diff --git a/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Failed_1_SYSLOG_.json b/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Failed_1_SYSLOG_.json new file mode 100644 index 0000000000000000000000000000000000000000..3de4954950d6b9afe03e0504244a6f1a6b1df944 --- /dev/null +++ b/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Failed_1_SYSLOG_.json @@ -0,0 +1,21 @@ +{ + "name": "Juniper | JUNOS | Chassis | Fan | Fan Failed #1 (SYSLOG)", + "uuid": "1deb5da3-97f7-41b1-9946-f787a0212b07", + "description": "craftd[920]: Major alarm set, FPC 0 Fan 2 not spinning", + "event_class__name": "Chassis | Fan | Fan Failed", + "preference": 1000, + "patterns": [ + { + "key_re": "^source$", + "value_re": "^syslog$" + }, + { + "key_re": "^profile$", + "value_re": "^Juniper\\.JUNOS$" + }, + { + "key_re": "^message$", + "value_re": "Major alarm set, (?P.+) not spinning" + } + ] +} diff --git a/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Failed_2_SYSLOG_.json b/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Failed_2_SYSLOG_.json new file mode 100644 index 0000000000000000000000000000000000000000..7de911328d2bb1a17dd73d5abf8f29d11ffdba94 --- /dev/null +++ b/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Failed_2_SYSLOG_.json @@ -0,0 +1,21 @@ +{ + "name": "Juniper | JUNOS | Chassis | Fan | Fan Failed #2 (SYSLOG)", + "uuid": "59574276-7c26-4050-a797-16e7b312c6bd", + "description": "scb CM: ALARM SET: (Major) Rear left fan stopped spinning", + "event_class__name": "Chassis | Fan | Fan Failed", + "preference": 1000, + "patterns": [ + { + "key_re": "^source$", + "value_re": "^syslog$" + }, + { + "key_re": "^profile$", + "value_re": "^Juniper\\.JUNOS$" + }, + { + "key_re": "^message$", + "value_re": "ALARM SET: \\(Major\\) (?P.+ fan) (?:stopped spinning|failed)" + } + ] +} diff --git a/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Inserted_1_SYSLOG_.json b/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Inserted_1_SYSLOG_.json new file mode 100644 index 0000000000000000000000000000000000000000..f591ee771fd7f610fd23abb723ca2e5b589efed8 --- /dev/null +++ b/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Inserted_1_SYSLOG_.json @@ -0,0 +1,22 @@ +{ + "name": "Juniper | JUNOS | Chassis | Fan | Fan Inserted #1 (SYSLOG)", + "$collection": "fm.eventclassificationrules", + "uuid": "cd224d0f-551e-419d-8a30-e2cf2f0d0eef", + "description": "CHASSISD_SNMP_TRAP6: SNMP trap generated: Fan/Blower OK (jnxContentsContainerIndex 4, jnxContentsL1Index 1, jnxContentsL2Index 1, jnxContentsL3Index 1, jnxContentsDescr FAN: Fan 1 @ 0/0/0, jnxOperatingState/Temp 2)", + "event_class__name": "Chassis | Fan | Fan Inserted", + "preference": 1000, + "patterns": [ + { + "key_re": "^source$", + "value_re": "^syslog$" + }, + { + "key_re": "^profile$", + "value_re": "^Juniper\\.JUNOS$" + }, + { + "key_re": "^message$", + "value_re": "CHASSISD_SNMP_TRAP6: SNMP trap generated: Fan/Blower OK .+ jnxContentsDescr (?P.+), jnxOperatingState" + } + ] +} diff --git a/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Removed_1_SYSLOG_.json b/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Removed_1_SYSLOG_.json new file mode 100644 index 0000000000000000000000000000000000000000..8979329b7f9f0b3016587767265449ccdfe534fe --- /dev/null +++ b/collections/fm.eventclassificationrules/Juniper/JUNOS/Chassis/Fan/Fan_Removed_1_SYSLOG_.json @@ -0,0 +1,22 @@ +{ + "name": "Juniper | JUNOS | Chassis | Fan | Fan Removed #1 (SYSLOG)", + "$collection": "fm.eventclassificationrules", + "uuid": "6afac3b5-824f-4d35-ae4b-d522ced6a53a", + "description": "CHASSISD_SNMP_TRAP6: SNMP trap generated: Fan/Blower Removed (jnxContentsContainerIndex 4, jnxContentsL1Index 1, jnxContentsL2Index 1, jnxContentsL3Index 1, jnxContentsDescr FAN: Fan 1 @ 0/0/0, jnxOperatingState/Temp 1)", + "event_class__name": "Chassis | Fan | Fan Removed", + "preference": 1000, + "patterns": [ + { + "key_re": "^source$", + "value_re": "^syslog$" + }, + { + "key_re": "^profile$", + "value_re": "^Juniper\\.JUNOS$" + }, + { + "key_re": "^message$", + "value_re": "CHASSISD_SNMP_TRAP6: SNMP trap generated: Fan/Blower Removed .+ jnxContentsDescr (?P.+), jnxOperatingState" + } + ] +} \ No newline at end of file diff --git a/collections/fm.eventclassificationrules/Juniper/JUNOS/Network/IP/Address_Conflict_SYSLOG_.json b/collections/fm.eventclassificationrules/Juniper/JUNOS/Network/IP/Address_Conflict_SYSLOG_.json new file mode 100644 index 0000000000000000000000000000000000000000..c3b11172766483aaed26d1779fcd6b05864446e8 --- /dev/null +++ b/collections/fm.eventclassificationrules/Juniper/JUNOS/Network/IP/Address_Conflict_SYSLOG_.json @@ -0,0 +1,22 @@ +{ + "name": "Juniper | JUNOS | Network | IP | Address Conflict (SYSLOG)", + "$collection": "fm.eventclassificationrules", + "uuid": "11b2a583-f4c6-4308-b3c0-a53b001a4eb4", + "description": "KERN_ARP_DUPLICATE_ADDR: duplicate IP address 10.60.9.1! sent from address: 02:2a:5d:10:e6:93 (error count = 14)", + "event_class__name": "Network | IP | Address Conflict", + "preference": 1000, + "patterns": [ + { + "key_re": "^source$", + "value_re": "^syslog$" + }, + { + "key_re": "^profile$", + "value_re": "^Juniper\\.JUNOS$" + }, + { + "key_re": "^message$", + "value_re": "KERN_ARP_DUPLICATE_ADDR: duplicate IP address (?P\\S+)! sent from address: (?P\\S+)" + } + ] +} \ No newline at end of file diff --git a/collections/fm.eventclassificationrules/Juniper/JUNOS/Network/Storm_Control/Storm_Detected_SYSLOG_.json b/collections/fm.eventclassificationrules/Juniper/JUNOS/Network/Storm_Control/Storm_Detected_SYSLOG_.json index 514f5a1bddbf45832fd72b84f740fb9c1138c3e9..6d5edb3484a081cd728e28aadd241e5bd6e71cc1 100644 --- a/collections/fm.eventclassificationrules/Juniper/JUNOS/Network/Storm_Control/Storm_Detected_SYSLOG_.json +++ b/collections/fm.eventclassificationrules/Juniper/JUNOS/Network/Storm_Control/Storm_Detected_SYSLOG_.json @@ -16,7 +16,7 @@ }, { "key_re": "^message$", - "value_re": "ESWD_ST_CTL_ERROR_DISABLED: (?P\\S+): storm control disabled port$" + "value_re": "ESWD_ST_CTL_ERROR_(?:DISABLED|IN_EFFECT): (?P\\S+): storm control (?:disabled port|in effect on the port)$" } ] -} \ No newline at end of file +}