RX packets overrun-checkpoint-gaia
Vendor: checkpoint
OS: gaia
Description:
Indeni tracks the number of packets that had issues and alerts if the ratio is too high.
Remediation Steps:
Packet overruns usually occur when there are too many packets being inserted into the port’s memory buffer, faster than the rate at which the kernel is able to process them.
chkp-gaia-clish_show_interfaces_all-vsx
name: chkp-gaia-clish_show_interfaces_all-vsx
description: Run "show interfaces all" over clish in VSX
type: monitoring
monitoring_interval: 5 minute
requires:
vendor: checkpoint
os.name: gaia
vsx: 'true'
role-firewall: 'true'
comments:
network-interface-state:
why: |
To check the network interface state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-admin-state:
why: |
To check the interface admin state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-speed:
why: |
To check the network interface speed for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-duplex:
why: |
To check the network interface duplex state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-ipv4-address:
why: |
To check the network interface ipv4 address for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-ipv4-subnet:
why: |
To check the network interface ipv4 subnet for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-type:
why: |
To check the network interface state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-mtu:
why: |
To check the network interface MTU for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-mac:
why: |
To check the network interface mac for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-description:
why: |
To check the network interface description for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-bits:
why: |
To check the network interface transmitted bits for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-bits:
why: |
To check the network interface recieved bits for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-packets:
why: |
To check the network interface transmitted packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-packets:
why: |
To check the network interface recieved packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-errors:
why: |
To check the network interface "tx-errors" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-dropped:
why: |
To check the network interface "rx-dropped" packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-overruns:
why: |
To check the network interface "tx-overruns" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-overruns:
why: |
To check the network interface "rx-overrruns" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-carrier:
why: |
To check the network interface "tx-carrier" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-frame:
why: |
To check the network interface "rx-frame" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interfaces:
why: |
To list all the network interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-admin-state-logical:
why: |
To check the interface network state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-state-logical:
why: |
To check the network interface logical state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-:
why: |
To check the network interface names for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
file: show-interfaces-all-vsx.remote.1.bash
parse:
type: AWK
file: show-interfaces-all-vsx.parser.1.awk
chkp-gaia-clish_show_interfaces_all-vsx
name: chkp-gaia-clish_show_interfaces_all-vsx
description: Run "show interfaces all" over clish in VSX
type: monitoring
monitoring_interval: 5 minute
requires:
vendor: checkpoint
os.name: gaia
vsx: 'true'
role-firewall: 'true'
comments:
network-interface-state:
why: |
To check the network interface state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-admin-state:
why: |
To check the interface admin state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-speed:
why: |
To check the network interface speed for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-duplex:
why: |
To check the network interface duplex state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-ipv4-address:
why: |
To check the network interface ipv4 address for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-ipv4-subnet:
why: |
To check the network interface ipv4 subnet for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-type:
why: |
To check the network interface state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-mtu:
why: |
To check the network interface MTU for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-mac:
why: |
To check the network interface mac for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-description:
why: |
To check the network interface description for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-bits:
why: |
To check the network interface transmitted bits for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-bits:
why: |
To check the network interface recieved bits for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-packets:
why: |
To check the network interface transmitted packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-packets:
why: |
To check the network interface recieved packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-errors:
why: |
To check the network interface "tx-errors" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-dropped:
why: |
To check the network interface "rx-dropped" packets for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-overruns:
why: |
To check the network interface "tx-overruns" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-overruns:
why: |
To check the network interface "rx-overrruns" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-tx-carrier:
why: |
To check the network interface "tx-carrier" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-rx-frame:
why: |
To check the network interface "rx-frame" for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interfaces:
why: |
To list all the network interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-admin-state-logical:
why: |
To check the interface network state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-state-logical:
why: |
To check the network interface logical state for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
network-interface-:
why: |
To check the network interface names for all the interfaces on the system
how: |
By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
command "show interfaces all"
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
file: show-interfaces-all-vsx.remote.1.bash
parse:
type: AWK
file: show-interfaces-all-vsx.parser.1.awk
cross_vendor_rx_overrun
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_rx_overrun.scala