Per-virtual-system concurrent connection limit nearing-radware-alteon-os
Vendor: radware
OS: alteon-os
Description:
indeni will trigger an issue the number of connections in a VS is too high.
Remediation Steps:
Review why this may be happening and consider moving some of the traffic between VS’s or devices.
radware-api-config-switchCapSLBSessionsCurrEnt
#! META
name: radware-api-config-switchCapSLBSessionsCurrEnt
description: get number of SLB sessions currently
type: monitoring
monitoring_interval: 1 minute
requires:
os.name: "alteon-os"
vendor: "radware"
#! REMOTE::HTTP
url: /config/switchCapSLBSessionsCurrEnt
protocol: HTTPS
#! PARSER::JSON
_metrics:
-
_value.double:
_value: switchCapSLBSessionsCurrEnt
_tags:
"im.name":
_constant: "concurrent-connections"
"live-config":
_constant: "true"
"display-name":
_constant: "SLB Sessions - Current"
"im.dstype.displayType":
_constant: "number"
radware-api-config-switchCapSLBSessionsMaxEnt
#! META
name: radware-api-config-switchCapSLBSessionsMaxEnt
description: get the maximum number of SLB sessions supported
type: monitoring
monitoring_interval: 59 minute
requires:
os.name: "alteon-os"
vendor: "radware"
or:
-
vsx: "true"
-
standalone: "true"
#! COMMENTS
concurrent-connections-limit:
why: |
It is important to track the limit of possible concurrent SLB sessions that are made with the ADC. This is a separate limitation from PIP utilization and should be tracked as well..
how: |
This script runs the "/config/switchCapSLBSessionsMaxEnt" through the Alteon API gateway.
without-indeni: |
An administrator would need to log in to the device and run a CLI command or run the API command "/config/switchCapSLBSessionsMaxEnt".
can-with-snmp: true
can-with-syslog: false
vendor-provided-management: |
Can be done through Management GUI (Vision or Alteon VX).
#! REMOTE::HTTP
url: /config/switchCapSLBSessionsMaxEnt
protocol: HTTPS
#! PARSER::JSON
_metrics:
-
_value.double:
_value: switchCapSLBSessionsMaxEnt
_tags:
"im.name":
_constant: "concurrent-connections-limit"
"live-config":
_constant: "true"
"display-name":
_constant: "SLB Sessions - Capacity"
"im.dstype.displayType":
_constant: "number"
concurrent_connection_limit_vsx
package com.indeni.server.rules.library
import com.indeni.ruleengine.expressions.OptionalExpression
import com.indeni.ruleengine.expressions.conditions.GreaterThanOrEqual
import com.indeni.ruleengine.expressions.core.{StatusTreeExpression, _}
import com.indeni.ruleengine.expressions.data.{SelectTagsExpression, SelectTimeSeriesExpression, TimeSeriesExpression}
import com.indeni.ruleengine.expressions.math.{DivExpression, TimesExpression}
import com.indeni.server.common.data.conditions.True
import com.indeni.server.params.ParameterDefinition
import com.indeni.server.params.ParameterDefinition.UIType
import com.indeni.server.rules._
import com.indeni.server.rules.library.ConcurrentConnectionsUsageVsxRule.NAME
import com.indeni.server.rules.library.core.PerDeviceRule
import com.indeni.server.sensor.models.managementprocess.alerts.dto.AlertSeverity
case class ConcurrentConnectionsUsageVsxRule() extends PerDeviceRule with RuleHelper {
private[library] val highThresholdParameterName = "High_Threshold_of_Connection_usage"
private val highThresholdParameter = new ParameterDefinition(highThresholdParameterName,
"",
"High Threshold of Concurrent Connection Usage",
"What is the threshold for the concurrent connection usage for which once it is crossed an issue will be triggered.",
UIType.DOUBLE,
80.0)
override val metadata: RuleMetadata = RuleMetadata.builder(NAME, "All Devices: Per-virtual-system concurrent connection limit nearing",
"indeni will trigger an issue the number of connections in a VS is too high.", AlertSeverity.ERROR).configParameter(highThresholdParameter).build()
override def expressionTree(context: RuleContext): StatusTreeExpression = {
val actualValue = TimeSeriesExpression[Double]("concurrent-connections").last
val threshold: OptionalExpression[Double] = getParameterDouble(highThresholdParameter)
val limit = TimeSeriesExpression[Double]("concurrent-connections-limit").last
StatusTreeExpression(
// Which objects to pull (normally, devices)
SelectTagsExpression(context.metaDao, Set(DeviceKey), True),
// What constitutes an issue
StatusTreeExpression(
// The additional tags we care about (we'll be including this in alert data)
SelectTagsExpression(context.tsDao, Set("vs.id","vs.name"), True),
StatusTreeExpression(
// The time-series we check the test condition against:
SelectTimeSeriesExpression[Double](context.tsDao, Set("concurrent-connections", "concurrent-connections-limit"), denseOnly = false),
// The condition which, if true, we have an issue. Checked against the time-series we've collected
GreaterThanOrEqual(
actualValue,
TimesExpression(limit, DivExpression(threshold, ConstantExpression(Some(100.0)))))
// The Alert Item to add for this specific item
).withSecondaryInfo(
scopableStringFormatExpression("${scope(\"vs.name\")} (${scope(\"vs.id\")})"),
scopableStringFormatExpression("Usage of %.0f (vs limit of %.0f) is above the threshold of %.0f%%.", actualValue, limit, threshold),
title = "Affected VS's"
).asCondition()
).withoutInfo().asCondition()
).withRootInfo(
getHeadline(),
ConstantExpression("Some VS's have a high number of concurrent connections.\n\nThis issue was added per the request of <a target=\"_blank\" href=\"http://il.linkedin.com/in/motisagey\">Moti Sagey</a>."),
ConditionalRemediationSteps("Review why this may be happening and consider moving some of the traffic between VS's or devices.",
ConditionalRemediationSteps.VENDOR_CP -> "Consider enabling aggressive aging if it is not yet enabled: https://sc1.checkpoint.com/documents/R76/CP_R76_IPS_AdminGuide/12857.htm#o12861",
ConditionalRemediationSteps.VENDOR_PANOS -> "Compare the products and the maximum sessions allowed: https://www.paloaltonetworks.com/products/product-selection"
)
)
}
}
object ConcurrentConnectionsUsageVsxRule {
/* --- Constants --- */
private[library] val NAME = "concurrent_connection_limit_vsx"
}