Critical

Critical Impact Events and Alerts
Device Sensor State Critical Non Printers
    Sections on this page Related Use Cases (4) Configuration (2) Related Use Cases Appliance Sensor Monitoring Server Sensor Monitoring Notes Wireless Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,device_group_device,device_groups,sensors,sensors_to_state_indexes,state_indexes,state_translations WHERE (devices.device_id = ? AND devices.device_id = device_group_device.device_id AND device_group_device.device_group_id = device_groups.id AND devices.device_id = sensors.device_id AND sensors.sensor_id = sensors_to_state_indexes.sensor_id AND sensors_to_state_indexes.state_index_id = state_indexes.state_index_id AND state_indexes.state_index_id = state_translations.state_index_id) AND (sensors.
Service Up-and-down Default
    Sections on this page Configuration (2) Configuration Severity critical Rule Query sql SELECT * FROM devices,device_group_device,device_groups,services WHERE (devices.device_id = ? AND devices.device_id = device_group_device.device_id AND device_group_device.device_group_id = device_groups.id AND devices.device_id = services.device_id) AND services.service_status != 0 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND device_groups.id != 62 AND device_groups.id != 249
Devices Up-and-down
    Sections on this page Related Use Cases (4) Configuration (2) Related Use Cases Server Sensor Monitoring Notes Network Sensor Monitoring Notes Configuration Severity critical Rule Query sql SELECT * FROM devices WHERE (devices.device_id = ?) AND (devices.status = 0 (devices.disabled = 0 devices.ignore = 0)) = 1 AND devices.type != Printer
Device Rebooted
    Sections on this page Related Use Cases (7) Configuration (2) Related Use Cases Application Monitoring Notes Network Sensor Monitoring Notes Server Sensor Monitoring Notes Storage Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices WHERE (devices.device_id = ?) AND devices.uptime < 300 AND (devices.disabled = 0 devices.ignore = 0) = 1 AND devices.type != Printer
IPSec Tunnels Down
    Sections on this page Related Use Cases (2) Configuration (2) Related Use Cases VPN Monitoring Notes Configuration Severity critical Rule Query sql SELECT * FROM devices,ipsec_tunnels WHERE (devices.device_id = ? AND devices.device_id = ipsec_tunnels.device_id) AND ipsec_tunnels.tunnel_status != active AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1
Dell Server Virtual Disk Failed-and-Degraded
    Sections on this page Configuration (2) Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP [2|6] AND sensors.sensor_oid = .1.3.6.1.4.1.674.10893.1.20.140.1.1.4
Cisco Fan Status Failed
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Network Sensor Monitoring Notes Temperature Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current = 9 AND sensors.sensor_oid = .1.3.6.1.4.1.9.9.13.1.4.1.3
Device Storage High Percentage Used (Size Greater Than 10GB)
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Storage Sensor Monitoring Server Sensor Monitoring Notes Configuration Severity critical Rule Query sql SELECT * FROM devices,storage WHERE (devices.device_id = ? AND devices.device_id = storage.device_id) AND storage.storage_size > 7000000000 AND storage.storage_perc > 85 AND devices.type != Printer AND devices.os != windows AND devices.hostname != ip-10-64-20-146 AND devices.sysName NOT LIKE ‘siem’ AND devices.
Port Status Up-and-down
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Network Sensor Monitoring Notes Wireless Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,ports WHERE (devices.device_id = ? AND devices.device_id = ports.device_id) AND (ports.ifOperStatus = down ports.ifAdminStatus != down (ports.deleted = 0 ports.ignore = 0 ports.disabled = 0)) = 1
APC UPS In Hardware Failure Bypass Mode
    Sections on this page Related Use Cases (2) Configuration (2) Related Use Cases Appliance Sensor Monitoring Power Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current = 10 AND sensors.sensor_type = upsBasicOutputStatus
APC UPS Switched To Battery Power
    Sections on this page Related Use Cases (2) Configuration (2) Related Use Cases Appliance Sensor Monitoring Power Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current = 3 AND sensors.sensor_type = upsBasicOutputStatus
Aruba Wireless AP Count Low Critical
    Sections on this page Related Use Cases (1) Configuration (2) Related Use Cases Wireless Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,wireless_sensors WHERE (devices.device_id = ? AND devices.device_id = wireless_sensors.device_id) AND wireless_sensors.sensor_type = arubaos AND wireless_sensors.sensor_class = ap-count AND wireless_sensors.sensor_alert = 1 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1 AND wireless_sensors.sensor_current <= wireless_sensors.sensor_limit_low
BGP Session Down
    Sections on this page Related Use Cases (4) Configuration (2) Related Use Cases Network Sensor Monitoring Notes Network Topology Firewall Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,bgpPeers WHERE (devices.device_id = ? AND devices.device_id = bgpPeers.device_id) AND bgpPeers.bgpPeerState != established AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1
Cisco NX OS Device Has A Bad Fan
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Network Sensor Monitoring Notes Temperature Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND devices.os = nxos AND sensors.sensor_type = cefcFanTrayOperStatus AND sensors.sensor_current = [3-4]
Cisco PSU Status Failed
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Network Sensor Monitoring Notes Power Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current = 8 AND sensors.sensor_oid = .1.3.6.1.4.1.9.9.13.1.5.1.3
Dell IDRAC Battery Status Failed
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Appliance Sensor Monitoring Server Sensor Monitoring Notes Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP 10 AND sensors.sensor_oid = .1.3.6.1.4.1.674.10892.5.4.600.50.1.5
Dell IDRAC Global System Status Critical-and-NonRecoverable
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Appliance Sensor Monitoring Server Sensor Monitoring Notes Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP [5|6] AND sensors.sensor_oid = .1.3.6.1.4.1.674.10892.2.2.1
Dell IDRAC Virtual Disk Failed-and-Degraded
    Sections on this page Configuration (2) Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP [3|4] AND sensors.sensor_oid = .1.3.6.1.4.1.674.10892.5.5.1.20.140.1.1.4
Dell Server Disk Array State Failed-and-Degraded
    Sections on this page Related Use Cases (4) Configuration (2) Related Use Cases Storage Sensor Monitoring Server Sensor Monitoring Notes Storage Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP [2|5] AND sensors.sensor_oid = .1.3.6.1.4.1.674.10893.1.20.130.4.1.4
Dell Server Disk Controller State Failed-and-Degraded
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Server Sensor Monitoring Notes Storage Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP [2|6] AND sensors.sensor_oid = .1.3.6.1.4.1.674.10893.1.20.130.1.1.5
Dell Server PSU State Critical-and-NonRecvoverable
    Sections on this page Configuration (2) Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP [5|6] AND sensors.sensor_oid = .1.3.6.1.4.1.674.10892.1.600.12.1.5
HP Procurve Bad Power Supply
    Sections on this page Configuration (2) Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_oid REGEXP .1.3.6.1.4.1.11.2.14.11.1.2.6.1.4.[2-5] AND sensors.sensor_current = 2
HP Procurve Fan Fault
    Sections on this page Configuration (2) Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_oid = .1.3.6.1.4.1.11.2.14.11.1.2.6.1.4.1 AND sensors.sensor_current = 2
HPE BladeSystem Has A Bad Fan
    Sections on this page Related Use Cases (2) Configuration (2) Related Use Cases Server Sensor Monitoring Notes Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND devices.os = hpblmos AND sensors.sensor_type = hpblmos_fanstate AND sensors.sensor_current = [3-4]
HPE BladeSystem Has A Bad Power Supply
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Server Sensor Monitoring Notes Power Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND devices.os = hpblmos AND sensors.sensor_type = hpblmos_psustate AND sensors.sensor_current = [3-4]
HPE ILo Server Drive Degraded-and-failure
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Server Sensor Monitoring Notes Storage Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP [3-4] AND sensors.sensor_oid = .1.3.6.1.4.1.232.3.2.5.1.1.37.
HPE ILo Server Fan Degraded-and-failure
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Appliance Sensor Monitoring Server Sensor Monitoring Notes Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP [3-4] AND sensors.sensor_oid = .1.3.6.1.4.1.232.6.2.6.7.1.9.
HPE ILo Server Memory Degraded-and-failure
    Sections on this page Related Use Cases (2) Configuration (2) Related Use Cases Server Sensor Monitoring Notes Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP [3-4] AND sensors.sensor_oid = .1.3.6.1.4.1.232.6.2.14.13.1.20.
HPE ILo Server Power Supply Degraded-and-failure
    Sections on this page Related Use Cases (4) Configuration (2) Related Use Cases Server Sensor Monitoring Notes Appliance Sensor Monitoring Power Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current REGEXP [3-4] AND sensors.sensor_oid = .1.3.6.1.4.1.232.6.2.9.3.1.4.
Netscaler HA Node Mode Change
    Sections on this page Related Use Cases (1) Configuration (2) Related Use Cases LoadBalancer Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND devices.os = Netscaler AND sensors.sensor_type = sysHighAvailabilityMode AND sensors.sensor_current != sensors.sensor_prev AND sensors.lastupdate < DATE_SUB(NOW(),INTERVAL 5 MINUTE) AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1
Netscaler HA Node State Critical
    Sections on this page Related Use Cases (1) Configuration (2) Related Use Cases LoadBalancer Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND devices.os = Netscaler AND sensors.sensor_type = haCurState AND sensors.sensor_current REGEXP [2|4|5|7|10|11] AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1
Synology NAS Has A Failed Fan Status
    Sections on this page Related Use Cases (2) Configuration (2) Related Use Cases Appliance Sensor Monitoring Storage Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND devices.os = dsm AND sensors.sensor_type = systemFanStatusState AND sensors.sensor_current = 2
Synology NAS Has A Failed Power Status
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Storage Sensor Monitoring Appliance Sensor Monitoring Power Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND devices.os = dsm AND sensors.sensor_type = powerStatusState AND sensors.sensor_current = 2
Synology NAS Has A Failed Status
    Sections on this page Related Use Cases (1) Configuration (2) Related Use Cases Storage Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND devices.os = dsm AND sensors.sensor_type = systemStatusState AND sensors.sensor_current = 2
Syslog, Authentication Failure On Device
    Sections on this page Related Use Cases (1) Configuration (2) Related Use Cases Login Failures Configuration Severity critical Rule Query sql SELECT * FROM devices,syslog WHERE (devices.device_id = ? AND devices.device_id = syslog.device_id) AND syslog.timestamp >= macros.past_5m AND syslog.msg REGEXP .authentication failure.
Syslog, Received Alert Priority Message
    Sections on this page Related Use Cases (2) Configuration (2) Related Use Cases Application Monitoring Notes Configuration Severity critical Rule Query sql SELECT * FROM devices,syslog WHERE (devices.device_id = ? AND devices.device_id = syslog.device_id) AND syslog.timestamp >= macros.past_5m AND syslog.priority REGEXP alert
Syslog, Received Emergency Priority Message
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Appliance Sensor Monitoring Application Monitoring Notes Configuration Severity critical Rule Query sql SELECT * FROM devices,syslog WHERE (devices.device_id = ? AND devices.device_id = syslog.device_id) AND syslog.timestamp >= macros.past_5m AND syslog.priority REGEXP emergency
UBNT EdgeSwitch Chassis State Failed
    Sections on this page Related Use Cases (3) Configuration (2) Related Use Cases Wireless Sensor Monitoring Network Sensor Monitoring Notes Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current = 3 AND sensors.sensor_oid = .1.3.6.1.4.1.4413.1.1.43.1.15.1.2.1
UPS Is Running On The Battery
    Sections on this page Related Use Cases (2) Configuration (2) Related Use Cases Appliance Sensor Monitoring Power Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,sensors WHERE (devices.device_id = ? AND devices.device_id = sensors.device_id) AND sensors.sensor_current = 5 AND sensors.sensor_type = upsOutputSourceState
Service Up-and-down
    Sections on this page Related Use Cases (1) Configuration (2) Related Use Cases Appliance Sensor Monitoring Configuration Severity critical Rule Query sql SELECT * FROM devices,services WHERE (devices.device_id = ? AND devices.device_id = services.device_id) AND services.service_status != 0 AND (devices.status = 1 (devices.disabled = 0 devices.ignore = 0)) = 1
Last modified June 8, 2021