Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

Reporting and Analytics - generate an alert

New Member
Posts: 4
4356     0

Reporting and Analytics - we are trying to configure to generate an alert in case of appliance use DNS cache more than 90% value.    Current alert has some predefined values in splunk language which is bit difficult to understand.

 

Any one knows, please suggest on this.

 

NIOS - 8.0.9

Reporting - IB 2200

Re: Reporting and Analytics - generate an alert

[ Edited ]
Superuser
Posts: 81
4357     0

Hello Abhilash,

 

Technically I haven't seen much scenarios where recursive cache size crosses 90%, as the server(Some IB models at least) would start trimming it at 87.5% & some others may start returning SERVFAIL responses. Did you mean cache-hit-ratio instead ? I guess not, as an admin may not try to get alerts for anything above 90+ % since it is absolutely not a number to be worried about(Let me know if this is the case). Can you tell me the exact name of the ‘report’ which you referred to ? If it is a custom report, can you share its SPL here so that I could customize it for you as appropriate ?

 

Best regards.

Re: Reporting and Analytics - generate an alert

New Member
Posts: 4
4357     0

Thanks,

 

Alert name is - si-search-dns-cache-hit-ratio.    We had an issue with exceeding maximum cache due to number VIEWS got assigned to an appliance.    We do use number of VIEWS in single Grid with recursive members, hence we need keep this alert mechanism to get notify in case of it croses threashold value.

 

Regards,

Abhilash R

Showing results for 
Search instead for 
Did you mean: 

Recommended for You