TX packets overrun for Palo Alto Networks


Palo Alto Networks


Indeni tracks the number of packets that had issues and alerts if the ratio is too high.

Remediation Steps

Packet overruns usually occur when there are too many packets being inserted into the port's memory buffer, faster than the rate at which the kernel is able to process them.

How does this work?

This alert logs into the Palo Alto Networks firewall through SSH and retrieves the status of all network interfaces. In that output, it looks for the number of packets transmitted through the interface.

Why is this important?

Tracking the number of packets flowing through each network interface is important to identify potential issues, spikes in traffic, etc.

Without Indeni how would you find this?

The traffic statistics of network interfaces can be retrieved through SNMP in newer versions of PAN-OS (7.x).

View Source Code