Alarm for Maximum number of IDPS Events Reached on Manager
search cancel

Alarm for Maximum number of IDPS Events Reached on Manager

book

Article ID: 373358

calendar_today

Updated On:

Products

VMware vDefend Firewall with Advanced Threat Prevention

Issue/Introduction

Title: "Alarm for Maximum number of IDPS Events Reached on Manager"

Event ID: distributed_ids_ips.max_events_reached

Added in release: NSX-T 3.1.0

Alarm Description

Purpose: Limit reached for number of IDPS events.

Impact: There may not necessarily be any impact. This alarm indicates that the limit for the number of IDPS events is reached.

Environment

VMware NSX

Resolution

Steps to Resolve

For release NSX-T 3.1.0 and higher.

  • There is no manual intervention needed.
  • A purge job will kick in automatically every 3 minutes and delete 10% of the older records to bring the total number of events in the system to below the threshold value.

Note:  Even though the limit is reached, IDPS still continues to process traffic and generate alerts.

Powered by Wolken Software