Edge long running packet capture Alarm
search cancel

Edge long running packet capture Alarm

book

Article ID: 330506

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

Title: Alarm for edge long running packet capture
Event ID: edge_health.longrunning_packet_capture

Alarm Description

  • Purpose: The purpose of this alarm is to notify users when a packet capture on specific interface on the edge device has been running for more than 30 minutes, prompting attention to potential prolonged capture sessions.
  • Impact:
    1. Packet captures can consume significant system resources, including CPU, memory, and disk space. Prolonged captures may lead to increased resource utilization, potentially impacting the overall performance of the edge device.
    2. Packet captures generate large amounts of data, and storing this data can lead to increased storage usage. If not managed properly, it may exhaust available disk space, affecting other critical system functions.
    3. Continuous packet captures generate network traffic, especially if capturing all packets on a busy network interface. This additional network overhead can impact the overall network performance.
    4. Depending on the edge device's capabilities, a long-running packet capture might compete with other essential functions. This could impact the device's ability to process network traffic, execute other tasks, or provide services.

Environment

VMware NSX

Resolution

Steps to Resolve
For 4.2.0 and higher
 
Recommended Action:
 
This alarm is automatically resolved upon termination of the extended packet capture session on the specified interface.

Maintenance window required for remediation? No