CPU monitoring enabled-bluecoat-sgos

CPU monitoring enabled-bluecoat-sgos
0

CPU monitoring enabled-bluecoat-sgos

Vendor: bluecoat

OS: sgos

Description:
CPU monitor provides very useful data when troubleshooting a ProxySG that is experiencing a high CPU related issue. The CPU monitor should only be enabled when troubleshooting a high CPU issue as it can increase CPU utilization by 2-4% depending on the platform. Indeni will alert if CPU monitoring is enabled.

Remediation Steps:
The CPU monitor should be used for tubleshooting a ProxySG that is experiencing a high CPU related issue.
|(Can be done using the live config or using the “show cpu-monitor” command)
|Otherwise it should be disabled because it increases the CPU utilization:
|1. Log into the ProxySG via SSH.
|2. Enter the following commands:
|# en
|# configure terminal
|# (config) diagnostics
|# (config diagnostics) cpu-monitor disable
|3. Verify that CPU monitor is disabled by entering the “show cpu-monitor” command.

How does this work?
Indeni logs in over SSH and executes “show cpu-monitor”. The output includes the current cpu usage of each proccess.

Why is this important?
CPU monitor provides very useful data when troubleshooting a ProxySG that is experiencing a high CPU related issue. The CPU monitor should only be enabled when troubleshooting a high CPU issue as it can increase CPU utilization by 2-4% depending on the platform. All other times CPU monitor should be disabled.

Without Indeni how would you find this?
An administrator could login and manually run the command.

bluecoat-show-cpu-monitor

name: bluecoat-show-cpu-monitor
description: Fetch cpu monitor statistics
type: monitoring
monitoring_interval: 5 minutes
requires:
    vendor: bluecoat
    os.name: sgos
comments:
    cpu-monitor-enabled:
        why: |
            CPU monitor provides very useful data when troubleshooting a ProxySG that is experiencing a high CPU related issue. The CPU monitor should only be enabled when troubleshooting a high CPU issue as it can increase CPU utilization by 2-4% depending on the platform.  All other times CPU monitor should be disabled.
        how: |
            Indeni logs in over SSH and executes "show cpu-monitor".  The output includes the current cpu usage of each proccess.
        without-indeni: |
            An administrator could login and manually run the command.
        can-with-snmp: false
        can-with-syslog: false
    process-cpu:
        skip-documentation: true
steps:
-   run:
        type: SSH
        command: show cpu-monitor
    parse:
        type: AWK
        file: show-cpu-monitor.parser.1.awk

BlueCoatCPUMonitorRule

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.bluecoat.proxysg

import com.indeni.ruleengine.expressions.conditions.{Equals => RuleEquals, Not => RuleNot, Or => RuleOr}
import com.indeni.ruleengine.expressions.data.SnapshotExpression
import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.SingleSnapshotValueCheckTemplateRule
import com.indeni.server.sensor.models.managementprocess.alerts.dto.AlertSeverity
import com.indeni.server.rules.library.RuleHelper

/**
  *
  */
case class BlueCoatCPUMonitorRule() extends SingleSnapshotValueCheckTemplateRule(
  ruleName = "BlueCoatCPUMonitorRule",
  ruleFriendlyName = "Blue Coat Devices: CPU monitoring enabled",
  ruleDescription = "CPU monitor provides very useful data when troubleshooting a ProxySG that is experiencing a high CPU related issue. The CPU monitor should only be enabled when troubleshooting a high CPU issue as it can increase CPU utilization by 2-4% depending on the platform. Indeni will alert if CPU monitoring is enabled.",
  severity = AlertSeverity.WARN,
  metricName = "cpu-monitor-enabled",
  alertDescription = "CPU monitoring is enabled",
  baseRemediationText = """The CPU monitor should be used for tubleshooting a ProxySG that is experiencing a high CPU related issue.
                          |(Can be done using the live config or using the "show cpu-monitor" command)
                          |Otherwise it should be disabled because it increases the CPU utilization:
                          |1. Log into the ProxySG via SSH.
                          |2. Enter the following commands:
                          |# en
                          |# configure terminal
                          |# (config) diagnostics
                          |# (config diagnostics) cpu-monitor disable
                          |3. Verify that CPU monitor is disabled by entering the "show cpu-monitor" command.""".stripMargin,
  complexCondition = RuleEquals(RuleHelper.createComplexStringConstantExpression("true"), SnapshotExpression("cpu-monitor-enabled").asSingle().mostRecent().value().noneable))()