Title: Alarm for edge long running packet capture Event ID: edge_health.longrunning_packet_capture
Alarm Description
Purpose: The purpose of this alarm is to notify users when a packet capture on specific interface on the edge device has been running for more than 30 minutes, prompting attention to potential prolonged capture sessions.
Impact: 1. Packet captures can consume significant system resources, including CPU, memory, and disk space. Prolonged captures may lead to increased resource utilization, potentially impacting the overall performance of the edge device. 2. Packet captures generate large amounts of data, and storing this data can lead to increased storage usage. If not managed properly, it may exhaust available disk space, affecting other critical system functions. 3. Continuous packet captures generate network traffic, especially if capturing all packets on a busy network interface. This additional network overhead can impact the overall network performance. 4. Depending on the edge device's capabilities, a long-running packet capture might compete with other essential functions. This could impact the device's ability to process network traffic, execute other tasks, or provide services.
Environment
VMware NSX
Resolution
Steps to Resolve
For 4.2.0 and higher
Recommended Action:
This alarm is automatically resolved upon termination of the extended packet capture session on the specified interface.