Interface nearing maximum Tx throughput-checkpoint-ipso

Interface nearing maximum Tx throughput-checkpoint-ipso

Vendor: checkpoint

OS: ipso

Description:
The interface is close to its maximum advertised throughput limit. Intermittent connectivity issues may occur such as network performance degradation or the inability to reach resources. This could be due to poor capacity management or user activity such as video streaming or file transfers. This could also be due to unexpected and suspicious activity.

Remediation Steps:
Follow the vendor specific remediation steps below.
Check point’s CLI cpview or SmartView Monitor tool can be used to view network top talkers such as source, destination, and protocol(s).
|Based on this information, it can be determined as to whether selected traffic should be blocked or dropped. If the throughput threshold reached is expected, consider adding more interfaces or modifying any applicable packet shaping.

How does this work?
Indeni will record the total bytes transmitted, wait a pre-determined amount of time and then record it again. By comparing before and after a value for how many bytes sent during the period of time can be determined.

Why is this important?
If the throughput reaches the limit, packets will be dropped.

Without Indeni how would you find this?
An administrator could login and manually check this from the command line interface.

chkp-ipso-throughput-alert

name: chkp-ipso-throughput-alert
description: Check the current throughput for recieve and transmit for interfaces.
type: monitoring
monitoring_interval: 1 minutes
requires:
    vendor: checkpoint
    os.name: ipso
comments:
    network-interface-tx-util-percentage:
        why: |
            If the throughput reaches the limit, packets will be dropped.
        how: |
            Indeni will record the total bytes transmitted, wait a pre-determined amount of time and then record it again. By comparing before and after a value for how many bytes sent during the period of time can be determined.
        can-with-snmp: true
        can-with-syslog: false
    network-interface-rx-util-percentage:
        why: |
            If the throughput reaches the limit, packets will be dropped.
        how: |
            Indeni will record the total bytes received, wait a pre-determined amount of time and then record it again. By comparing before and after a value for how many bytes sent during the period of time can be determined.
        can-with-snmp: true
        can-with-syslog: false
steps:
-   run:
        type: SSH
        command: ${nice-path} -n 15 ifconfig -a ; netstat -idb ; sleep 10 ; netstat
            -idb
    parse:
        type: AWK
        file: throughput-alert.parser.1.awk

cross_vendor_interface_tx_utilization

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_network_interface_tx_util_percentage.scala