware mismatch - access denied | This event should never occur. It indicates manufacturing difference between lock and key. |
| 51 | CyberLock reset | A Gen2 CyberLock was reset to an insecure state. This may occur as a first step when changing from Gen1 mode to Gen2 mode. |
| 65 | Parameters denied | Access to the lock was denied because the access parameters sent to the CyberLock in Gen2 mode did not meet the lock's requirements. |
| 70 | Audit Trail Downloaded | Audit trail data was downloaded from a CyberLock Blue using CyberLink or CyberAudit Link. |
| 71 | Unprogrammed Lock - Access Granted | An unprogrammed CyberLock Blue was opened by Cyber Access or by a CyberKey or fob. |
| 72 | Access Granted to CyberKey or fob | * |
| 73 | Master Access Granted to CyberKey | A CyberKey configured as a master key presented its master access code to open the CyberLock Blue. |
| 74 | Mobile Access Granted | The CyberLock Blue was opened by the Cyber Access app. |
| 75 | Lock Closed | The CyberLock Blue detected it returned to the secured position. This can only be detected on non-padlock models of CyberLock Blue. Padlock models will not report this event. |
| 76 | Change Access Codes | The Access Codes in the CyberLock Blue were updated from CyberLink or CyberAudit Link. |
| 77 | Clear Access Codes | Access Codes in the CyberLock Blue were cleared because the lock was reset. |
| 78 | Lock Config Updated | Settings other than Access Codes were updated in the CyberLock Blue by CyberLink or CyberAudit Link. |
| 79 | Lost Key or Fob - Access Denied | The key or fob has been disabled by CyberLock Blue because the key was designated as lost and the lock was designated as a disabling point. |
| 80 | Access Codes Grace Expired | Access Codes accompanied with an Old Password Valid Through> date have been invalidated because the expiration date of those passwords have passed. |
| 81 | Knob Paired With Lock | This event will occur when CyberLock Blue is programmed with a new subsystem code or when the knob is installed at the factory. |
| 83 | Clock Set from Server | The clock on the CyberLock Blue was set by CyberLink or CyberAudit Link and the time source came directly from the server. |
| 84 | Minor Clock Adjustment | Cyber Access found the clock on the CyberLock Blue was between 5 seconds and 1 hour off and adjusted it. |
| 85 | Stopped Clock Set | Cyber Access found the clock on the CyberLock Blue was stopped and set it. |
| 87 | Power On / Reset | The firmware in the CyberLock Blue restarted due to a power up or a reset. |
| 88 | Daily Battery Check | The CyberLock Blue records the result of a daily battery check among its daily tasks. It also checks whether any access codes have expired and should be disabled. |
| 90 | Lock left open | A non-padlock model of CyberLock Blue flashed its red LED and beeped to warn it was left open then timed out after five minutes. |
| 91 | Re-lock failed (motor/sensor problem) | The user returned the lock to the locking position but a motor or sensor problem prevented a secure lock. This should not occur. |
| 105 | Programmer II download | A CyberLock Programmer II downloaded a CyberLock. |
| 106 | Programmer II config | CyberLock Programmer II programmed a CyberLock. |
| 129 | Gen2 lock begin config | A CyberKey or CyberLock Programmer II has started programming a CyberLock in Gen 2 mode. |
| 130 | Gen2 lock config completed | A CyberKey or CyberLock Programmer II has successfully completed programming a CyberLock in Gen 2 mode. |
| 131 | Gen2 lock downloaded | A CyberKey or CyberLock Programmer II has completed downloading the audit trail data from a CyberLock in Gen 2 mode. |
| 132 | Key out of schedule for lock | The key found the lock ID in its lock list but the time of contact with the lock was not during the associated
schedule valid operating time.
|
| 133 | Key expired or out of schedule | If it is a master key, it could generate this event if:
|
| 134 | Key no permissions | The ID of the Lock was not found in the key's lock list. |
| -2 | CyberPoint Contact | All permitted contact with a CyberPoint will be seen as this event when the CyberPoint is downloaded. |
| 257 | No overlap with previous lock download | This will happen if the lock has rolled over since the last time it was downloaded. It indicates there is a gap in the data retrieved from the lock. |
| 999 | Unknown lock event | The captured event type is outside the list of known events from the CyberLock. |
Audit Trail Events from Cyber Access
CyberKey Events
CyberLock Events
The Cyber Access app records audit events when interacting with the CyberLock Blue.
| Event | Description | |
| 301 | Cyber Access - Authorized To Open | Cyber Access was granted access to the CyberLock Blue |
| 302 | Cyber Access - Access Denied - Unprogrammed Lock | CyberLock Blue must be programmed with access codes to grant access to Cyber Access. |
| 303 | Cyber Access - Out Of Schedule | Cyber Access found the lock in its lock list but the time of contact with the lock
was not during the associated schedule valid operating time.
|
| 304 | Cyber Access - Cache Expired | CyberLock Blue permissions stored on the mobile device have expired. |
| 305 | Cyber Access - Bad Access Code | The access code used to attempt access was rejected by the CyberLock Blue. |
| 306 | Cyber Access - Lock Closed | Cyber Access captured a "closed" status from a non-padlock model CyberLock Blue. |
| 307 | Cyber Access - No Lock Closed Received | Cyber Access did not capture a "closed" status from a non-padlock model CyberLock Blue because Cyber Access timed out after four and on-half minutes or because the Bluetooth signal was lost. |
| 308 | Cyber Access - Error | The CyberLock Blue returned an error code to the Cyber Access app. |
| 309 | Cyber Access - User Replied 'Yes' to Closing Lock | The Cyber Access user pressed 'Yes' when prompted in a dialog if they closed the lock. |
| 310 | Cyber Access - New PIN accepted | The Cyber Access user set a new PIN. |
| 311 | Cyber Access - Invalid PIN | The Cyber Access user entered the wrong PIN. |
| 312 | Cyber Access - Valid PIN | The Cyber Access user entered the correct PIN. |
| 313 | Cyber Access - Authorized To Open FlashBox | Cyber Access was granted access to the FlashBox. |
| 314 | Cyber Access - Access Denied - Unprogrammed FlashBox | A FlashBox must be programmed with access codes to grant access to Cyber Access. |
| 315 | Cyber Access - Out Of Schedule FlashBox | Cyber Access was out of schedule for the FlashBox found on the server.
|
|
WebStation 2 audit trail events Portable Link audit trail events Web Authorizer audit trail events |
LAN Authorizer audit trail events Flex System audit trail events Audit trails for Doors |
