TX packets overrun-paloaltonetworks-panos
Indeni tracks the number of packets that had issues and alerts if the ratio is too high.
Packet overruns usually occur when there are too many packets being inserted into the port’s memory buffer, faster than the rate at which the kernel is able to process them.
How does this work?
This alert logs into the Palo Alto Networks firewall through api and retrieves the status of all network interfaces. In that output, it looks for the number of packets transmitted through the interface.
Why is this important?
Tracking the number of packets flowing through each network interface is important to identify potential issues, spikes in traffic, etc.
Without Indeni how would you find this?
The traffic statistics of network interfaces can be manually reviewed through the CLI.
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/panw/panos/show-interface/show-interface.ind.yaml
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_tx_overrun.scala