Log messages in the range 500-599 are alerts. Alert messages indicate a security rule has been triggered. This could mean that someone is attempting to violate your network. You should investigate when these messages are issued. The message number, the message text, and a description of these messages follow:
One of the security rules has been triggered. These rules indicate how many attempts from the hosts listed on the same line in the configuration file are allowed in a certain amount of time. By default, the security rule is 3 in 5 minutes, 5 in 15 minutes, 10 in 1 hour, 25 in one day, and 100 in one week.
While checking the hardware ethernet address on host, a different one, etheraddr, than the one given in the config file was returned by ARP. The connection for host is dropped.
In trying to verify the identity of host host, the Eagle looked up the host name, and the returned ipaddr2 didn't match the original idaddr1. This check is done to spot someone trying to spoof the IP address of another machine. The connection is dropped.
The Vulture routine found an unauthorized user program running and killed it.