RX packets dropped ratio too high-checkpoint-gaia
Vendor: checkpoint
OS: gaia
Description:
Indeni tracks the number of packets that had issues and alerts if the ratio is too high.
Remediation Steps:
Packet drops usually occur when the rate of packets received is higher than the device’s ability to handle.
chkp-gaia-clish_show_interfaces_all-vsx
name: chkp-gaia-clish_show_interfaces_all-vsx
description: Run "show interfaces all" over clish in VSX
type: monitoring
monitoring_interval: 5 minute
requires:
vendor: checkpoint
os.name: gaia
vsx: 'true'
role-firewall: 'true'
comments:
network-interface-state:
why: |
To check the network interface state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-admin-state:
why: |
To check the interface admin state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-speed:
why: |
To check the network interface speed for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-duplex:
why: |
To check the network interface duplex state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-ipv4-address:
why: |
To check the network interface ipv4 address for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-ipv4-subnet:
why: |
To check the network interface ipv4 subnet for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-type:
why: |
To check the network interface state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-mtu:
why: |
To check the network interface MTU for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-mac:
why: |
To check the network interface mac for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-description:
why: |
To check the network interface description for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-bits:
why: |
To check the network interface transmitted bits for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-bits:
why: |
To check the network interface recieved bits for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-packets:
why: |
To check the network interface transmitted packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-packets:
why: |
To check the network interface recieved packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-errors:
why: |
To check the network interface "tx-errors" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-dropped:
why: |
To check the network interface "rx-dropped" packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-overruns:
why: |
To check the network interface "tx-overruns" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-overruns:
why: |
To check the network interface "rx-overrruns" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-carrier:
why: |
To check the network interface "tx-carrier" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-frame:
why: |
To check the network interface "rx-frame" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interfaces:
why: |
To list all the network interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-admin-state-logical:
why: |
To check the interface network state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-state-logical:
why: |
To check the network interface logical state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-:
why: |
To check the network interface names for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
file: show-interfaces-all-vsx.remote.1.bash
parse:
type: AWK
file: show-interfaces-all-vsx.parser.1.awk
chkp-gaia-clish_show_interfaces_all-vsx
name: chkp-gaia-clish_show_interfaces_all-vsx
description: Run "show interfaces all" over clish in VSX
type: monitoring
monitoring_interval: 5 minute
requires:
vendor: checkpoint
os.name: gaia
vsx: 'true'
role-firewall: 'true'
comments:
network-interface-state:
why: |
To check the network interface state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-admin-state:
why: |
To check the interface admin state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-speed:
why: |
To check the network interface speed for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-duplex:
why: |
To check the network interface duplex state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-ipv4-address:
why: |
To check the network interface ipv4 address for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-ipv4-subnet:
why: |
To check the network interface ipv4 subnet for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-type:
why: |
To check the network interface state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-mtu:
why: |
To check the network interface MTU for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-mac:
why: |
To check the network interface mac for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-description:
why: |
To check the network interface description for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-bits:
why: |
To check the network interface transmitted bits for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-bits:
why: |
To check the network interface recieved bits for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-packets:
why: |
To check the network interface transmitted packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-packets:
why: |
To check the network interface recieved packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-errors:
why: |
To check the network interface "tx-errors" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-dropped:
why: |
To check the network interface "rx-dropped" packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-overruns:
why: |
To check the network interface "tx-overruns" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-overruns:
why: |
To check the network interface "rx-overrruns" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-carrier:
why: |
To check the network interface "tx-carrier" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-frame:
why: |
To check the network interface "rx-frame" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interfaces:
why: |
To list all the network interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-admin-state-logical:
why: |
To check the interface network state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-state-logical:
why: |
To check the network interface logical state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-:
why: |
To check the network interface names for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
file: show-interfaces-all-vsx.remote.1.bash
parse:
type: AWK
file: show-interfaces-all-vsx.parser.1.awk
cross_vendor_rx_drop
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_rx_drop.scala