Warning
Cisco IP SLA Status Critical
Configuration severity warning Rule Query sql SELECT * FROM devices,slas WHERE (devices.device_id = ? AND devices.device_id = slas.device_id) AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND slas.opstatus != 0 AND slas.deleted = 0
IDRAC Virtual Disk Failed/Degraded
Server Sensor Monitoring . notes Storage Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,sensors,sensors_to_state_indexes,state_indexes,state_translations WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id AND sensors.sensor_id = sensors_to_state_indexes.sensor_id AND sensors_to_state_indexes.state_index_id = state_indexes.state_index_id AND state_indexes.state_index_id = state_translations.state_index_id) AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND sensors.sensor_type = virtualDiskState AND (sensors.sensor_current = state_translations.state_value state_translations.state_generic_value = 0) = 0 AND (sensors.sensor_current = state_translations.state_value state_translations.
Server High Memory Usage
Configuration severity warning Rule Query sql SELECT * FROM devices,device_group_device,device_groups,mempools WHERE (devices.device_id = ? AND devices.device_id = device_group_device.device_id AND device_group_device.device_group_id = device_groups.id AND devices.device_id = mempools.device_id) AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND devices.type = Server AND mempools.mempool_perc > 90 AND mempools.mempool_descr LIKE ‘Virtual’ AND devices.os NOT LIKE ‘FreeBSD’ AND devices.device_id != 6883 AND device_groups.id != 249 AND device_groups.id != 269
APC UPS Battery Needs Replacement
Power Sensor Monitoring . Appliance Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_type = upsAdvBatteryReplaceIndicator AND sensors.sensor_current = 2
APC UPS In Smart Trim Mode
Power Sensor Monitoring . Appliance Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current = 12 AND sensors.sensor_type = upsBasicOutputStatus
Applications Puppet Agent Last Run Greater Than 1 Day
Configuration severity warning Rule Query sql SELECT * FROM devices,device_group_device,device_groups,devices_group_perms,users,notifications_attribs,notifications,applications,application_metrics WHERE (devices.device_id = ? AND devices.device_id = device_group_device.device_id AND device_group_device.device_group_id = device_groups.id AND device_groups.id = devices_group_perms.device_group_id AND devices_group_perms.user_id = users.user_id AND users.user_id = notifications_attribs.user_id AND notifications_attribs.notifications_id = notifications.notifications_id AND devices.device_id = applications.device_id AND applications.app_id = application_metrics.app_id) AND applications.app_type = puppet-agent AND application_metrics.metric = last_run_last_run AND application_metrics.value > 3000 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND notifications.
BGP Session Established
IT Environment Documentation Network Sensor Monitoring notes Firewall Sensor Monitoring Configuration severity warning Rule Query sql SELECT * FROM devices,bgpPeers WHERE (devices.device_id = ? AND devices.device_id = bgpPeers.device_id) AND bgpPeers.bgpPeerFsmEstablishedTime < 300 AND bgpPeers.bgpPeerState = established AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1
Cisco ASA Connections Over 50000 And Not An ASA5516
Network Sensor Monitoring . notes Firewall Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,ciscoASA WHERE (devices.device_id = ? AND devices.device_id = ciscoASA.device_id) AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND devices.os = asa AND ciscoASA.data > 50000 AND devices.hardware != ASA5516
Cisco ASA Primary Unit Changed To Standby
IT Environment Documentation Network Sensor Monitoring notes Firewall Sensor Monitoring Configuration severity warning Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_descr = Primary Unit.* AND sensors.sensor_current = 10 AND sensors.sensor_prev = 9
Dell IDRAC Amperage Probe Status Failed
Power Sensor Monitoring . Appliance Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP 10 AND sensors.sensor_oid = .1.3.6.1.4.1.674.10892.5.4.600.30.1.5
Device Sensor State Critical Non Printers
Server Sensor Monitoring notes Wireless Sensor Monitoring Appliance Sensor Monitoring Configuration severity warning Rule Query sql SELECT * FROM devices,device_group_device,device_groups,sensors,sensors_to_state_indexes,state_indexes,state_translations WHERE (devices.device_id = ? AND devices.device_id = device_group_device.device_id AND device_group_device.device_group_id = device_groups.id AND devices.device_id = sensors.device_id AND sensors.sensor_id = sensors_to_state_indexes.sensor_id AND sensors_to_state_indexes.state_index_id = state_indexes.state_index_id AND state_indexes.state_index_id = state_translations.state_index_id) AND (sensors.sensor_current = state_translations.state_value state_translations.state_generic_value = 2) = 1 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND sensors.
Device Sensor State Critical Printers
Printer Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,sensors,sensors_to_state_indexes,state_indexes,state_translations WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id AND sensors.sensor_id = sensors_to_state_indexes.sensor_id AND sensors_to_state_indexes.state_index_id = state_indexes.state_index_id AND state_indexes.state_index_id = state_translations.state_index_id) AND (sensors.sensor_current = state_translations.state_value state_translations.state_generic_value = 2) = 1 AND sensors.sensor_alert = 1 AND devices.type = Printer AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1
Device State Sensor Warning Non Printers
Server Sensor Monitoring . notes Appliance Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,sensors,sensors_to_state_indexes,state_indexes,state_translations WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id AND sensors.sensor_id = sensors_to_state_indexes.sensor_id AND sensors_to_state_indexes.state_index_id = state_indexes.state_index_id AND state_indexes.state_index_id = state_translations.state_index_id) AND (sensors.sensor_current = state_translations.state_value state_translations.state_generic_value = 1) = 1 AND sensors.sensor_alert = 1 AND devices.type != Printer AND sensors.sensor_descr != Upgrade Availability AND sensors.sensor_oid != .1.3.6.1.4.1.6574.3.1.1.3.0 AND state_translations.state_descr != GPS Sync Down AND (devices.
Device State Sensor Warning Printers
Printer Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,sensors,sensors_to_state_indexes,state_indexes,state_translations WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id AND sensors.sensor_id = sensors_to_state_indexes.sensor_id AND sensors_to_state_indexes.state_index_id = state_indexes.state_index_id AND state_indexes.state_index_id = state_translations.state_index_id) AND (sensors.sensor_current = state_translations.state_value state_translations.state_generic_value = 1) = 1 AND sensors.sensor_alert = 1 AND devices.type = Printer
Device Storage High Percentage Used Greater Than 80 Percent (Size Greater Than 10GB)
Server Sensor Monitoring . notes Storage Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,storage WHERE (devices.device_id = ? AND devices.device_id = storage.device_id) AND storage.storage_size > 7000000000 AND storage.storage_perc > 80 AND devices.type != Printer AND devices.os != windows AND devices.sysName NOT LIKE ‘siem’ AND devices.hostname NOT REGEXP 10.0.32.. AND devices.sysName NOT LIKE ‘ilo’ AND devices.device_id != 24039 AND devices.hostname NOT LIKE ‘ip-192-168-3-230’ AND storage.
High Swap Usage
Server Sensor Monitoring notes Application Monitoring notes Configuration severity warning Rule Query sql SELECT * FROM devices,device_group_device,device_groups,mempools WHERE (devices.device_id = ? AND devices.device_id = device_group_device.device_id AND device_group_device.device_group_id = device_groups.id AND devices.device_id = mempools.device_id) AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND mempools.mempool_perc > 75 AND mempools.mempool_descr LIKE ‘Swap’ AND devices.type != Printer AND devices.device_id != 23277 AND device_groups.id = 493 AND mempools.mempool_total >= 100 AND mempools.
Interface Errors Rate Greater Than 100
Network Sensor Monitoring notes Wireless Sensor Monitoring Appliance Sensor Monitoring Configuration severity warning Rule Query sql SELECT * FROM devices,ports WHERE (devices.device_id = ? AND devices.device_id = ports.device_id) AND (ports.ifInErrors_rate >= 100 OR ports.ifOutErrors_rate >= 100) AND ports.portName NOT LIKE ‘radio’
Port Utilisation Over Threshold
Network Sensor Monitoring . notes Wireless Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,ports WHERE (devices.device_id = ? AND devices.device_id = ports.device_id) AND (((ports.ifInOctets_rate*8) / ports.ifSpeed)*100) >= 80 AND (ports.ifOperStatus = up ports.ifAdminStatus = up (ports.deleted = 0 ports.ignore = 0 ports.disabled = 0)) = 1 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND ports.ifHighSpeed != 10 AND ports.
Sensor Over Limit Check Device Health Settings
Server Sensor Monitoring notes Wireless Sensor Monitoring Appliance Sensor Monitoring Camera Sensor Monitoring Configuration severity warning Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current > sensors.sensor_limit AND sensors.sensor_alert = 1 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND sensors.sensor_descr NOT LIKE ‘Core’ AND sensors.sensor_current > sensors.sensor_prev AND devices.snmp_disable = 0 AND sensors.sensor_descr NOT LIKE ‘Fan’ AND sensors.
Sensor Over Limit With Linked Port
Network Sensor Monitoring notes Server Sensor Monitoring notes Wireless Sensor Monitoring Appliance Sensor Monitoring Configuration severity warning Rule Query sql SELECT * FROM devices,ports,sensors WHERE (devices.device_id = ? AND devices.device_id = ports.device_id AND devices.device_id = sensors.device_id) AND sensors.sensor_current > sensors.sensor_limit AND sensors.sensor_alert = 1 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND (sensors.entPhysicalIndex_measured = ‘ports’ sensors.entPhysicalIndex = ports.ifIndex (ports.ifOperStatus = up ports.ifAdminStatus = up (ports.
Sensor Under Limit Check Device Health Settings
Configuration severity warning Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current < sensors.sensor_limit_low AND sensors.sensor_alert = 1 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND sensors.sensor_current < sensors.sensor_prev AND devices.snmp_disable = 0 AND sensors.sensor_descr NOT LIKE ‘Core’ AND sensors.sensor_current < 19 AND sensors.sensor_current > 0 AND sensors.sensor_descr != Internal Temperature AND devices.hostname NOT LIKE ‘lake.
Too Many Wireless Clients
Wireless Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,wireless_sensors WHERE (devices.device_id = ? AND devices.device_id = wireless_sensors.device_id) AND wireless_sensors.sensor_class = ‘clients’ AND wireless_sensors.sensor_current >= wireless_sensors.sensor_limit AND wireless_sensors.sensor_alert = 1 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1
UPS Has A Depleted Battery
Power Sensor Monitoring . Appliance Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current = 4 AND sensors.sensor_type = upsBatteryStatusState
UPS Has A Heavy Load
Power Sensor Monitoring . Appliance Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_descr REGEXP Percentage load AND sensors.sensor_current >= 85 AND sensors.sensor_type = rfc1628 AND devices.hostname NOT LIKE ‘ip-192-168-1-160’
Wireless Sensor Over Limit
Wireless Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,device_group_device,device_groups,wireless_sensors WHERE (devices.device_id = ? AND devices.device_id = device_group_device.device_id AND device_group_device.device_group_id = device_groups.id AND devices.device_id = wireless_sensors.device_id) AND wireless_sensors.sensor_current >= wireless_sensors.sensor_limit AND wireless_sensors.sensor_alert = 1 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND wireless_sensors.sensor_current > wireless_sensors.sensor_prev AND devices.hostname != ip-10-32-0-18.us-east-2.compute.internal AND device_groups.id != 137 AND device_groups.id != 141 AND device_groups.id !
Linux Server High Storage High Percentage Used
Server Sensor Monitoring . notes Storage Sensor Monitoring . Configuration severity warning Rule Query sql SELECT * FROM devices,storage WHERE (devices.device_id = ? AND devices.device_id = storage.device_id) AND storage.storage_size > 7000000000 AND storage.storage_perc > 80
Aruba Wireless AP Count Low Warning
Configuration severity warning Rule Query sql SELECT * FROM devices,wireless_sensors WHERE (devices.device_id = ? AND devices.device_id = wireless_sensors.device_id) AND wireless_sensors.sensor_type = arubaos AND wireless_sensors.sensor_class = ap-count AND wireless_sensors.sensor_alert = 1 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND wireless_sensors.sensor_current <= wireless_sensors.sensor_limit_low_warn AND wireless_sensors.sensor_current > wireless_sensors.sensor_limit_low
High CPU Usage
Server Sensor Monitoring notes Application Monitoring notes Configuration severity warning Rule Query sql SELECT * FROM devices,processors WHERE (devices.device_id = ? AND devices.device_id = processors.device_id) AND (devices.status = 0 (devices.disabled = 0 devices.ignore = 0)) = 0 AND processors.processor_usage >= 90 AND devices.type != Server AND devices.type != Wireless AND devices.type != printer