Threshold of error packets rate for warning trigger. Can be used with interface name as context.

Threshold of interface bandwidth utilization for warning trigger in %. Can be used with interface name as context.

Macro for operational state of the interface for link down trigger. Can be used with interface name as context.

This macro is used in filters of network interfaces discovery rule.

Ignore down(2) administrative status.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

Ignore notPresent(6).

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

The time interval for SNMP availability trigger.

Threshold of state table utilization trigger in %.

Threshold of source tracking table utilization trigger in %.

Discovering interfaces from IF-MIB.

MIB: BEGEMOT-PF-MIB

SNMP walk through pfInterfacesIfTable. The collected data used in network interfaces LLD for dependent item prototypes.

Preprocessing

• SNMP walk to JSON

MIB: HOST-RESOURCES-MIB

SNMP walk through hrSWRunTable. The collected data used in dependent service status items.

Preprocessing

• SNMP walk to JSON

MIB: BEGEMOT-PF-MIB

SNMP walk through pfCounter. The collected data used in dependent pf counter items.

Availability of SNMP checks on the host. The value of this item corresponds to availability icons in the host list.

Possible values:

0 - not available

1 - available

2 - unknown

MIB: BEGEMOT-PF-MIB

True if packet filter is currently enabled.

MIB: BEGEMOT-PF-MIB

Number of entries in the state table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'keep state' rules in the ruleset.

Utilization of state table in %.

MIB: BEGEMOT-PF-MIB

Number of entries in the source tracking table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'sticky-address' or 'source-track' rules in the ruleset.

Utilization of source tracking table in %.

MIB: HOST-RESOURCES-MIB

The status of DHCP server process.

Preprocessing

• JSON Path: $[?(@.hrSWRunName == 'dhcpd')].hrSWRunStatus.first()

  ⛔️Custom on fail: Set value to: 0

MIB: HOST-RESOURCES-MIB

The status of DNS server process.

Preprocessing

• JSON Path: $[?(@.hrSWRunName == 'unbound')].hrSWRunStatus.first()

  ⛔️Custom on fail: Set value to: 0

MIB: HOST-RESOURCES-MIB

The status of nginx process.

Preprocessing

• JSON Path: $[?(@.hrSWRunName == 'nginx')].hrSWRunStatus.first()

  ⛔️Custom on fail: Set value to: 0

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.1.0

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.2.0

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.3.0

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.4.0

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.5.0

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.6.0

• Change per second

MIB: BEGEMOT-PF-MIB

The number of labeled filter rules on this system.

SNMP is not available for polling. Please check device connectivity and SNMP settings.

Please check PF status.

Please check the number of connections https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#config-advanced-firewall-maxstates

Please check the number of sticky connections https://docs.netgate.com/pfsense/en/latest/monitoring/status/firewall-states-sources.html

Please check DHCP server settings https://docs.netgate.com/pfsense/en/latest/services/dhcp/index.html

Please check DNS server settings https://docs.netgate.com/pfsense/en/latest/services/dns/index.html

Please check nginx service status.

Discovering interfaces from IF-MIB.

Preprocessing

• SNMP walk to JSON

• Discard unchanged with heartbeat: 1h

MIB: IF-MIB

The number of inbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.13.{#SNMPINDEX}

• Change per second:

MIB: IF-MIB

For packet-oriented interfaces, the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of inbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.14.{#SNMPINDEX}

• Change per second:

MIB: IF-MIB

The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifInOctets. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.31.1.1.1.6.{#SNMPINDEX}

• Change per second:

• Custom multiplier: 8

MIB: IF-MIB

The number of outbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.19.{#SNMPINDEX}

• Change per second:

MIB: IF-MIB

For packet-oriented interfaces, the number of outbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of outbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.20.{#SNMPINDEX}

• Change per second:

MIB: IF-MIB

The total number of octets transmitted out of the interface, including framing characters. This object is a 64-bit version of ifOutOctets.Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.31.1.1.1.10.{#SNMPINDEX}

• Change per second:

• Custom multiplier: 8

MIB: IF-MIB

An estimate of the interface's current bandwidth in units of 1,000,000 bits per second. If this object reports a value of n' then the speed of the interface is somewhere in the range of n-500,000' to`n+499,999'. For interfaces which do not vary in bandwidth or for those where no accurate estimation can be made, this object should contain the nominal bandwidth. For a sub-layer which has no concept of bandwidth, this object should be zero.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.31.1.1.1.15.{#SNMPINDEX}

• Custom multiplier: 1000000

• Discard unchanged with heartbeat: 1h

MIB: IF-MIB

The current operational state of the interface.

- The testing(3) state indicates that no operational packet scan be passed

- If ifAdminStatus is down(2) then ifOperStatus should be down(2)

- If ifAdminStatus is changed to up(1) then ifOperStatus should change to up(1) if the interface is ready to transmit and receive network traffic

- It should change todormant(5) if the interface is waiting for external actions (such as a serial line waiting for an incoming connection)

- It should remain in the down(2) state if and only if there is a fault that prevents it from going to the up(1) state

- It should remain in the notPresent(6) state if the interface has missing(typically, hardware) components.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.8.{#SNMPINDEX}

• Discard unchanged with heartbeat: 6h

MIB: IF-MIB

The type of interface.

Additional values for ifType are assigned by the Internet Assigned Numbers Authority (IANA),

through updating the syntax of the IANAifType textual convention.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.3.{#SNMPINDEX}

• Discard unchanged with heartbeat: 6h

MIB: BEGEMOT-PF-MIB

The number of rules referencing this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

It recovers when it is below 80% of the {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The utilization of the network interface is close to its estimated maximum bandwidth.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

It recovers when it is below 80% of the {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The utilization of the network interface is close to its estimated maximum bandwidth.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This Ethernet connection has transitioned down from its known maximum speed. This might be a sign of autonegotiation issues. Acknowledge to close the problem manually.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This trigger expression works as follows:
1. It can be triggered if the operations status is down.
2. { $IFCONTROL:"{#IFNAME}" }=1 - a user can redefine context macro to value - 0. That marks this interface as not important. No new trigger will be fired if this interface is down.

Threshold of error packets rate for warning trigger. Can be used with interface name as context.

Threshold of interface bandwidth utilization for warning trigger in %. Can be used with interface name as context.

Macro for operational state of the interface for link down trigger. Can be used with interface name as context.

This macro is used in filters of network interfaces discovery rule.

Ignore down(2) administrative status.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

Ignore notPresent(6).

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

The time interval for SNMP availability trigger.

Threshold of state table utilization trigger in %.

Threshold of source tracking table utilization trigger in %.

Availability of SNMP checks on the host. The value of this item corresponds to availability icons in the host list.

Possible values:

0 - not available

1 - available

2 - unknown

MIB: BEGEMOT-PF-MIB

True if packet filter is currently enabled.

MIB: BEGEMOT-PF-MIB

Number of entries in the state table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'keep state' rules in the ruleset.

Utilization of state table in %.

MIB: BEGEMOT-PF-MIB

Number of entries in the source tracking table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'sticky-address' or 'source-track' rules in the ruleset.

Utilization of source tracking table in %.

MIB: HOST-RESOURCES-MIB

The status of DHCP server process.

Preprocessing

• Check for not supported value: any error

  ⛔️Custom on fail: Set value to: 0

MIB: HOST-RESOURCES-MIB

The status of DNS server process.

Preprocessing

• Check for not supported value: any error

  ⛔️Custom on fail: Set value to: 0

MIB: HOST-RESOURCES-MIB

The status of nginx process.

Preprocessing

• Check for not supported value: any error

  ⛔️Custom on fail: Set value to: 0

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of labeled filter rules on this system.

SNMP is not available for polling. Please check device connectivity and SNMP settings.

Please check PF status.

Please check the number of connections https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#config-advanced-firewall-maxstates

Please check the number of sticky connections https://docs.netgate.com/pfsense/en/latest/monitoring/status/firewall-states-sources.html

Please check DHCP server settings https://docs.netgate.com/pfsense/en/latest/services/dhcp/index.html

Please check DNS server settings https://docs.netgate.com/pfsense/en/latest/services/dns/index.html

Please check nginx service status.

Discovering interfaces from IF-MIB.

MIB: IF-MIB

The number of inbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

For packet-oriented interfaces, the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of inbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifInOctets. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

• Custom multiplier: 8

MIB: IF-MIB

The number of outbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

For packet-oriented interfaces, the number of outbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of outbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

The total number of octets transmitted out of the interface, including framing characters. This object is a 64-bit version of ifOutOctets.Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

• Custom multiplier: 8

MIB: IF-MIB

An estimate of the interface's current bandwidth in units of 1,000,000 bits per second. If this object reports a value of n' then the speed of the interface is somewhere in the range of n-500,000' to`n+499,999'. For interfaces which do not vary in bandwidth or for those where no accurate estimation can be made, this object should contain the nominal bandwidth. For a sub-layer which has no concept of bandwidth, this object should be zero.

Preprocessing

• Custom multiplier: 1000000

• Discard unchanged with heartbeat: 1h

MIB: IF-MIB

The current operational state of the interface.

- The testing(3) state indicates that no operational packet scan be passed

- If ifAdminStatus is down(2) then ifOperStatus should be down(2)

- If ifAdminStatus is changed to up(1) then ifOperStatus should change to up(1) if the interface is ready to transmit and receive network traffic

- It should change todormant(5) if the interface is waiting for external actions (such as a serial line waiting for an incoming connection)

- It should remain in the down(2) state if and only if there is a fault that prevents it from going to the up(1) state

- It should remain in the notPresent(6) state if the interface has missing(typically, hardware) components.

Preprocessing

• Discard unchanged with heartbeat: 6h

MIB: IF-MIB

The type of interface.

Additional values for ifType are assigned by the Internet Assigned Numbers Authority (IANA),

through updating the syntax of the IANAifType textual convention.

Preprocessing

• Discard unchanged with heartbeat: 6h

MIB: BEGEMOT-PF-MIB

The number of rules referencing this interface.

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed going out on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked going out on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed going out on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked going out on this interface.

Preprocessing

• Change per second

It recovers when it is below 80% of the {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The utilization of the network interface is close to its estimated maximum bandwidth.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

It recovers when it is below 80% of the {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The utilization of the network interface is close to its estimated maximum bandwidth.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This Ethernet connection has transitioned down from its known maximum speed. This might be a sign of autonegotiation issues. Acknowledge to close the problem manually.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This trigger expression works as follows:
1. It can be triggered if the operations status is down.
2. {$IFCONTROL:"{#IFNAME}"}=1 - a user can redefine context macro to value - 0. That marks this interface as not important. No new trigger will be fired if this interface is down.

Threshold of error packets rate for warning trigger. Can be used with interface name as context.

Threshold of interface bandwidth utilization for warning trigger in %. Can be used with interface name as context.

Macro for operational state of the interface for link down trigger. Can be used with interface name as context.

This macro is used in filters of network interfaces discovery rule.

Ignore down(2) administrative status.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

Ignore notPresent(6).

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

The time interval for SNMP availability trigger.

Threshold of state table utilization trigger in %.

Threshold of source tracking table utilization trigger in %.

Discovering interfaces from IF-MIB.

MIB: BEGEMOT-PF-MIB

SNMP walk through pfInterfacesIfTable. The collected data used in network interfaces LLD for dependent item prototypes.

Preprocessing

• SNMP walk to JSON

MIB: HOST-RESOURCES-MIB

SNMP walk through hrSWRunTable. The collected data used in dependent service status items.

Preprocessing

• SNMP walk to JSON

MIB: BEGEMOT-PF-MIB

SNMP walk through pfCounter. The collected data used in dependent pf counter items.

Availability of SNMP checks on the host. The value of this item corresponds to availability icons in the host list.

Possible values:

0 - not available

1 - available

2 - unknown

MIB: BEGEMOT-PF-MIB

True if packet filter is currently enabled.

MIB: BEGEMOT-PF-MIB

Number of entries in the state table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'keep state' rules in the ruleset.

Utilization of state table in %.

MIB: BEGEMOT-PF-MIB

Number of entries in the source tracking table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'sticky-address' or 'source-track' rules in the ruleset.

Utilization of source tracking table in %.

MIB: HOST-RESOURCES-MIB

The status of DHCP server process.

Preprocessing

• JSON Path: $[?(@.hrSWRunName == 'dhcpd')].hrSWRunStatus.first()

  ⛔️Custom on fail: Set value to: 0

MIB: HOST-RESOURCES-MIB

The status of DNS server process.

Preprocessing

• JSON Path: $[?(@.hrSWRunName == 'unbound')].hrSWRunStatus.first()

  ⛔️Custom on fail: Set value to: 0

MIB: HOST-RESOURCES-MIB

The status of nginx process.

Preprocessing

• JSON Path: $[?(@.hrSWRunName == 'nginx')].hrSWRunStatus.first()

  ⛔️Custom on fail: Set value to: 0

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.1.0

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.2.0

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.3.0

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.4.0

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.5.0

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• SNMP walk value: 1.3.6.1.4.1.12325.1.200.1.2.6.0

• Change per second

MIB: BEGEMOT-PF-MIB

The number of labeled filter rules on this system.

SNMP is not available for polling. Please check device connectivity and SNMP settings.

Please check PF status.

Please check the number of connections https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#config-advanced-firewall-maxstates

Please check the number of sticky connections https://docs.netgate.com/pfsense/en/latest/monitoring/status/firewall-states-sources.html

Please check DHCP server settings https://docs.netgate.com/pfsense/en/latest/services/dhcp/index.html

Please check DNS server settings https://docs.netgate.com/pfsense/en/latest/services/dns/index.html

Please check nginx service status.

Discovering interfaces from IF-MIB.

Preprocessing

• SNMP walk to JSON

• Discard unchanged with heartbeat: 1h

MIB: IF-MIB

The number of inbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.13.{#SNMPINDEX}

• Change per second:

MIB: IF-MIB

For packet-oriented interfaces, the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of inbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.14.{#SNMPINDEX}

• Change per second:

MIB: IF-MIB

The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifInOctets. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.31.1.1.1.6.{#SNMPINDEX}

• Change per second:

• Custom multiplier: 8

MIB: IF-MIB

The number of outbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.19.{#SNMPINDEX}

• Change per second:

MIB: IF-MIB

For packet-oriented interfaces, the number of outbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of outbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.20.{#SNMPINDEX}

• Change per second:

MIB: IF-MIB

The total number of octets transmitted out of the interface, including framing characters. This object is a 64-bit version of ifOutOctets.Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.31.1.1.1.10.{#SNMPINDEX}

• Change per second:

• Custom multiplier: 8

MIB: IF-MIB

An estimate of the interface's current bandwidth in units of 1,000,000 bits per second. If this object reports a value of n' then the speed of the interface is somewhere in the range of n-500,000' to`n+499,999'. For interfaces which do not vary in bandwidth or for those where no accurate estimation can be made, this object should contain the nominal bandwidth. For a sub-layer which has no concept of bandwidth, this object should be zero.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.31.1.1.1.15.{#SNMPINDEX}

• Custom multiplier: 1000000

• Discard unchanged with heartbeat: 1h

MIB: IF-MIB

The current operational state of the interface.

- The testing(3) state indicates that no operational packet scan be passed

- If ifAdminStatus is down(2) then ifOperStatus should be down(2)

- If ifAdminStatus is changed to up(1) then ifOperStatus should change to up(1) if the interface is ready to transmit and receive network traffic

- It should change todormant(5) if the interface is waiting for external actions (such as a serial line waiting for an incoming connection)

- It should remain in the down(2) state if and only if there is a fault that prevents it from going to the up(1) state

- It should remain in the notPresent(6) state if the interface has missing(typically, hardware) components.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.8.{#SNMPINDEX}

• Discard unchanged with heartbeat: 6h

MIB: IF-MIB

The type of interface.

Additional values for ifType are assigned by the Internet Assigned Numbers Authority (IANA),

through updating the syntax of the IANAifType textual convention.

Preprocessing

• SNMP walk value: 1.3.6.1.2.1.2.2.1.3.{#SNMPINDEX}

• Discard unchanged with heartbeat: 6h

MIB: BEGEMOT-PF-MIB

The number of rules referencing this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked coming in on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked going out on this interface.

Preprocessing

• JSON Path: The text is too long. Please see the template.

• Change per second

It recovers when it is below 80% of the {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The utilization of the network interface is close to its estimated maximum bandwidth.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

It recovers when it is below 80% of the {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The utilization of the network interface is close to its estimated maximum bandwidth.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This Ethernet connection has transitioned down from its known maximum speed. This might be a sign of autonegotiation issues. Acknowledge to close the problem manually.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This trigger expression works as follows:
1. It can be triggered if the operations status is down.
2. { $IFCONTROL:"{#IFNAME}" }=1 - a user can redefine context macro to value - 0. That marks this interface as not important. No new trigger will be fired if this interface is down.

Threshold of error packets rate for warning trigger. Can be used with interface name as context.

Threshold of interface bandwidth utilization for warning trigger in %. Can be used with interface name as context.

Macro for operational state of the interface for link down trigger. Can be used with interface name as context.

This macro is used in filters of network interfaces discovery rule.

Ignore down(2) administrative status.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

Ignore notPresent(6).

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

The time interval for SNMP availability trigger.

Threshold of state table utilization trigger in %.

Threshold of source tracking table utilization trigger in %.

Availability of SNMP checks on the host. The value of this item corresponds to availability icons in the host list.

Possible value:

0 - not available

1 - available

2 - unknown

MIB: BEGEMOT-PF-MIB

True if packet filter is currently enabled.

MIB: BEGEMOT-PF-MIB

Number of entries in the state table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'keep state' rules in the ruleset.

Utilization of state table in %.

MIB: BEGEMOT-PF-MIB

Number of entries in the source tracking table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'sticky-address' or 'source-track' rules in the ruleset.

Utilization of source tracking table in %.

MIB: HOST-RESOURCES-MIB

The status of DHCP server process.

Preprocessing

• Check for not supported value:

  ⛔️Custom on fail: Set value to: 0

MIB: HOST-RESOURCES-MIB

The status of DNS server process.

Preprocessing

• Check for not supported value:

  ⛔️Custom on fail: Set value to: 0

MIB: HOST-RESOURCES-MIB

The status of nginx process.

Preprocessing

• Check for not supported value:

  ⛔️Custom on fail: Set value to: 0

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of labeled filter rules on this system.

SNMP is not available for polling. Please check device connectivity and SNMP settings.

Please check PF status.

Please check the number of connections https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#config-advanced-firewall-maxstates

Please check the number of sticky connections https://docs.netgate.com/pfsense/en/latest/monitoring/status/firewall-states-sources.html

Please check DHCP server settings https://docs.netgate.com/pfsense/en/latest/services/dhcp/index.html

Please check DNS server settings https://docs.netgate.com/pfsense/en/latest/services/dns/index.html

Please check nginx service status.

Discovering interfaces from IF-MIB.

MIB: IF-MIB

The number of inbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

For packet-oriented interfaces, the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of inbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifInOctets. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

• Custom multiplier: 8

MIB: IF-MIB

The number of outbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

For packet-oriented interfaces, the number of outbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of outbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

The total number of octets transmitted out of the interface, including framing characters. This object is a 64-bit version of ifOutOctets.Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

• Custom multiplier: 8

MIB: IF-MIB

An estimate of the interface's current bandwidth in units of 1,000,000 bits per second. If this object reports a value of n' then the speed of the interface is somewhere in the range of n-500,000' to`n+499,999'. For interfaces which do not vary in bandwidth or for those where no accurate estimation can be made, this object should contain the nominal bandwidth. For a sub-layer which has no concept of bandwidth, this object should be zero.

Preprocessing

• Custom multiplier: 1000000

• Discard unchanged with heartbeat: 1h

MIB: IF-MIB

The current operational state of the interface.

- The testing(3) state indicates that no operational packet scan be passed

- If ifAdminStatus is down(2) then ifOperStatus should be down(2)

- If ifAdminStatus is changed to up(1) then ifOperStatus should change to up(1) if the interface is ready to transmit and receive network traffic

- It should change todormant(5) if the interface is waiting for external actions (such as a serial line waiting for an incoming connection)

- It should remain in the down(2) state if and only if there is a fault that prevents it from going to the up(1) state

- It should remain in the notPresent(6) state if the interface has missing(typically, hardware) components.

Preprocessing

• Discard unchanged with heartbeat: 6h

MIB: IF-MIB

The type of interface.

Additional values for ifType are assigned by the Internet Assigned Numbers Authority (IANA),

through updating the syntax of the IANAifType textual convention.

Preprocessing

• Discard unchanged with heartbeat: 6h

MIB: BEGEMOT-PF-MIB

The number of rules referencing this interface.

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed going out on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked going out on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed going out on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked going out on this interface.

Preprocessing

• Change per second

It recovers when it is below 80% of the {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The utilization of the network interface is close to its estimated maximum bandwidth.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

It recovers when it is below 80% of the {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The utilization of the network interface is close to its estimated maximum bandwidth.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This Ethernet connection has transitioned down from its known maximum speed. This might be a sign of autonegotiation issues. Acknowledge to close the problem manually.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This trigger expression works as follows:
1. It can be triggered if the operations status is down.
2. {$IFCONTROL:"{#IFNAME}"}=1 - a user can redefine context macro to value - 0. That marks this interface as not important. No new trigger will be fired if this interface is down.

Threshold of error packets rate for warning trigger. Can be used with interface name as context.

Threshold of interface bandwidth utilization for warning trigger in %. Can be used with interface name as context.

Macro for operational state of the interface for link down trigger. Can be used with interface name as context.

This macro is used in filters of network interfaces discovery rule.

Ignore down(2) administrative status

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

Ignore notPresent(6)

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

The time interval for SNMP availability trigger.

Threshold of source tracking table utilization trigger in %.

Threshold of state table utilization trigger in %.

Discovering interfaces from IF-MIB.

Filter:

- {#IFADMINSTATUS} MATCHES_REGEX {$NET.IF.IFADMINSTATUS.MATCHES}

- {#IFADMINSTATUS} NOT_MATCHES_REGEX {$NET.IF.IFADMINSTATUS.NOT_MATCHES}

- {#IFOPERSTATUS} MATCHES_REGEX {$NET.IF.IFOPERSTATUS.MATCHES}

- {#IFOPERSTATUS} NOT_MATCHES_REGEX {$NET.IF.IFOPERSTATUS.NOT_MATCHES}

- {#IFNAME} MATCHES_REGEX @Network interfaces for discovery

- {#IFNAME} NOT_MATCHES_REGEX {$NET.IF.IFNAME.NOT_MATCHES}

- {#IFDESCR} MATCHES_REGEX {$NET.IF.IFDESCR.MATCHES}

- {#IFDESCR} NOT_MATCHES_REGEX {$NET.IF.IFDESCR.NOT_MATCHES}

- {#IFALIAS} MATCHES_REGEX {$NET.IF.IFALIAS.MATCHES}

- {#IFALIAS} NOT_MATCHES_REGEX {$NET.IF.IFALIAS.NOT_MATCHES}

- {#IFTYPE} MATCHES_REGEX {$NET.IF.IFTYPE.MATCHES}

- {#IFTYPE} NOT_MATCHES_REGEX {$NET.IF.IFTYPE.NOT_MATCHES}

MIB: IF-MIB

The number of inbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

MIB: IF-MIB

For packet-oriented interfaces, the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of inbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

MIB: IF-MIB

The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifInOctets. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

- MULTIPLIER: 8

MIB: IF-MIB

The number of outbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

MIB: IF-MIB

For packet-oriented interfaces, the number of outbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of outbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

MIB: IF-MIB

The total number of octets transmitted out of the interface, including framing characters. This object is a 64-bit version of ifOutOctets.Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

- MULTIPLIER: 8

MIB: IF-MIB

An estimate of the interface's current bandwidth in units of 1,000,000 bits per second. If this object reports a value of n' then the speed of the interface is somewhere in the range of n-500,000' to`n+499,999'. For interfaces which do not vary in bandwidth or for those where no accurate estimation can be made, this object should contain the nominal bandwidth. For a sub-layer which has no concept of bandwidth, this object should be zero.

Preprocessing:

- MULTIPLIER: 1000000

- DISCARD_UNCHANGED_HEARTBEAT: 1h

MIB: IF-MIB

The current operational state of the interface.

- The testing(3) state indicates that no operational packet scan be passed

- If ifAdminStatus is down(2) then ifOperStatus should be down(2)

- If ifAdminStatus is changed to up(1) then ifOperStatus should change to up(1) if the interface is ready to transmit and receive network traffic

- It should change todormant(5) if the interface is waiting for external actions (such as a serial line waiting for an incoming connection)

- It should remain in the down(2) state if and only if there is a fault that prevents it from going to the up(1) state

- It should remain in the notPresent(6) state if the interface has missing(typically, hardware) components.

Preprocessing:

- DISCARD_UNCHANGED_HEARTBEAT: 6h

MIB: IF-MIB

The type of interface.

Additional values for ifType are assigned by the Internet Assigned Numbers Authority (IANA),

through updating the syntax of the IANAifType textual convention.

Preprocessing:

- DISCARD_UNCHANGED_HEARTBEAT: 6h

MIB: BEGEMOT-PF-MIB

The number of rules referencing this interface.

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if packet filter is currently enabled.

MIB: BEGEMOT-PF-MIB

Number of entries in the state table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'keep state' rules in the ruleset.

Utilization of state table in %.

Expression:

MIB: BEGEMOT-PF-MIB

Number of entries in the source tracking table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'sticky-address' or 'source-track' rules in the ruleset.

Utilization of source tracking table in %.

Expression:

MIB: HOST-RESOURCES-MIB

The status of DHCP server process.

Preprocessing:

- CHECK_NOT_SUPPORTED: ``

⛔️ON_FAIL: CUSTOM_VALUE -> 0

MIB: HOST-RESOURCES-MIB

The status of DNS server process.

Preprocessing:

- CHECK_NOT_SUPPORTED: ``

⛔️ON_FAIL: CUSTOM_VALUE -> 0

MIB: HOST-RESOURCES-MIB

The status of nginx process.

Preprocessing:

- CHECK_NOT_SUPPORTED: ``

⛔️ON_FAIL: CUSTOM_VALUE -> 0

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of labeled filter rules on this system.

Availability of SNMP checks on the host. The value of this item corresponds to availability icons in the host list.

Possible value:

0 - not available

1 - available

2 - unknown

Recovers when below 80% of {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

Recovery expression:

Depends on:

- PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The network interface utilization is close to its estimated maximum bandwidth.

Recovery expression:

Depends on:

- PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

Recovers when below 80% of {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

Recovery expression:

Depends on:

- PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The network interface utilization is close to its estimated maximum bandwidth.

Recovery expression:

Depends on:

- PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This Ethernet connection has transitioned down from its known maximum speed. This might be a sign of autonegotiation issues. Ack to close.

Recovery expression:

Depends on:

- PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This trigger expression works as follows:

1. Can be triggered if operations status is down.

2. {$IFCONTROL:"{#IFNAME}"}=1 - user can redefine Context macro to value - 0. That marks this interface as not important. No new trigger will be fired if this interface is down.

Please check PF status.

Please check the number of connections https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#config-advanced-firewall-maxstates

Please check the number of sticky connections https://docs.netgate.com/pfsense/en/latest/monitoring/status/firewall-states-sources.html

Please check DHCP server settings https://docs.netgate.com/pfsense/en/latest/services/dhcp/index.html

Please check DNS server settings https://docs.netgate.com/pfsense/en/latest/services/dns/index.html

Please check nginx service status.

SNMP is not available for polling. Please check device connectivity and SNMP settings.

Threshold of error packets rate for warning trigger. Can be used with interface name as context.

Threshold of interface bandwidth utilization for warning trigger in %. Can be used with interface name as context.

Macro for operational state of the interface for link down trigger. Can be used with interface name as context.

This macro is used in filters of network interfaces discovery rule.

Ignore down(2) administrative status.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

Ignore notPresent(6).

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

The time interval for SNMP availability trigger.

Threshold of state table utilization trigger in %.

Threshold of source tracking table utilization trigger in %.

Availability of SNMP checks on the host. The value of this item corresponds to availability icons in the host list.

Possible value:

0 - not available

1 - available

2 - unknown

MIB: BEGEMOT-PF-MIB

True if packet filter is currently enabled.

MIB: BEGEMOT-PF-MIB

Number of entries in the state table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'keep state' rules in the ruleset.

Utilization of state table in %.

MIB: BEGEMOT-PF-MIB

Number of entries in the source tracking table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'sticky-address' or 'source-track' rules in the ruleset.

Utilization of source tracking table in %.

MIB: HOST-RESOURCES-MIB

The status of DHCP server process.

Preprocessing

• Check for not supported value:

  ⛔️Custom on fail: Set value to: 0

MIB: HOST-RESOURCES-MIB

The status of DNS server process.

Preprocessing

• Check for not supported value:

  ⛔️Custom on fail: Set value to: 0

MIB: HOST-RESOURCES-MIB

The status of nginx process.

Preprocessing

• Check for not supported value:

  ⛔️Custom on fail: Set value to: 0

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of labeled filter rules on this system.

SNMP is not available for polling. Please check device connectivity and SNMP settings.

Please check PF status.

Please check the number of connections https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#config-advanced-firewall-maxstates

Please check the number of sticky connections https://docs.netgate.com/pfsense/en/latest/monitoring/status/firewall-states-sources.html

Please check DHCP server settings https://docs.netgate.com/pfsense/en/latest/services/dhcp/index.html

Please check DNS server settings https://docs.netgate.com/pfsense/en/latest/services/dns/index.html

Please check nginx service status.

Discovering interfaces from IF-MIB.

MIB: IF-MIB

The number of inbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

For packet-oriented interfaces, the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of inbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifInOctets. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

• Custom multiplier: 8

MIB: IF-MIB

The number of outbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

For packet-oriented interfaces, the number of outbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of outbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

MIB: IF-MIB

The total number of octets transmitted out of the interface, including framing characters. This object is a 64-bit version of ifOutOctets.Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing

• Change per second:

• Custom multiplier: 8

MIB: IF-MIB

An estimate of the interface's current bandwidth in units of 1,000,000 bits per second. If this object reports a value of n' then the speed of the interface is somewhere in the range of n-500,000' to`n+499,999'. For interfaces which do not vary in bandwidth or for those where no accurate estimation can be made, this object should contain the nominal bandwidth. For a sub-layer which has no concept of bandwidth, this object should be zero.

Preprocessing

• Custom multiplier: 1000000

• Discard unchanged with heartbeat: 1h

MIB: IF-MIB

The current operational state of the interface.

- The testing(3) state indicates that no operational packet scan be passed

- If ifAdminStatus is down(2) then ifOperStatus should be down(2)

- If ifAdminStatus is changed to up(1) then ifOperStatus should change to up(1) if the interface is ready to transmit and receive network traffic

- It should change todormant(5) if the interface is waiting for external actions (such as a serial line waiting for an incoming connection)

- It should remain in the down(2) state if and only if there is a fault that prevents it from going to the up(1) state

- It should remain in the notPresent(6) state if the interface has missing(typically, hardware) components.

Preprocessing

• Discard unchanged with heartbeat: 6h

MIB: IF-MIB

The type of interface.

Additional values for ifType are assigned by the Internet Assigned Numbers Authority (IANA),

through updating the syntax of the IANAifType textual convention.

Preprocessing

• Discard unchanged with heartbeat: 6h

MIB: BEGEMOT-PF-MIB

The number of rules referencing this interface.

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed going out on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked going out on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked coming in on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked going out on this interface.

Preprocessing

• Change per second

• Custom multiplier: 8

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked coming in on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed going out on this interface.

Preprocessing

• Change per second

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked going out on this interface.

Preprocessing

• Change per second

It recovers when it is below 80% of the {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The utilization of the network interface is close to its estimated maximum bandwidth.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

It recovers when it is below 80% of the {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The utilization of the network interface is close to its estimated maximum bandwidth.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This Ethernet connection has transitioned down from its known maximum speed. This might be a sign of autonegotiation issues. Acknowledge to close the problem manually.

• PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This trigger expression works as follows:
1. It can be triggered if the operations status is down.
2. {$IFCONTROL:"{#IFNAME}"}=1 - a user can redefine context macro to value - 0. That marks this interface as not important. No new trigger will be fired if this interface is down.

Threshold of CPU utilization for warning trigger in %.

Threshold of ICMP packets loss for warning trigger in %.

Threshold of average ICMP response time for warning trigger in seconds.

Threshold of error packets rate for warning trigger. Can be used with interface name as context.

Threshold of interface bandwidth utilization for warning trigger in %. Can be used with interface name as context.

Macro for operational state of the interface for link down trigger. Can be used with interface name as context.

Load per CPU considered sustainable. Tune if needed.

Threshold of available memory for trigger in bytes.

Threshold of memory utilization for trigger in %

This macro is used in filters of network interfaces discovery rule.

Ignore down(2) administrative status

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

Ignore notPresent(6)

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

The time interval for SNMP availability trigger.

Threshold of source tracking table utilization trigger in %.

Threshold of state table utilization trigger in %.

Threshold of free swap space for warning trigger in %.

This macro is used in block devices discovery. Can be overridden on the host or linked template level

This macro is used in block devices discovery. Can be overridden on the host or linked template level

This macro is used in filesystems discovery. Can be overridden on the host or linked template level

This macro is used in filesystems discovery. Can be overridden on the host or linked template level

This macro is used in filesystems discovery. Can be overridden on the host or linked template level

This macro is used in filesystems discovery. Can be overridden on the host or linked template level

Threshold of inodes usage for average severity trigger in %. Can be used with filesystem name as context.

Threshold of inodes usage for warning trigger in %. Can be used with filesystem name as context.

Threshold of filesystem used space for average severity trigger in %. Can be used with filesystem name as context.

Threshold of used filesystem space for warning trigger in %. Can be used with filesystem name as context.

Block devices are discovered from UCD-DISKIO-MIB::diskIOTable (http://net-snmp.sourceforge.net/docs/mibs/ucdDiskIOMIB.html#diskIOTable)

Filter:

- {#DEVNAME} MATCHES_REGEX {$VFS.DEV.DEVNAME.MATCHES}

- {#DEVNAME} NOT_MATCHES_REGEX {$VFS.DEV.DEVNAME.NOT_MATCHES}

This discovery will create set of per core CPU metrics from UCD-SNMP-MIB, using {#CPU.COUNT} in preprocessing. That's the only reason why LLD is used.

Preprocessing:

- JAVASCRIPT: The text is too long. Please see the template.

HOST-RESOURCES-MIB::hrFS discovery with filter

Filter:

- {#FSTYPE} MATCHES_REGEX {$VFS.FS.FSTYPE.MATCHES}

- {#FSTYPE} NOT_MATCHES_REGEX {$VFS.FS.FSTYPE.NOT_MATCHES}

- {#FSNAME} MATCHES_REGEX {$VFS.FS.FSNAME.MATCHES}

- {#FSNAME} NOT_MATCHES_REGEX {$VFS.FS.FSNAME.NOT_MATCHES}

Discovering interfaces from IF-MIB.

Filter:

- {#IFADMINSTATUS} MATCHES_REGEX {$NET.IF.IFADMINSTATUS.MATCHES}

- {#IFADMINSTATUS} NOT_MATCHES_REGEX {$NET.IF.IFADMINSTATUS.NOT_MATCHES}

- {#IFOPERSTATUS} MATCHES_REGEX {$NET.IF.IFOPERSTATUS.MATCHES}

- {#IFOPERSTATUS} NOT_MATCHES_REGEX {$NET.IF.IFOPERSTATUS.NOT_MATCHES}

- {#IFNAME} MATCHES_REGEX {$NET.IF.IFNAME.MATCHES}

- {#IFNAME} NOT_MATCHES_REGEX {$NET.IF.IFNAME.NOT_MATCHES}

- {#IFDESCR} MATCHES_REGEX {$NET.IF.IFDESCR.MATCHES}

- {#IFDESCR} NOT_MATCHES_REGEX {$NET.IF.IFDESCR.NOT_MATCHES}

- {#IFALIAS} MATCHES_REGEX {$NET.IF.IFALIAS.MATCHES}

- {#IFALIAS} NOT_MATCHES_REGEX {$NET.IF.IFALIAS.NOT_MATCHES}

- {#IFTYPE} MATCHES_REGEX {$NET.IF.IFTYPE.MATCHES}

- {#IFTYPE} NOT_MATCHES_REGEX {$NET.IF.IFTYPE.NOT_MATCHES}

MIB: UCD-SNMP-MIB

Number of interrupts processed

Preprocessing:

- CHANGE_PER_SECOND

MIB: UCD-SNMP-MIB

Number of context switches

Preprocessing:

- CHANGE_PER_SECOND

MIB: UCD-SNMP-MIB

The 1 minute load averages.

MIB: UCD-SNMP-MIB

The 5 minutes load averages.

MIB: UCD-SNMP-MIB

The 15 minutes load averages.

MIB: HOST-RESOURCES-MIB

Count the number of CPU cores by counting number of cores discovered in hrProcessorTable using LLD

Preprocessing:

- JAVASCRIPT: //count the number of cores return JSON.parse(value).length;

MIB: UCD-SNMP-MIB

The time the CPU has spent doing nothing.

MIB: UCD-SNMP-MIB

The time the CPU has spent running the kernel and its processes.

Preprocessing:

- CHANGE_PER_SECOND

- JAVASCRIPT: //to get utilization in %, divide by N, where N is number of cores. return value/{#CPU.COUNT}

MIB: UCD-SNMP-MIB

The time the CPU has spent running users' processes that are not niced.

Preprocessing:

- CHANGE_PER_SECOND

- JAVASCRIPT: //to get utilization in %, divide by N, where N is number of cores. return value/{#CPU.COUNT}

MIB: UCD-SNMP-MIB

The time the CPU has spent running users' processes that have been niced.

Preprocessing:

- CHANGE_PER_SECOND

- JAVASCRIPT: //to get utilization in %, divide by N, where N is number of cores. return value/{#CPU.COUNT}

MIB: UCD-SNMP-MIB

Amount of time the CPU has been waiting for I/O to complete.

Preprocessing:

- CHANGE_PER_SECOND

- JAVASCRIPT: //to get utilization in %, divide by N, where N is number of cores. return value/{#CPU.COUNT}

MIB: UCD-SNMP-MIB

The amount of time the CPU has been servicing hardware interrupts.

Preprocessing:

- CHANGE_PER_SECOND

- JAVASCRIPT: //to get utilization in %, divide by N, where N is number of cores. return value/{#CPU.COUNT}

CPU utilization in %

Preprocessing:

- JAVASCRIPT: //Calculate utilization return (100 - value)

MIB: SNMPv2-MIB

The textual identification of the contact person for this managed node, together with information on how to contact this person. If no contact information is known, the value is the zero-length string.

Preprocessing:

- DISCARD_UNCHANGED_HEARTBEAT: 6h

MIB: SNMPv2-MIB

System description of the host.

Preprocessing:

- DISCARD_UNCHANGED_HEARTBEAT: 6h

MIB: SNMPv2-MIB

The physical location of this node. If the location is unknown, the value is the zero-length string.

Preprocessing:

- DISCARD_UNCHANGED_HEARTBEAT: 6h

MIB: SNMPv2-MIB

System host name.

Preprocessing:

- DISCARD_UNCHANGED_HEARTBEAT: 6h

MIB: SNMPv2-MIB

The vendor authoritative identification of the network management subsystem contained in the entity. This value is allocated within the SMI enterprises subtree (1.3.6.1.4.1) and provides an easy and unambiguous means for determining what kind of box is being managed.

Preprocessing:

- DISCARD_UNCHANGED_HEARTBEAT: 6h

MIB: UCD-SNMP-MIB

The amount of real/physical memory currently unused or available.

Preprocessing:

- MULTIPLIER: 1024

MIB: UCD-SNMP-MIB

The total amount of real or virtual memory currently allocated for use as memory buffers.

Preprocessing:

- MULTIPLIER: 1024

MIB: UCD-SNMP-MIB

The total amount of real or virtual memory currently allocated for use as cached memory.

Preprocessing:

- MULTIPLIER: 1024

MIB: UCD-SNMP-MIB

Total memory in Bytes

Preprocessing:

- MULTIPLIER: 1024

Please note that memory utilization is a rough estimate, since memory available is calculated as free+buffers+cached, which is not 100% accurate, but the best we can get using SNMP.

Expression:

Please note that memory utilization is a rough estimate, since memory available is calculated as free+buffers+cached, which is not 100% accurate, but the best we can get using SNMP.

Expression:

MIB: UCD-SNMP-MIB

The total amount of swap space configured for this host.

Preprocessing:

- MULTIPLIER: 1024

MIB: UCD-SNMP-MIB

The amount of swap space currently unused or available.

Preprocessing:

- MULTIPLIER: 1024

The free space of swap volume/file in percent.

Expression:

MIB: IF-MIB

The number of inbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

MIB: IF-MIB

For packet-oriented interfaces, the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of inbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

MIB: IF-MIB

The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifInOctets. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

- MULTIPLIER: 8

MIB: IF-MIB

The number of outbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

MIB: IF-MIB

For packet-oriented interfaces, the number of outbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of outbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

MIB: IF-MIB

The total number of octets transmitted out of the interface, including framing characters. This object is a 64-bit version of ifOutOctets.Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND: ``

- MULTIPLIER: 8

MIB: IF-MIB

An estimate of the interface's current bandwidth in units of 1,000,000 bits per second. If this object reports a value of n' then the speed of the interface is somewhere in the range of n-500,000' to`n+499,999'. For interfaces which do not vary in bandwidth or for those where no accurate estimation can be made, this object should contain the nominal bandwidth. For a sub-layer which has no concept of bandwidth, this object should be zero.

Preprocessing:

- MULTIPLIER: 1000000

- DISCARD_UNCHANGED_HEARTBEAT: 1h

MIB: IF-MIB

The current operational state of the interface.

- The testing(3) state indicates that no operational packet scan be passed

- If ifAdminStatus is down(2) then ifOperStatus should be down(2)

- If ifAdminStatus is changed to up(1) then ifOperStatus should change to up(1) if the interface is ready to transmit and receive network traffic

- It should change todormant(5) if the interface is waiting for external actions (such as a serial line waiting for an incoming connection)

- It should remain in the down(2) state if and only if there is a fault that prevents it from going to the up(1) state

- It should remain in the notPresent(6) state if the interface has missing(typically, hardware) components.

Preprocessing:

- DISCARD_UNCHANGED_HEARTBEAT: 6h

MIB: IF-MIB

The type of interface.

Additional values for ifType are assigned by the Internet Assigned NumbersAuthority (IANA),

through updating the syntax of the IANAifType textual convention.

Preprocessing:

- DISCARD_UNCHANGED_HEARTBEAT: 6h

BEGEMOT-PF-MIB

The number of rules referencing this interface.

BEGEMOT-PF-MIB

IPv4 bits per second passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

BEGEMOT-PF-MIB

IPv4 bits per second blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

BEGEMOT-PF-MIB

IPv4 bits per second passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

BEGEMOT-PF-MIB

IPv4 bits per second blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

BEGEMOT-PF-MIB

The number of IPv4 packets passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

BEGEMOT-PF-MIB

The number of IPv4 packets blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

BEGEMOT-PF-MIB

The number of IPv4 packets passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

BEGEMOT-PF-MIB

The number of IPv4 packets blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

BEGEMOT-PF-MIB

IPv6 bits per second passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

BEGEMOT-PF-MIB

IPv6 bits per second blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

BEGEMOT-PF-MIB

IPv6 bits per second passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

BEGEMOT-PF-MIB

IPv6 bits per second blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

BEGEMOT-PF-MIB

The number of IPv6 packets passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

BEGEMOT-PF-MIB

The number of IPv6 packets blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

BEGEMOT-PF-MIB

The number of IPv6 packets passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

BEGEMOT-PF-MIB

The number of IPv6 packets blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if packet filter is currently enabled

MIB: BEGEMOT-PF-MIB

Number of entries in the state table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'keep state' rules in the ruleset.

Utilization of state table in %.

Expression:

MIB: BEGEMOT-PF-MIB

Number of entries in the source tracking table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'sticky-address' or 'source-track' rules in the ruleset.

Utilization of source tracking table in %.

Expression:

MIB: HOST-RESOURCES-MIB

The status of DHCP server process.

Preprocessing:

- CHECK_NOT_SUPPORTED: ``

⛔️ON_FAIL: CUSTOM_VALUE -> 0

MIB: HOST-RESOURCES-MIB

The status of DNS server process.

Preprocessing:

- CHECK_NOT_SUPPORTED: ``

⛔️ON_FAIL: CUSTOM_VALUE -> 0

MIB: HOST-RESOURCES-MIB

The status of nginx process.

Preprocessing:

- CHECK_NOT_SUPPORTED: ``

⛔️ON_FAIL: CUSTOM_VALUE -> 0

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of labeled filter rules on this system.

Host accessibility by ICMP.

0 - ICMP ping fails.

1 - ICMP ping successful.

Percentage of lost packets.

ICMP ping response time (in seconds).

MIB: SNMPv2-MIB

System uptime in 'N days, hh:mm:ss' format.

Preprocessing:

- MULTIPLIER: 0.01

Availability of SNMP checks on the host. The value of this item corresponds to availability icons in the host list.

Possible value:

0 - not available

1 - available

2 - unknown

MIB: UCD-SNMP-MIB

If having problems collecting this item make sure access to UCD-SNMP-MIB is allowed.

Preprocessing:

- MULTIPLIER: 1024

MIB: UCD-SNMP-MIB

If having problems collecting this item make sure access to UCD-SNMP-MIB is allowed.

Preprocessing:

- MULTIPLIER: 1024

MIB: UCD-SNMP-MIB

If having problems collecting this item make sure access to UCD-SNMP-MIB is allowed.

MIB: UCD-SNMP-MIB

If having problems collecting this item make sure access to UCD-SNMP-MIB is allowed.

Preprocessing:

- JAVASCRIPT: return (100-value);

MIB: UCD-DISKIO-MIB

The number of read accesses from this device since boot.

Preprocessing:

- CHANGE_PER_SECOND

MIB: UCD-DISKIO-MIB

The number of write accesses from this device since boot.

Preprocessing:

- CHANGE_PER_SECOND

MIB: UCD-DISKIO-MIB

The 1 minute average load of disk (%)

Per CPU load average is too high. Your system may be slow to respond.

CPU utilization is too high. The system might be slow to respond.

Depends on:

- PFSense: Load average is too high (per CPU load over {$LOAD_AVG_PER_CPU.MAX.WARN} for 5m)

System name has changed. Ack to close.

Manual close: YES

The system is running out of memory

The system is running out of free memory.

Depends on:

- PFSense: Lack of available memory (<{$MEMORY.AVAILABLE.MIN} of {ITEM.VALUE2})

This trigger is ignored, if there is no swap configured

Depends on:

- PFSense: High memory utilization (>{$MEMORY.UTIL.MAX}% for 5m)

- PFSense: Lack of available memory (<{$MEMORY.AVAILABLE.MIN} of {ITEM.VALUE2})

Recovers when below 80% of {$IF.ERRORS.WARN:"{#IFNAME}"} threshold

Recovery expression:

Depends on:

- PFSense: Link down

The network interface utilization is close to its estimated maximum bandwidth.

Recovery expression:

Depends on:

- PFSense: Link down

Recovers when below 80% of {$IF.ERRORS.WARN:"{#IFNAME}"} threshold

Recovery expression:

Depends on:

- PFSense: Link down

The network interface utilization is close to its estimated maximum bandwidth.

Recovery expression:

Depends on:

- PFSense: Link down

This Ethernet connection has transitioned down from its known maximum speed. This might be a sign of autonegotiation issues. Ack to close.

Recovery expression:

Depends on:

- PFSense: Link down

This trigger expression works as follows:

1. Can be triggered if operations status is down.

2. {$IFCONTROL:"{#IFNAME}"}=1 - user can redefine Context macro to value - 0. That marks this interface as not important. No new trigger will be fired if this interface is down.

Please check PF status

Please check the number of connections https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#config-advanced-firewall-maxstates

Please check the number of sticky connections https://docs.netgate.com/pfsense/en/latest/monitoring/status/firewall-states-sources.html

Please check DHCP server settings https://docs.netgate.com/pfsense/en/latest/services/dhcp/index.html

Please check DNS server settings https://docs.netgate.com/pfsense/en/latest/services/dns/index.html

Please check nginx service status

Last three attempts returned timeout. Please check device connectivity.

ICMP packets loss detected

Depends on:

- PFSense: Unavailable by ICMP ping

Average ICMP response time is too big.

Depends on:

- PFSense: Unavailable by ICMP ping

Uptime is less than 10 minutes

Manual close: YES

SNMP is not available for polling. Please check device connectivity and SNMP settings.

Depends on:

- PFSense: Unavailable by ICMP ping

Two conditions should match: First, space utilization should be above {$VFS.FS.PUSED.MAX.CRIT:"PFSense"}.

Second condition should be one of the following:

- The disk free space is less than 5G.

- The disk will be full in less than 24 hours.

Manual close: YES

Two conditions should match: First, space utilization should be above {$VFS.FS.PUSED.MAX.WARN:"PFSense"}.

Second condition should be one of the following:

- The disk free space is less than 10G.

- The disk will be full in less than 24 hours.

Manual close: YES

Depends on:

- PFSense: Disk space is critically low (used > {$VFS.FS.PUSED.MAX.CRIT:"PFSense"}%)

It may become impossible to write to disk if there are no index nodes left.

As symptoms, 'No space left on device' or 'Disk is full' errors may be seen even though free space is available.

It may become impossible to write to disk if there are no index nodes left.

As symptoms, 'No space left on device' or 'Disk is full' errors may be seen even though free space is available.

Depends on:

- PFSense: {#FSNAME}: Running out of free inodes (free < {$VFS.FS.INODE.PFREE.MIN.CRIT:"{#FSNAME}"}%)

Threshold of error packets rate for warning trigger. Can be used with interface name as context.

Threshold of interface bandwidth utilization for warning trigger in %. Can be used with interface name as context.

Macro for operational state of the interface for link down trigger. Can be used with interface name as context.

This macro is used in filters of network interfaces discovery rule.

Ignore down(2) administrative status

This macro is used in filters of network interfaces discovery rule.

This macro is used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

Ignore notPresent(6)

This macro used in filters of network interfaces discovery rule.

This macro used in filters of network interfaces discovery rule.

The time interval for SNMP availability trigger.

Threshold of source tracking table utilization trigger in %.

Threshold of state table utilization trigger in %.

Discovering interfaces from IF-MIB.

Filter:

- A: {#IFADMINSTATUS} MATCHES_REGEX {$NET.IF.IFADMINSTATUS.MATCHES}

- B: {#IFADMINSTATUS} NOT_MATCHES_REGEX {$NET.IF.IFADMINSTATUS.NOT_MATCHES}

- I: {#IFOPERSTATUS} MATCHES_REGEX {$NET.IF.IFOPERSTATUS.MATCHES}

- J: {#IFOPERSTATUS} NOT_MATCHES_REGEX {$NET.IF.IFOPERSTATUS.NOT_MATCHES}

- G: {#IFNAME} MATCHES_REGEX @Network interfaces for discovery

- H: {#IFNAME} NOT_MATCHES_REGEX {$NET.IF.IFNAME.NOT_MATCHES}

- E: {#IFDESCR} MATCHES_REGEX {$NET.IF.IFDESCR.MATCHES}

- F: {#IFDESCR} NOT_MATCHES_REGEX {$NET.IF.IFDESCR.NOT_MATCHES}

- C: {#IFALIAS} MATCHES_REGEX {$NET.IF.IFALIAS.MATCHES}

- D: {#IFALIAS} NOT_MATCHES_REGEX {$NET.IF.IFALIAS.NOT_MATCHES}

- K: {#IFTYPE} MATCHES_REGEX {$NET.IF.IFTYPE.MATCHES}

- L: {#IFTYPE} NOT_MATCHES_REGEX {$NET.IF.IFTYPE.NOT_MATCHES}

MIB: IF-MIB

The number of inbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND

MIB: IF-MIB

For packet-oriented interfaces, the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of inbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND

MIB: IF-MIB

The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifInOctets. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: IF-MIB

The number of outbound packets which were chosen to be discarded

even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.

One possible reason for discarding such a packet could be to free up buffer space.

Discontinuities in the value of this counter can occur at re-initialization of the management system,

and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND

MIB: IF-MIB

For packet-oriented interfaces, the number of outbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of outbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND

MIB: IF-MIB

The total number of octets transmitted out of the interface, including framing characters. This object is a 64-bit version of ifOutOctets.Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: IF-MIB

An estimate of the interface's current bandwidth in units of 1,000,000 bits per second. If this object reports a value of n' then the speed of the interface is somewhere in the range of n-500,000' to`n+499,999'. For interfaces which do not vary in bandwidth or for those where no accurate estimation can be made, this object should contain the nominal bandwidth. For a sub-layer which has no concept of bandwidth, this object should be zero.

Preprocessing:

- MULTIPLIER: 1000000

- DISCARD_UNCHANGED_HEARTBEAT: 1h

MIB: IF-MIB

The current operational state of the interface.

- The testing(3) state indicates that no operational packet scan be passed

- If ifAdminStatus is down(2) then ifOperStatus should be down(2)

- If ifAdminStatus is changed to up(1) then ifOperStatus should change to up(1) if the interface is ready to transmit and receive network traffic

- It should change todormant(5) if the interface is waiting for external actions (such as a serial line waiting for an incoming connection)

- It should remain in the down(2) state if and only if there is a fault that prevents it from going to the up(1) state

- It should remain in the notPresent(6) state if the interface has missing(typically, hardware) components.

Preprocessing:

- DISCARD_UNCHANGED_HEARTBEAT: 6h

MIB: IF-MIB

The type of interface.

Additional values for ifType are assigned by the Internet Assigned Numbers Authority (IANA),

through updating the syntax of the IANAifType textual convention.

Preprocessing:

- DISCARD_UNCHANGED_HEARTBEAT: 6h

MIB: BEGEMOT-PF-MIB

The number of rules referencing this interface.

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv4 bits per second blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv4 packets blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

IPv6 bits per second blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

- MULTIPLIER: 8

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked coming in on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets passed going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of IPv6 packets blocked going out on this interface.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if packet filter is currently enabled.

MIB: BEGEMOT-PF-MIB

Number of entries in the state table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'keep state' rules in the ruleset.

Utilization of state table in %.

Expression:

MIB: BEGEMOT-PF-MIB

Number of entries in the source tracking table.

MIB: BEGEMOT-PF-MIB

Maximum number of 'sticky-address' or 'source-track' rules in the ruleset.

Utilization of source tracking table in %.

Expression:

MIB: HOST-RESOURCES-MIB

The status of DHCP server process.

MIB: HOST-RESOURCES-MIB

The status of DNS server process.

MIB: HOST-RESOURCES-MIB

The status of nginx process.

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

True if the packet was logged with the specified packet filter reason code. The known codes are: match, bad-offset, fragment, short, normalize, and memory.

Preprocessing:

- CHANGE_PER_SECOND

MIB: BEGEMOT-PF-MIB

The number of labeled filter rules on this system.

Availability of SNMP checks on the host. The value of this item corresponds to availability icons in the host list.

Possible value:

0 - not available

1 - available

2 - unknown

Recovers when below 80% of {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

Recovery expression:

Depends on:

- PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The network interface utilization is close to its estimated maximum bandwidth.

Recovery expression:

Depends on:

- PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

Recovers when below 80% of {$IF.ERRORS.WARN:"{#IFNAME}"} threshold.

Recovery expression:

Depends on:

- PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

The network interface utilization is close to its estimated maximum bandwidth.

Recovery expression:

Depends on:

- PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This Ethernet connection has transitioned down from its known maximum speed. This might be a sign of autonegotiation issues. Ack to close.

Recovery expression:

Depends on:

- PFSense: Interface [{#IFNAME}({#IFALIAS})]: Link down

This trigger expression works as follows:

1. Can be triggered if operations status is down.

2. {$IFCONTROL:"{#IFNAME}"}=1 - user can redefine Context macro to value - 0. That marks this interface as not important. No new trigger will be fired if this interface is down.

Please check PF status.

Please check the number of connections https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#config-advanced-firewall-maxstates

Please check the number of sticky connections https://docs.netgate.com/pfsense/en/latest/monitoring/status/firewall-states-sources.html

Please check DHCP server settings https://docs.netgate.com/pfsense/en/latest/services/dhcp/index.html

Depends on:

- PFSense: No SNMP data collection

Please check DNS server settings https://docs.netgate.com/pfsense/en/latest/services/dns/index.html

Depends on:

- PFSense: No SNMP data collection

Please check nginx service status.

Depends on:

- PFSense: No SNMP data collection

SNMP is not available for polling. Please check device connectivity and SNMP settings.