RX packets experienced errors-checkpoint-ipso
Vendor: checkpoint
OS: ipso
Description:
Indeni tracks the number of packets that had issues and alerts if the ratio is too high.
Remediation Steps:
Packet errors usually occur when there is a mismatch in the speed and duplex settings on two sides of a cable, or a damaged cable.
chkp-ipso-interfaces-novsx
name: chkp-ipso-interfaces-novsx
description: Get interface information
type: monitoring
monitoring_interval: 1 minute
requires:
vendor: checkpoint
and:
- os.name: ipso
- or:
- vsx:
neq: 'true'
- mds: 'true'
comments:
network-interface-state:
why: |
Interfaces in the "down" state could result in downtime or reduced redundancy.
how: |
The state of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-admin-state:
why: |
If the interface is disabled, then it is okay for it to be down. If the interface is enabled however, it should be up.
how: |
The state of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-speed:
why: |
If the interface speed is set to a low value, this could mean auto-negotiation is not working correctly and the interface does not utilize the full bandwidth available.
how: |
The speed of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-duplex:
why: |
If the interface has half-duplex setting, this will reduce throughput, and should be investigated.
how: |
The duplex of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-ipv4-address:
why: |
To be able to search for IP addresses in indeni, this data needs to be stored.
how: |
The IP address of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-ipv4-subnet:
why: |
To be able to search for IP addresses in indeni, this data needs to be stored.
how: |
The subnet of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-type:
why: |
The type of interface can be useful for administrators.
how: |
The type of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-mtu:
why: |
The MTU sometimes needs to be adjusted. Storing this gives an administrator an easy way to view the MTU from a large number of devices, as well as identifying incorrectly set MTU.
how: |
The MTU of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-mac:
why: |
To be able to search for MAC addresses in indeni, this data needs to be stored.
how: |
The MAC address of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-description:
why: |
The description is an important way to identify interfaces.
how: |
Retrive the information by parsing the IPSO database in /config/active.
can-with-snmp: true
can-with-syslog: false
network-interface-tx-bits:
why: |
It is useful to know how much data has been transmitted by the interface.
how: |
How many bits sent by the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interface-rx-bits:
why: |
It is useful to know how much data has been received by the interface.
how: |
How many bits received by the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interface-tx-packets:
why: |
It is useful to know how many packets have been transmitted by the interface.
how: |
How many packets sent by the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interface-rx-packets:
why: |
It is useful to know how many packets have been received by the interface.
how: |
How many packets received by the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interface-tx-errors:
why: |
Transmit errors on an interface could indicate a problem.
how: |
The amount of transmit errors for the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interface-rx-dropped:
why: |
Dropped packets on an interface could indicate a problem and potential traffic loss.
how: |
The amount of receive drops for the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interfaces:
why: |
To check get the list of network interfaces over the environment
how: |
By collecting the information about the interfaces can be obtained with "ifconfig -a"
can-with-snmp: true
can-with-syslog: false
network-interface-tx-collisions:
why: |
To check the number of tx-collisions over all the network interfaces, high numbers could be a result of
misconfiguration on duplex-speed
how: |
The amount of network interface tx-collisions for the interface is retrieved by running "ifconfig -a"
can-with-snmp: true
can-with-syslog: false
network-interface-rx-errors:
why: |
To check the number of network interface "rx-errors" over all the network interfaces, high numbers could
be a result of misconfiguration on duplex-speed
how: |
The amount of network interface tx-collisions for the interface is retrieved by running "ifconfig -a"
can-with-snmp: true
can-with-syslog: false
steps:
- run:
type: SSH
file: show-interfaces-all-novsx.remote.1.bash
parse:
type: AWK
file: show-interfaces-all-novsx.parser.1.awk
chkp-ipso-interfaces-novsx
name: chkp-ipso-interfaces-novsx
description: Get interface information
type: monitoring
monitoring_interval: 1 minute
requires:
vendor: checkpoint
and:
- os.name: ipso
- or:
- vsx:
neq: 'true'
- mds: 'true'
comments:
network-interface-state:
why: |
Interfaces in the "down" state could result in downtime or reduced redundancy.
how: |
The state of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-admin-state:
why: |
If the interface is disabled, then it is okay for it to be down. If the interface is enabled however, it should be up.
how: |
The state of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-speed:
why: |
If the interface speed is set to a low value, this could mean auto-negotiation is not working correctly and the interface does not utilize the full bandwidth available.
how: |
The speed of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-duplex:
why: |
If the interface has half-duplex setting, this will reduce throughput, and should be investigated.
how: |
The duplex of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-ipv4-address:
why: |
To be able to search for IP addresses in indeni, this data needs to be stored.
how: |
The IP address of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-ipv4-subnet:
why: |
To be able to search for IP addresses in indeni, this data needs to be stored.
how: |
The subnet of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-type:
why: |
The type of interface can be useful for administrators.
how: |
The type of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-mtu:
why: |
The MTU sometimes needs to be adjusted. Storing this gives an administrator an easy way to view the MTU from a large number of devices, as well as identifying incorrectly set MTU.
how: |
The MTU of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-mac:
why: |
To be able to search for MAC addresses in indeni, this data needs to be stored.
how: |
The MAC address of the interface is retrieved by running "ifconfig -a".
can-with-snmp: true
can-with-syslog: false
network-interface-description:
why: |
The description is an important way to identify interfaces.
how: |
Retrive the information by parsing the IPSO database in /config/active.
can-with-snmp: true
can-with-syslog: false
network-interface-tx-bits:
why: |
It is useful to know how much data has been transmitted by the interface.
how: |
How many bits sent by the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interface-rx-bits:
why: |
It is useful to know how much data has been received by the interface.
how: |
How many bits received by the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interface-tx-packets:
why: |
It is useful to know how many packets have been transmitted by the interface.
how: |
How many packets sent by the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interface-rx-packets:
why: |
It is useful to know how many packets have been received by the interface.
how: |
How many packets received by the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interface-tx-errors:
why: |
Transmit errors on an interface could indicate a problem.
how: |
The amount of transmit errors for the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interface-rx-dropped:
why: |
Dropped packets on an interface could indicate a problem and potential traffic loss.
how: |
The amount of receive drops for the interface is retrieved by running "netstat -idb".
can-with-snmp: true
can-with-syslog: false
network-interfaces:
why: |
To check get the list of network interfaces over the environment
how: |
By collecting the information about the interfaces can be obtained with "ifconfig -a"
can-with-snmp: true
can-with-syslog: false
network-interface-tx-collisions:
why: |
To check the number of tx-collisions over all the network interfaces, high numbers could be a result of
misconfiguration on duplex-speed
how: |
The amount of network interface tx-collisions for the interface is retrieved by running "ifconfig -a"
can-with-snmp: true
can-with-syslog: false
network-interface-rx-errors:
why: |
To check the number of network interface "rx-errors" over all the network interfaces, high numbers could
be a result of misconfiguration on duplex-speed
how: |
The amount of network interface tx-collisions for the interface is retrieved by running "ifconfig -a"
can-with-snmp: true
can-with-syslog: false
steps:
- run:
type: SSH
file: show-interfaces-all-novsx.remote.1.bash
parse:
type: AWK
file: show-interfaces-all-novsx.parser.1.awk
cross_vendor_rx_error
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_rx_error.scala