Central

The Central Developer Hub

Welcome to the Central developer hub. You'll find guides and documentation to help you start working with Central APIs as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Gateway Alerts

 {
 	"id": "AXyzbcapqrstn24BIWcc",
 	"nid": 301,
 	"alert_type": "NEW_GATEWAY_DETECTED",
 	"setting_id": "abce082bef4a428bb31366f6d6ff223f-301",
 	"device_id": "CNXXYYZZAA",
 	"description": "New Gateway GSK-7005-2 with serial CNXXYYZZAA, MAC address 20:aa:bb:cc:eb:30 and IP address 172.168.1.1 connected, Group:unprovisioned",
 	"state": "Open",
 	"severity": "Warning",
 	"operation": "create",
 	"timestamp": 1612725256,
 	"details": {
 		"group": "1",
 		"labels": "",
 		"_rule_number": "0",
 		"params": ["CNXXYYZZAA", "20:aa:bb:cc:eb:30", "172.168.1.1", "GSK-7005-2"],
 		"serial": "CNXXYYZZAA",
 		"time": "2021-02-07 19:14:16 UTC",
 		"group_name": "unprovisioned"
 	},
 	"webhook": "52e0abbd-cdda-45f2-bd68-3107fef43841",
 	"text": "New Gateway GSK-7005-2 with serial CNXXYYZZAA, MAC address 20:aa:bb:cc:eb:30 and IP address 172.168.1.1 connected, Group:unprovisioned"
 }

Gateway Disconnected

Generates an alert when a Branch Gateway is disconnected. When a gateway disconnects because of license expiry, the alert description shows 'Reason: Device unlicensed'.

{
  "id": "AXyzbcapqrstn24BIWcc",
  "nid": 303,
  "alert_type": "GATEWAY_DISCONNECTED",
  "setting_id": "abce082bef4a428bb31366f6d6ff223f-303",
  "device_id": "CNXXYYZZAA",
  "description": "Gateway GSK-7005-2 with serial CNXXYYZZAA, MAC address 20:aa:bb:cc:eb:30 and IP address 172.168.1.1 disconnected. , Group:default",
  "state": "Open",
  "severity": "Major",
  "operation": "create",
  "timestamp": 1612725779,
  "details": {
    "params": [
      "CNXXYYZZAA",
      "20:aa:bb:cc:eb:30",
      "172.168.1.1",
      "GSK-7005-2",
      "",
      ""
    ],
    "group": "0",
    "ts": "1612725444737",
    "labels": "",
    "serial": "CNXXYYZZAA",
    "conn_status": "disconnected",
    "time": "2021-02-07 19:22:59 UTC",
    "group_name": "default"
  },
  "webhook": "52e0abbd-cdda-45f2-bd68-3107fef43841",
  "text": "Gateway GSK-7005-2 with serial CNXXYYZZAA, MAC address 20:aa:bb:cc:eb:30 and IP address 172.168.1.1 disconnected. , Group:default"
}

Gateway CPU Utilization

Generates an alert when the Branch Gateway CPU utilization exceeds the threshold value. You can add additional rule(s) for this alert.

 {
	"id": "AXyzbcapqrstn24BIWcc",
	"nid": 1351,
	"alert_type": "CONTROLLER_CPU_OVER_UTILIZATION",
	"setting_id": "ggsswerr90254beccccaaazza05f17-1351",
	"device_id": "CNXXYYZZAA",
	"description": "CPU utilization for Gateway WTH_9004-2 with serial CNXXYYZZAA has been above 10% for about 5 minutes since 2021-02-02 13:24:00 UTC.",
	"state": "Open",
	"severity": "Critical",
	"operation": "create",
	"timestamp": 1612272540,
	"details": {
		"name": "WTH_9004-2",
		"unit": "%",
		"serial": "CNXXYYZZAA",
		"group": "36",
		"labels": "8",
		"_rule_number": "0",
		"ds_key": "ggsswerr90254beccccaaazza05f17.CNXXYYZZAA.cpu_utilization.5m",
		"duration": "5",
		"threshold": "10",
		"time": "2021-02-02 13:24:00 UTC"
	},
	"webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
	"text": "CPU utilization for Gateway WTH_9004-2 with serial CNXXYYZZAA has been above 10% for about 5 minutes since 2021-02-02 13:24:00 UTC."
}

Gateway Memory Utilization

Retrieving data. Wait a few seconds and try to cut or copy again.

 {
  "id": "AXdiyfwQo68tULajRTiG",
  "nid": 1352,
  "alert_type": "CONTROLLER_MEMORY_OVER_UTILIZATION",
  "setting_id": "ggsswerr90254beccccaaazza05f17-1352",
  "device_id": "CNXXYYZZAA",
  "description": "Memory utilization for Gateway WTH_9004-1 with serial CNXXYYZZAA has been above 30% for about 30 minutes since 2021-02-02 12:19:00 UTC.",
  "state": "Open",
  "severity": "Critical",
  "operation": "create",
  "timestamp": 1612270140,
  "details": {
    "name": "WTH_9004-1",
    "unit": "%",
    "serial": "CNXXYYZZAA",
    "group": "36",
    "labels": "8",
    "_rule_number": "0",
    "ds_key": "ggsswerr90254beccccaaazza05f17.CNXXYYZZAA.memory_utilization.5m",
    "duration": "30",
    "threshold": "30",
    "time": "2021-02-02 12:19:00 UTC"
  },
  "webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
  "text": "Memory utilization for Gateway WTH_9004-1 with serial CNXXYYZZAA has been above 30% for about 30 minutes since 2021-02-02 12:19:00 UTC."
}

BGP Session Error

Generates an alert when a BGP session fails.

 {
  "id": "AXyzbcapqrstn24BIWcc",
  "nid": 1355,
  "alert_type": "CONTROLLER BGP SESSION ERROR",
  "setting_id": "ggsswerr90254beccccaaazza05f17-1355",
  "device_id": "CNXXYYZZAA",
  "description": "BGP neighbor 172.30.1.102 is down (router-id=10.53.9.44, ASN=3002, serial=CNXXYYZZAA)",
  "state": "Open",
  "severity": "Critical",
  "operation": "create",
  "timestamp": 1612811123,
  "details": {
    "serial": "CNXXYYZZAA",
    "nbr_addr": "172.30.1.102",
    "nbr_as": "3002",
    "nbr_id": "10.53.9.44",
    "group": "12",
    "time": "2021-02-08 19:05:23 UTC"
  },
  "webhook": "f6f2b19a-31d5-445c-b340-eb1ca8a6fdd8",
  "text": "BGP neighbor 172.30.1.102 is down (router-id=10.53.9.44, ASN=3002, serial=CNXXYYZZAA)"
}

Gateway Base License Capacity Limit Exceeded

Generates an alert when a Gateway with Foundation-Base Capacity subscription exceed the client capacity threshold. For more information on Foundation-Base Capacity subscription, see Assigning Subscriptions to Aruba Gateways.

 {
  "id": "AXyzbcapqrstn24BIWcc",
  "nid": 1356,
  "alert_type": "GATEWAY_BASE_LICENSE_CAPACITY_EXCEEDED",
  "setting_id": "ggsswerr90254beccccaaazza05f17-1356",
  "device_id": "CNXXYYZZAA",
  "description": "Base license capacity limit exceeded for Gateway with name: CSIM_SCA0000073, serial: CNXXYYZZAA",
  "state": "Open",
  "severity": "Critical",
  "operation": "create",
  "timestamp": 1612424272,
  "details": {
    "group": "0",
    "labels": [],
    "name": "CSIM_CNXXYYZZAA",
    "serial": "CNXXYYZZAA",
    "time": "2021-02-04 07:37:52 UTC"
  },
  "webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
  "text": "Base license capacity limit exceeded for Gateway with name: CSIM_CNXXYYZZAA, serial: CNXXYYZZAA"
}

Routing Table Limit

Generates an alert when the routing table size exceeds the 90% of the capacity. This alert is auto-acknowledged when the Routing table size goes below 85% of the capacity.

 {
  "id": "AXyzbcapqrstn24BIWcc",
  "nid": 1357,
  "alert_type": "CONTROLLER ROUTE TABLE CAPACITY",
  "setting_id": "ggsswerr90254beccccaaazza05f17-1357",
  "device_id": "CNXXYYZZAA",
  "description": "Routing table for device DC3_VPNC8_7240XM exceeded threshold(serial=CNXXYYZZAA, IP=2.3.1.5, count=29268, max=32768)",
  "state": "Open",
  "severity": "Critical",
  "operation": "create",
  "timestamp": 1612801998,
  "details": {
    "serial": "CNXXYYZZAA",
    "ip_address": "2.3.1.5",
    "count": "29268",
    "hostname": "DC3_VPNC8_7240XM",
    "max": "32768",
    "group": "57",
    "time": "2021-02-08 16:33:18 UTC"
  },
  "webhook": "5cbc87e4-9eb5-45d2-b890-b21db89ca5b4",
  "text": "Routing table for device DC3_VPNC8_7240XM exceeded threshold(serial=CNXXYYZZAA, IP=2.3.1.5, count=29268, max=32768)"
}

Overlay Route Orchestrator Connection

Generates an alert when the control connection between the Branch Gateway and the Overlay Route Orchestration (ORO) is down. This alert is auto-acknowledged when the control connection is re-established.

{

	"id": "AXyzbcapqrstn24BIWcc",
	"nid": 1359,
	"alert_type": "CONTROLLER OAP CONNECTION",
	"setting_id": "ggsswerr90254beccccaaazza05f17-1359",
	"device_id": "CNXXYYZZAA",
	"description": "Overlay Route Orchestrator control connection is down for Legacy2.0-BGW1-A7005-39_82_AC (serial=CNXXYYZZAA)",
	"state": "Open",
	"severity": "Critical",
	"operation": "create",
	"timestamp": 1612808837,
	"details": {
		"hostname": "Legacy2.0-BGW1-A7005-39_82_AC",
		"serial": "CNXXYYZZAA",
		"group": "22",
		"time": "2021-02-08 18:27:17 UTC"
	},
	"webhook": "f6f2b19a-31d5-445c-b340-eb1ca8a6fdd8",
	"text": "Overlay Route Orchestrator control connection is down for Legacy2.0-BGW1-A7005-39_82_AC (serial=CNXXYYZZAA)"
}

WAN Health-Check Failure

Generates an alert when WAN health check fails.

 {
	"id": "AXyzbcapqrstn24BIWcc",
	"nid": 1501,
	"alert_type": "WAN_UPLINK_REACHABILITY_HEALTH_CHECK_IP_FAILED",
	"setting_id": "ggsswerr90254beccccaaazza05f17-1501",
	"device_id": "CNXXYYZZAA",
	"description": "WAN reachability check failed for Gateway WTH_9004-2 with serial CNXXYYZZAA to Health Check IP 52.52.253.87 on uplink inet2_inet. Default-gateway is reachable.",
	"state": "Open",
	"severity": "Critical",
	"operation": "create",
	"timestamp": 1612304659,
	"details": {
		"default_gw_status": "reachable",
		"intf_name": "inet2_inet",
		"ip": "52.52.253.87",
		"hostname": "WTH_9004-2",
		"serial": "CNXXYYZZAA",
		"group": "36",
		"labels": [
			"8"
		],
		"time": "2021-02-02 22:24:19 UTC"
	},
	"webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
	"text": "WAN reachability check failed for Gateway WTH_9004-2 with serial CNXXYYZZAA to Health Check IP 52.52.253.87 on uplink inet2_inet. Default-gateway is reachable."
}

WAN VPN-Peer Unreachable

Generates an alert when the WAN VPN peer is unreachable.

 {
	"id": "AXyzbcapqrstn24BIWcc",
	"nid": 1502,
	"alert_type": "WAN_UPLINK_REACHABILITY_VPN_PEER_FAILED",
	"setting_id": "ggsswerr90254beccccaaazza05f17-1502",
	"device_id": "CNXXYYZZAA",
	"description": "WAN reachability check failed for Gateway WTH_9004-2 with serial CNXXYYZZAA to VPN peer 192.168.103.99 on uplink inet2_inet. Default-gateway is unreachable.",
	"state": "Open",
	"severity": "Critical",
	"operation": "create",
	"timestamp": 1612348217,
	"details": {
		"ip": "192.168.103.99",
		"intf_name": "inet2_inet",
		"default_gw_status": "unreachable",
		"hostname": "WTH_9004-2",
		"serial": "CNXXYYZZAA",
		"group": "36",
		"labels": [
			"8"
		],
		"time": "2021-02-03 10:30:17 UTC"
	},
	"webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
	"text": "WAN reachability check failed for Gateway WTH_9004-2 with serial CNXXYYZZAA to VPN peer 192.168.103.99 on uplink inet2_inet. Default-gateway is unreachable."
}

Tunnel Flapping

Generates an alert when the tunnel state changes frequently. In the Interface field, enter the interface name. You can add additional rule(s) for this alert.


{
  "alert_type": "WAN_TUNNEL_FLAP",
  "description": "Tunnel data-vpnc-00:1a:1e:03:83:30-link1_inet status flapped 1% on device CNXXYYZZAA for about 15 minutes since 2019-07-25 12:26:00 UTC.",
  "timestamp": 1564058460,
  "webhook": "394c7a3c-ca41-4476-8afc-857e54aa4b3b",
  "setting_id": "ggsswerr90254beccccaaazza05f17-1601",
  "state": "Open",
  "nid": 1601,
  "details": {
    "alias_map_name": "data-vpnc-00:1a:1e:03:83:30-link1_inet",
    "_rule_number": "0",
    "group": "77",
    "dst_ip": "172.168.101.9",
    "labels": "8,661",
    "src_ip": "192.168.51.254",
    "duration": "15",
    "time": "2019-07-25 12:26:00 UTC",
    "threshold": "1",
    "ds_key": "ggsswerr90254beccccaaazza05f17.CNXXYYZZAA.uplink.tunnel.flap.5m",
    "serial": "CNXXYYZZAA",
    "uplink_tag": "link1_inet",
    "unit": "%"
  },
  "operation": "create",
  "device_id": "CNXXYYZZAA",
  "id": "AXyzbcapqrstn24BIWcc",
  "severity": "Critical"
}

Uplink Flapping

Generates an alert when the uplink state changes frequently. In the Interface field, enter the interface name. You can add additional rule(s) for this alert.

{
  "alert_type": "WAN_UPLINK_FLAP",
  "description": "Uplink link1_inet link status flapped 1% on device with CNXXYYZZAA for about 15 minutes 
     since 2019-07-25 12:36:00 UTC.",
  "timestamp": 1564059060,
  "webhook": "394c7a3c-ca41-4476-8afc-857e54aa4b3b",
  "setting_id": "ggsswerr90254beccccaaazza05f17-1600",
  "state": "Open",
  "nid": 1600,
  "details": {
    "status": "DOWN",
    "_rule_number": "0",
    "group": "77",
    "labels": "8,661",
    "current_status": "UP",
    "duration": "15",
    "intf_name": "link1_inet",
    "time": "2019-07-25 12:36:00 UTC",
    "threshold": "1",
    "ds_key": "ggsswerr90254beccccaaazza05f17.CNXXYYZZAA.uplink.flap.5m",
    "serial": "CNXXYYZZAA",
    "uplink_tag": "link1_inet",
    "unit": "%"
  },
  "operation": "create",
  "device_id": "CNXXYYZZAA",
  "id": "AXyzbcapqrstn24BIWcc",
  "severity": "Critical"
}

WAN Uplink Status Change

Generates an alert when the WAN uplink status changes.

 {
	"id": "AXyzbcapqrstn24BIWcc",
	"nid": 1505,
	"alert_type": "WAN_UPLINK_STATUS_CHANGE",
	"setting_id": "ggsswerr90254beccccaaazza05f17-1505",
	"device_id": "CNXXYYZZAA",
	"description": "Uplink port inet_inet status change UP -> DOWN for device WTH-9004-3 with serial CNXXYYZZAA at 2021-02-03 11:01:35 UTC",
	"state": "Open",
	"severity": "Critical",
	"operation": "create",
	"timestamp": 1612350095,
	"details": {
		"intf_name": "inet_inet",
		"status": "UP",
		"current_status": "DOWN",
		"uplink_tag": "inet_inet",
		"hostname": "WTH-9004-3",
		"serial": "CNXXYYZZAA",
		"group": "36",
		"labels": [
			"8"
		],
		"time": "2021-02-03 11:01:35 UTC"
	},
	"webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
	"text": "Uplink port inet_inet status change UP -> DOWN for device WTH-9004-3 with serial CNXXYYZZAA at 2021-02-03 11:01:35 UTC"
}

WAN Uplink Autonegotiation State Change

Generates an alert when the WAN uplink automatic negotiation status changes.

 {
	"id": "AXyzbcapqrstn24BIWcc",
	"nid": 1506,
	"alert_type": "WAN_UPLINK_AUTONEGOTIATION_STATE_CHANGE",
	"setting_id": "ggsswerr90254beccccaaazza05f17-1506",
	"device_id": "CNXXYYZZAA",
	"description": "WAN ports autonegotiaton speed changed from 1000 Mbps to Auto Mbps for device WTH-9004-3 with serial CNXXYYZZAA for uplink GE0/0/1 at 2021-02-03 11:02:35 UTC",
	"state": "Open",
	"severity": "Critical",
	"operation": "create",
	"timestamp": 1612350155,
	"details": {
		"intf_name": "GE0/0/1",
		"speed": "1000",
		"new_speed": "Auto",
		"hostname": "WTH-9004-3",
		"serial": "CNXXYYZZAA",
		"group": "36",
		"labels": [
			"8"
		],
		"time": "2021-02-03 11:02:35 UTC"
	},
	"webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
	"text": "WAN ports autonegotiaton speed changed from 1000 Mbps to Auto Mbps for device WTH-9004-3 with serial CNXXYYZZAA for uplink GE0/0/1 at 2021-02-03 11:02:35 UTC"
}

IPSec Establishment Failure

Generates an alert when the IPsec tunnel fails to establish.

 {
	"id": "AXyzbcapqrstn24BIWcc",
	"nid": 1550,
	"alert_type": "WAN_IPSEC_SA_ESTABILSHMENT_FAILED",
	"setting_id": "ggsswerr90254beccccaaazza05f17-1550",
	"device_id": "CNXXYYZZAA",
	"description": "IPSec Tunnel Establishment from 192.168.36.10 to 192.168.103.99 failed on device WTH-9004-3 with serial CNXXYYZZAA at 2021-02-02 13:17:20 UTC",
	"state": "Open",
	"severity": "Critical",
	"operation": "create",
	"timestamp": 1612271840,
	"details": {
		"src_ip": "192.168.36.10",
		"dst_ip": "192.168.103.99",
		"alias_map_name": "WTH-9004-3:inet_inet::GSK_VPNC2:vlan103",
		"link_tag": "inet_inet",
		"hostname": "WTH-9004-3",
		"serial": "CNXXYYZZAA",
		"group": "36",
		"labels": [
			"8"
		],
		"time": "2021-02-02 13:17:20 UTC"
	},
	"webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
	"text": "IPSec Tunnel Establishment from 192.168.36.10 to 192.168.103.99 failed on device WTH-9004-3 with serial CNXXYYZZAA at 2021-02-02 13:17:20 UTC"
}

IPSec SA Down

Generates an alert when the IPsec SA is down.

 {
	"id": "AXyzbcapqrstn24BIWcc",
	"nid": 1551,
	"alert_type": "WAN_IPSEC_SA_DOWN",
	"setting_id": "ggsswerr90254beccccaaazza05f17-1551",
	"device_id": "CNXXYYZZAA",
	"description": "IPSec tunnel WTH_9004-1:inet2_inet::GSK_VPNC2:vlan103 from 192.168.31.10 to 192.168.103.99 is DOWN on device WTH_9004-1 with serial CNXXYYZZAA.  Reason: Administrator cleared IPSEC SA at 2021-02-02 13:14:11 UTC",
	"state": "Open",
	"severity": "Critical",
	"operation": "create",
	"timestamp": 1612271651,
	"details": {
		"src_ip": "192.168.31.10",
		"dst_ip": "192.168.103.99",
		"reason": "Administrator cleared IPSEC SA",
		"alias_map_name": "WTH_9004-1:inet2_inet::GSK_VPNC2:vlan103",
		"uplink_tag": "inet2_inet",
		"hostname": "WTH_9004-1",
		"serial": "CNXXYYZZAA",
		"group": "36",
		"labels": [
			"8"
		],
		"time": "2021-02-02 13:14:11 UTC"
	},
	"webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
	"text": "IPSec tunnel WTH_9004-1:inet2_inet::GSK_VPNC2:vlan103 from 192.168.31.10 to 192.168.103.99 is DOWN on device WTH_9004-1 with serial CNXXYYZZAA.  Reason: Administrator cleared IPSEC SA at 2021-02-02 13:14:11 UTC"
}

All IPSec SAs Down

Generates an alert when all the IPsec SAs are down.

 {
	"id": "AXdi4Qoyo68tULajRUzs",
	"nid": 1552,
	"alert_type": "WAN_IPSEC_SA_ALL_DOWN",
	"setting_id": "ggsswerr90254beccccaaazza05f17-1552",
	"device_id": "CNXXYYZZAA",
	"description": "All IPSec SAs down for device WTH_9004-1 with serial CNXXYYZZAA at 2021-02-02 13:14:11 UTC",
	"state": "Open",
	"severity": "Critical",
	"operation": "create",
	"timestamp": 1612271651,
	"details": {
		"hostname": "WTH_9004-1",
		"serial": "CNXXYYZZAA",
		"group": "36",
		"labels": [
			"8"
		],
		"time": "2021-02-02 13:14:11 UTC"
	},
	"webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
	"text": "All IPSec SAs down for device WTH_9004-1 with serial CNXXYYZZAA at 2021-02-02 13:14:11 UTC"
}

CFG-SET Advertisement Failure

Generates an alert when the CFG-SET advertisement fails.

 {
	"id": "AXyzbcapqrstn24BIWcc",
	"nid": 1554,
	"alert_type": "CFG_SET_ADVERTISEMENT_FAILURE",
	"setting_id": "ggsswerr90254beccccaaazza05f17-1554",
	"device_id": "CNXXYYZZAA",
	"description": "CFG-Set advertisement failure for Gateway CNXXYYZZAA with serial BIM0010001 on tunnel default-local-vpnip-data-ipsecmap-00:1a:1e:04:27:48-link6 from 10.1.1.1 to 200.1.1.6",
	"state": "Open",
	"severity": "Critical",
	"operation": "create",
	"timestamp": 1612351819,
	"details": {
		"src_ip": "10.1.1.1",
		"dst_ip": "200.1.1.6",
		"alias_map_name": "default-local-vpnip-data-ipsecmap-00:1a:1e:04:27:48-link6",
		"map_name": "default-local-vpnip-data-ipsecmap-00:1a:1e:04:27:48-link6",
		"hostname": "CNXXYYZZAA",
		"serial": "CNXXYYZZAA",
		"group": "0",
		"labels": [],
		"time": "2021-02-03 11:30:19 UTC"
	},
	"webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
	"text": "CFG-Set advertisement failure for Gateway BIM0010001 with serial CNXXYYZZAA on tunnel default-local-vpnip-data-ipsecmap-00:1a:1e:04:27:48-link6 from 10.1.1.1 to 200.1.1.6"
}

VGW VM Down

Generates an alert when an Aruba Virtual Gateway deployed as a Virtual Machine is down.

 {
  "id": "AXyzbcapqrstn24BIWcc",
  "nid": 1702,
  "alert_type": "VGW_HEALTH_STATE_CHANGE_DETECTED",
  "setting_id": "ggsswerr90254beccccaaazza05f17-1702",
  "device_id": "CNXXYYZZAA",
  "description": "VGW VM DOWN -- User: [email protected] Cloud-Account: Test Cloud-Provider: Azure Region-Id: canadacentral VPC-Id: /karan_res_canada/canadavnet VM-Id: /subscriptions/2bf1e338-5361-470d-bcba-78c50b2b7f16/resourceGroups/karan_res_canada/providers/Microsoft.Compute/virtualMachines/ArubaVGW-92-1A-3A Serial-Number: CNXXYYZZAA Mac-Address: 02:1A:1E:92:1A:3A",
  "state": "Open",
  "severity": "Major",
  "operation": "create",
  "timestamp": 1612782698,
  "details": {
    "account_id": "4454656d9-asdf-wert-8ss0-3erarq23e4be",
    "mac": "02:1A:1E:92:1A:3A",
    "serial": "CNXXYYZZAA",
    "vm_id": "/subscriptions/2bf1e338-5361-470d-bcba-78c50b2b7f16/resourceGroups/karan_res_canada/providers/Microsoft.Compute/virtualMachines/ArubaVGW-92-1A-3A",
    "account_name": "Test",
    "region_id": "canadacentral",
    "customer_name": "[email protected]",
    "health": "DOWN",
    "vpc_id": "/karan_res_canada/canadavnet",
    "provider_name": "Azure",
    "customer_id": "ggsswerr90254beccccaaazza05f17",
    "time": "2021-02-08 11:11:38 UTC"
  },
  "webhook": "5cbc87e4-9eb5-45d2-b890-b21db89ca5b4",
  "text": "VGW VM DOWN -- User: [email protected] Cloud-Account: Test Cloud-Provider: Azure Region-Id: canadacentral VPC-Id: /karan_res_canada/canadavnet VM-Id: /subscriptions/2bf1e338-5361-470d-bcba-78c50b2b7f16/resourceGroups/karan_res_canada/providers/Microsoft.Compute/virtualMachines/ArubaVGW-92-1A-3A Serial-Number: CNXXYYZZAA Mac-Address: 02:1A:1E:92:1A:3A"
}

Gateway IDS/IPS Engine Error State

Generates an alert when the Gateway’s IDS/IPS Engine state is either crashed or stopped. A severity of Critical indicates that the engine has crashed and Major indicates that the engine has stopped.

 {
  "id": "AXyzbcapqrstn24BIWcc",
  "nid": 2301,
  "alert_type": "GW_IDS_IPS_ENGINE_ERROR_STATE_ALERT",
  "setting_id": "ggsswerr90254beccccaaazza05f17-2301",
  "device_id": "CNXXYYZZAA",
  "description": "IDS/IPS engine on Gateway WTH_9004-1 with serial CNXXYYZZAA has moved to an error (Stopped) state.",
  "state": "Close",
  "severity": "Critical",
  "operation": "update",
  "timestamp": 1612407706,
  "details": {
    "serial": "CNXXYYZZAA",
    "hostname": "WTH_9004-1",
    "state": "Stopped",
    "time": "2021-02-04 03:00:23 UTC"
  },
  "webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
  "text": "IDS/IPS engine on Gateway WTH_9004-1 with serial CNXXYYZZAA has moved to an error (Stopped) state."
}

Gateway IDS IPS Engine CPU Utilization

Generates an alert when the CPU utilization by IDS/IPS engine exceeds the threshold value and duration. You can add additional rule(s) for this alert.

 {
  "id": "AXyzbcapqrstn24BIWcc",
  "nid": 2302,
  "alert_type": "GW_IDS_IPS_ENGINE_CPU_OVER_UTILIZATION",
  "setting_id": "ggsswerr90254beccccaaazza05f17-2302",
  "device_id": "CNXXYYZZAA",
  "description": "CPU utilization for IDS/IPS engine on Gateway WTH_9004-2 with serial CNXXYYZZAA has been above 10% for about 11 minutes since 2021-02-04 02:43:01 UTC.",
  "state": "Open",
  "severity": "Critical",
  "operation": "create",
  "timestamp": 1612407241,
  "details": {
    "name": "WTH_9004-2",
    "unit": "%",
    "serial": "CNXXYYZZAA",
    "group": "36",
    "labels": "8",
    "_rule_number": "0",
    "ds_key": "ggsswerr90254beccccaaazza05f17.CNXXYYZZAA.idps.cpu.5m",
    "duration": "11",
    "threshold": "10",
    "time": "2021-02-04 02:43:01 UTC"
  },
  "webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
  "text": "CPU utilization for IDS/IPS engine on Gateway WTH_9004-2 with serial CNXXYYZZAA has been above 10% for about 11 minutes since 2021-02-04 02:43:01 UTC."
}

Gateway IDS IPS Engine Memory Utilization

Generates an alert when the memory utilization exceeds the threshold value and duration. You can add additional rule(s) for this alert.

 {
  "id": "AXyzbcapqrstn24BIWcc",
  "nid": 2303,
  "alert_type": "GW_IDS_IPS_ENGINE_MEMORY_OVER_UTILIZATION",
  "setting_id": "ggsswerr90254beccccaaazza05f17-2303",
  "device_id": "CNXXYYZZAA",
  "description": "Memory utilization for IDS/IPS engine on Gateway WTH_9004-2 with serial CNJJKLB0HB has been above 2% for about 5 minutes since 2021-02-04 02:49:00 UTC.",
  "state": "Open",
  "severity": "Minor",
  "operation": "create",
  "timestamp": 1612407240,
  "details": {
    "name": "WTH_9004-2",
    "unit": "%",
    "serial": "CNXXYYZZAA",
    "group": "36",
    "labels": "8",
    "_rule_number": "0",
    "ds_key": "ggsswerr90254beccccaaazza05f17.CNXXYYZZAA.idps.mem.5m",
    "duration": "5",
    "threshold": "2",
    "time": "2021-02-04 02:49:00 UTC"
  },
  "webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
  "text": "Memory utilization for IDS/IPS engine on Gateway WTH_9004-2 with serial CNXXYYZZAA has been above 2% for about 5 minutes since 2021-02-04 02:49:00 UTC."
}

Gateway IDS IPS Engine Packer Dropped Detected

Generates an alert every time when the number of packets dropped exceeds the configured threshold value

 {
  "id": "AXyzbcapqrstn24BIWcc",
  "nid": 2304,
  "alert_type": "GW_IDS_IPS_ENGINE_PACKET_DROPPED_DETECTED",
  "setting_id": "ggsswerr90254beccccaaazza05f17-2304",
  "device_id": "CNXXYYZZAA",
  "description": "Packet drop for IDS/IPS engine on Gateway CSIM_CNXXYYZZAA with serial CNXXYYZZAA has been above 75% for about 5 minutes since 2021-02-04 07:22:15 UTC.",
  "state": "Open",
  "severity": "Minor",
  "operation": "create",
  "timestamp": 1612423635,
  "details": {
    "name": "CSIM_CNXXYYZZAA",
    "serial": "CNXXYYZZAA",
    "threshold": "75",
    "duration": "5",
    "time": "2021-02-04 07:22:15 UTC"
  },
  "webhook": "a82456c8-1402-4fe1-a195-0131e6b392ee",
  "text": "Packet drop for IDS/IPS engine on Gateway CSIM_CNXXYYZZAA with serial CNXXYYZZAA has been above 75% for about 5 minutes since 2021-02-04 07:22:15 UTC."
}

Updated 3 months ago


Gateway Alerts


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.