Title: Alarm for Traffic Bypassed - IDPS Engine Network Oversubscription
Event ID: distributed_ids_ips.idps_engine_bypassed_traffic_network_oversubscribed

Alarm Description

• Purpose:The IDPS engine is unable to keep pace with the rate of incoming traffic resulting in the excess traffic being bypassed. For more details, login to the ESX host and issue the following command: `vsipioctl getdpiinfo -s` and look at oversubscription stats.
• Impact: Traffic is being bypassed by the IDPS engine on ESX Host.

VMware NSX