NSX IDPS Engine down Alarm
search cancel

NSX IDPS Engine down Alarm

book

Article ID: 330433

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

Title: Alarm for NSX IDPS Engine down
Event ID: distributed_ids_ips.nsx_idps_engine_down

Alarm Description

  • Purpose:NSX IDPS Engine is down
  • Impact: Traffic will not be subject to IDPS rules / policies, and malicious traffic could go undetected.

Environment

VMware NSX-T Data Center

Resolution

Steps to Resolve
For 3.1.0 and higher

Recommendations: 

On the esxi host:

  1. Check /var/log/nsx-syslog.log and /var/log/syslog.log to see if there are errors reported.
  2. Invoke the command `ps -C | grep idps` to check if the IDPS process is running. If it is not running, invoke `/etc/init.d/nsx-idps start` to start the service. Monitor the logs in /var/log/syslog.log and /var/log/nsx-syslog.log for any errors.
Powered by Wolken Software