RX packets overrun-paloaltonetworks-panos
Vendor: paloaltonetworks
OS: panos
Description:
Indeni tracks the number of packets that had issues and alerts if the ratio is too high.
Remediation Steps:
Packet overruns usually occur when there are too many packets being inserted into the port’s memory buffer, faster than the rate at which the kernel is able to process them.
How does this work?
This alert logs into the Palo Alto Networks firewall through api and retrieves the status of all network interfaces. In that output, it looks for the number of packets received through the interface.
Why is this important?
Tracking the number of packets flowing through each network interface is important to identify potential issues, spikes in traffic, etc.
Without Indeni how would you find this?
The traffic statistics of network interfaces can be manually reviewed through the CLI.
panos-show-interface
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/panw/panos/show-interface/show-interface.ind.yaml
cross_vendor_rx_overrun
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_rx_overrun.scala