This alerts identifies network switches failed authentication.
MITRE ATT&CK Tactics
Network Switches (Syslog)
Approved pen tests
1. Change admin/root/administrator account password
2. Login into the switch console and review change history
3. Block IP address which requested the console access via the perimeter firewall
4. Investigate the possibility to use MFA for console access