NSX IDPS Engine down Alarm
search cancel

NSX IDPS Engine down Alarm

book

Article ID: 330433

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

Title: Alarm for NSX IDPS Engine down
Event ID: distributed_ids_ips.nsx_idps_engine_down

Alarm Description

  • Purpose:NSX IDPS Engine is down
  • Impact: Traffic will not be subject to IDPS rules / policies, and malicious traffic could go undetected.

Environment

VMware NSX-T Data Center

Resolution

This is a known issue impacting VMware NSX.

Steps to Resolve
For 3.1.0 and higher

Recommendations: 

On the esxi host:

  • Check /var/log/nsx-syslog.log and /var/log/syslog.log to see if there are errors reported.
  • Check if the IDPS process in running by invoking command 
    • ps -C | grep idps 
  • If it is not running, restart the service 
    • /etc/init.d/nsx-idps start 
  • Monitor the logs in /var/log/syslog.log and /var/log/nsx-syslog.log for any errors.
Powered by Wolken Software