This is a real life sample alert from indeni

Description:

SOL13478 recommends that you do not mix mirroring and production traffic on the same VLAN. Your mirror IP is 192.168.16.2 which is on 192.168.16.0/24, a production network.

Manual Remediation Steps:

Change the network design and the mirror IPs so they are on a dedicated VLAN.

How does this alert work?

indeni reviews the configuration for the mirroring IPs (those you set via “modify /cm device <device_name> mirror-ip <IP address> mirror-secondary-ip <IP address>”) and compares to them to what it knows regarding traffic flow. If production traffic flows through the same VLAN as the mirroring traffic, an alert will be generated.