This is a real life sample alert from indeni to identify Check Point Firewalls issues.
There are 9210 NAT connections stored in the fwx_alloc kernel table while the limit is 10000. When the limit is reached, new connections may fail.
Manual Remediation Steps:
In many cases, a sudden spike in connections has been attributed to a worm or misbehaving application. If you have ruled this out, consider the solutions suggested in SK32224. Note that a higher limit may result in more memory being used, so it is recommended that changes are made gradually.
How does this alert work?
indeni constantly monitors the usage of hundreds of kernel tables. Different kernel tables are associated with different SK articles and best practices. When a kernel table nears its limit, the specific SK articles and best practices are included in an alert.