Commit 5dc28dd4 authored by Илья Сомов's avatar Илья Сомов Committed by Andrey Vertiprahov

Add eventclassificationrules stp and storm-control for junos

parent c5968a73
{
"name": "Juniper | JUNOS | Network | Port Security | Port Security Violation (SYSLOG)",
"$collection": "fm.eventclassificationrules",
"uuid": "5beb87d9-65bb-4394-baad-eafd76662293",
"description": "Mar 19 16:19:41 switchname-asw01 eswd[1262]: ESWD_MAC_LIMIT_BLOCK: MAC limit (3) exceeded at ge-0/0/23.0: shutting down the interface",
"event_class__name": "Network | Port Security | Port Security Violation",
"preference": 1000,
"patterns": [
{
"key_re": "^source$",
"value_re": "^syslog$"
},
{
"key_re": "^profile$",
"value_re": "^Juniper\\.JUNOS$"
},
{
"key_re": "^message$",
"value_re": "ESWD_MAC_LIMIT_BLOCK: MAC limit \\((?P<limit>\\d+)\\) exceeded at (?P<interface>.+?): shutting down the interface$"
}
]
}
{
"name": "Juniper | JUNOS | Network | STP | BPDU Guard Recovery (SYSLOG)",
"$collection": "fm.eventclassificationrules",
"uuid": "dab579e0-044a-4835-8dcc-c6ec986b749f",
"description": "Mar 19 14:19:40 switchname-asw01 eswd[1262]: ESWD_BPDU_BLOCK_ERROR_ENABLED: ge-0/0/47.0: bpdu-block enabled port",
"event_class__name": "Network | STP | BPDU Guard Recovery",
"preference": 1000,
"patterns": [
{
"key_re": "^source$",
"value_re": "^syslog$"
},
{
"key_re": "^profile$",
"value_re": "^Juniper\\.JUNOS$"
},
{
"key_re": "^message$",
"value_re": "ESWD_BPDU_BLOCK_ERROR_ENABLED: (?P<interface>\\S+): bpdu-block enabled port$"
}
]
}
{
"name": "Juniper | JUNOS | Network | STP | BPDU Guard Violation (SYSLOG)",
"$collection": "fm.eventclassificationrules",
"uuid": "e4b12255-a00f-439a-90d2-427affbbb3b8",
"description": "Mar 19 14:18:40 switchname-asw01 eswd[1262]: ESWD_BPDU_BLOCK_ERROR_DISABLED: ge-0/0/47.0: bpdu-block disabled port",
"event_class__name": "Network | STP | BPDU Guard Violation",
"preference": 1000,
"patterns": [
{
"key_re": "^source$",
"value_re": "^syslog$"
},
{
"key_re": "^profile$",
"value_re": "^Juniper\\.JUNOS$"
},
{
"key_re": "^message$",
"value_re": "ESWD_BPDU_BLOCK_ERROR_DISABLED: (?P<interface>\\S+): bpdu-block disabled port$"
}
]
}
{
"name": "Juniper | JUNOS | Network | Storm Control | Storm Cleared (SYSLOG)",
"$collection": "fm.eventclassificationrules",
"uuid": "3677b962-eda4-4a85-a16b-a691693ae66b",
"description": "Jan 22 13:24:55 switchname-sw01 eswd[72792]: ESWD_ST_CTL_ERROR_ENABLED: ae0.0: storm control enabled port",
"event_class__name": "Network | Storm Control | Storm Cleared",
"preference": 1000,
"patterns": [
{
"key_re": "^source$",
"value_re": "^syslog$"
},
{
"key_re": "^profile$",
"value_re": "^Juniper\\.JUNOS$"
},
{
"key_re": "^message$",
"value_re": "ESWD_ST_CTL_ERROR_ENABLED: (?P<interface>\\S+): storm control enabled port$"
}
]
}
\ No newline at end of file
{
"name": "Juniper | JUNOS | Network | Storm Control | Storm Detected (SYSLOG)",
"$collection": "fm.eventclassificationrules",
"uuid": "75456d93-0507-41d6-a416-71c9cf494633",
"description": "Dec 24 12:41:56 switchname-sw01 eswd[72792]: ESWD_ST_CTL_ERROR_DISABLED: ae0.0: storm control disabled port",
"event_class__name": "Network | Storm Control | Storm Detected",
"preference": 1000,
"patterns": [
{
"key_re": "^source$",
"value_re": "^syslog$"
},
{
"key_re": "^profile$",
"value_re": "^Juniper\\.JUNOS$"
},
{
"key_re": "^message$",
"value_re": "ESWD_ST_CTL_ERROR_DISABLED: (?P<interface>\\S+): storm control disabled port$"
}
]
}
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment