Intrusion Exploit
Server: LiteSpeed
System: Linux cisadane.iixcp.rumahweb.net 5.14.0-427.42.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Nov 1 14:58:02 EDT 2024 x86_64
User: lenf4658 (1805)
PHP: 8.4.19
Disabled: NONE
$ pwd: /usr/lib/netdata/conf.d/health.d/
Upload Files
File: //usr/lib/netdata/conf.d/health.d/azure_monitor_nat_gateway.conf
# you can disable an alarm notification by setting the 'to' line to: silent

# --- Availability ---

# AMBA Sev4: DatapathAvailability < 90% (30m window)
# NAT Gateway datapath availability below 100% means the service is degraded.
# Below 90% indicates significant packet loss through the gateway.

 template: am_nat_gateway_datapath_availability
       on: azure_monitor.nat_gateway.datapath_availability
    class: Availability
     type: Other
component: Azure NAT Gateway
   lookup: average -5m unaligned of average
    units: percentage
    every: 1m
     warn: $this < (($status >= $WARNING)  ? (99) : (95))
     crit: $this < (($status == $CRITICAL) ? (95) : (90))
    delay: down 5m multiplier 1.5 max 1h
  summary: NAT Gateway availability on ${label:resource_name}
     info: Datapath availability of NAT Gateway ${label:resource_name} \
           in ${label:resource_group} (${label:region}). \
           Values below 100% indicate packet loss through the gateway.
       to: sysadmin

# --- Errors ---

# AMBA Sev1 (Critical): PacketDropCount > 5 packets/s (5m window)
# Dropped packets indicate SNAT port exhaustion, flow timeouts, or
# exceeding the connection limit of the NAT gateway.

 template: am_nat_gateway_dropped_packets
       on: azure_monitor.nat_gateway.dropped_packets
    class: Errors
     type: Other
component: Azure NAT Gateway
   lookup: average -5m unaligned of total
    units: packets/s
    every: 1m
     warn: $this > (($status >= $WARNING)  ? (0) : (5))
     crit: $this > (($status == $CRITICAL) ? (5) : (50))
    delay: down 5m multiplier 1.5 max 1h
  summary: NAT Gateway packet drops on ${label:resource_name}
     info: Packets being dropped by NAT Gateway ${label:resource_name} \
           in ${label:resource_group} (${label:region}). \
           Drops indicate SNAT port exhaustion or connection limit reached.
       to: sysadmin

# --- Connections ---

# Azure NAT Gateway supports up to 2 million total SNAT connections.
# Azure recommends alerting at 80% (1.6M). We warn at 60% (1.2M).

 template: am_nat_gateway_snat_connections
       on: azure_monitor.nat_gateway.snat_connections
    class: Utilization
     type: Other
component: Azure NAT Gateway
   lookup: average -5m unaligned of total
    units: connections
    every: 1m
     warn: $this > (($status >= $WARNING)  ? (1000000) : (1200000))
     crit: $this > (($status == $CRITICAL) ? (1200000) : (1600000))
    delay: down 5m multiplier 1.5 max 1h
  summary: NAT Gateway SNAT connections on ${label:resource_name}
     info: SNAT connection count on NAT Gateway ${label:resource_name} \
           in ${label:resource_group} (${label:region}). \
           Azure limit is 2 million connections per gateway.
       to: sysadmin

 template: am_nat_gateway_total_connections
       on: azure_monitor.nat_gateway.total_connections
    class: Utilization
     type: Other
component: Azure NAT Gateway
   lookup: average -5m unaligned of total
    units: connections
    every: 1m
     warn: $this > (($status >= $WARNING)  ? (1000000) : (1200000))
     crit: $this > (($status == $CRITICAL) ? (1200000) : (1600000))
    delay: down 5m multiplier 1.5 max 1h
  summary: NAT Gateway total connections on ${label:resource_name}
     info: Total SNAT connection count on NAT Gateway ${label:resource_name} \
           in ${label:resource_group} (${label:region}). \
           Azure limit is 2 million connections per gateway.
       to: sysadmin
@ Telegram