https://github.com/limes-github/LibreNMS-Alerts

LibreNMS Alerts Templates.
https://github.com/limes-github/LibreNMS-Alerts

Last synced: 6 days ago
JSON representation

LibreNMS Alerts Templates.

• Host: GitHub
• URL: https://github.com/limes-github/LibreNMS-Alerts
• Owner: limes-github
• Created: 2019-10-16T09:13:38.000Z (about 5 years ago)
• Default Branch: master
• Last Pushed: 2019-12-05T11:19:12.000Z (almost 5 years ago)
• Last Synced: 2024-07-27T16:44:31.756Z (4 months ago)
• Homepage:
• Size: 4.88 KB
• Stars: 4
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# LibreNMS-Alerts

A collection of used by me LibreNMS Alerts templates. 
All working fine, minimum false-positives.

1. PORT DOWN



ports.ifOperStatus = "down" AND ports.ifOperStatus_prev = "up" AND macros.device_up = 1



2. PORT UTILIZATION > 75% - OUTGOING TRAFFIC



macros.port_out_usage_perc >= 75 AND macros.port_up = 1 AND macros.port = 1



3. PORT UTILIZATION > 75% - INCOMING TRAFFIC



macros.port_in_usage_perc >= 75 AND macros.port_up = 1 AND macros.port = 1



4. DEVICE DOWN



devices.status != 1



5. CPU UTILIZATION > 80%



macros.device_up = 1 AND processors.processor_usage >= 80



6. DEVICE REBOOTED



devices.uptime < 400 AND macros.device = 1



7. INCOMING BROADCAST > 7000 pkt/s



ports_statistics.ifInBroadcastPkts_rate >= 7000 AND macros.port_up = 1 AND macros.port = 1



8. OUTGOING BROADCAST > 7000 pkt/s



ports_statistics.ifOutBroadcastPkts_rate >= 7000 AND macros.port_up = 1 AND macros.port = 1



9. INCOMING UNICAST > 650000 pkt/s



ports.ifInUcastPkts_rate >= 650000 AND macros.port_up = 1 AND macros.port = 1



10. OUTGOING UNICAST > 650000 pkt/s



ports.ifOutUcastPkts_rate >= 650000 AND macros.port_up = 1 AND macros.port = 1



11. IPTV SERVICE DOWN (MULTICAST TRAFFIC < 55000 pkt/s)



macros.port_up = 1 AND macros.port = 1 AND ports_statistics.ifInNUcastPkts_rate <= 55000 AND ports.ifIndex = "1/0/13"



12. INTERFACE ERRORS



ports.ifInErrors_rate >= 5 OR ports.ifOutErrors_rate >= 5



13. HARD DISK DRIVE USAGE > 85%



storage.storage_perc >= 85 AND devices.sysName = "server"



14. TEMPERATURE > 70 CELSIUS



sensors.sensor_class = "Temperature" AND sensors.sensor_current >= 70



15. SQL ALERTING > FDB ENTRIES > 10 FOR SPECIFIED VLAN



select count(ports_fdb.mac_address) from ports_fdb join vlans on ports_fdb.vlan_id = vlans.vlan_id where vlans.vlan_vlan = 3333 HAVING count(ports_fdb.mac_address) > 10;



15. SQL ALERTING > FDB ENTRIES > 10 FOR SPECIFIED VLAN (WITHIN A TIME)



SQL QUERY: select UNIX_TIMESTAMP(ports_fdb.updated_at), ports_fdb.mac_address from ports_fdb join vlans on ports_fdb.vlan_id = vlans.vlan_id where vlans.vlan_vlan = 3333 AND UNIX_TIMESTAMP(ports_fdb.updated_at) >= UNIX_TIMESTAMP(NOW() - INTERVAL 15 MINUTE);



OVERRIDE SQL ALERT: select UNIX_TIMESTAMP(ports_fdb.updated_at), ports_fdb.mac_address from ports_fdb join vlans on ports_fdb.vlan_id = vlans.vlan_id where vlans.vlan_vlan = 3333 AND UNIX_TIMESTAMP(ports_fdb.updated_at) >= UNIX_TIMESTAMP(NOW() - INTERVAL 15 MINUTE) HAVING count(ports_fdb.mac_address) > 10;

Polling: ./discovery.php -h all -m fdb-table