Hello,
I have this basic rule for alerting us when a remote office router is exceeding 95% of its available bandwidth of the WAN link.
When this Alert is triggered - I would like another Rule/Alert to collect the same for other ports - for all devices, and for the entire “location” that the Router belong to - to be able to catch the switch/client port that is actually behind the first alert.
During normal circumstances I don’t really care if a “local” port on that location fully utilize the client port…as long as the network hog keeps it local on that site/location - I want to find the local port that in its turn puts the pressure on the WAN and may cause slowness for the entire remote office.
(as most common standard we have 500Mbit WAN to remote offices, and client switches are 1Gbit towards users, and some 10Gbit local core for servers and switch uplinks etc.)
I hope you guys understand my question, and maybe there is an easy way to accomplish what I want, maybe with a more advanced Rule of some kind.
I’ll take a stab at a possible direction. You mention you already have a rule for the WAN ports so thats already solved by a WAN alert rule, you’re just wanting bandwidth alerts for your LAN ports.
If thats correct, then you’ll need to split the difference between a WAN and a LAN port (what you call a local port or client port?) so the alert rule matches against only LAN ports. One idea i have is you could achieve this by setting a Port Group (Ports>Manage Groups) and then set every WAN port to this WAN Port Group.
Then on your Alert rule for the LAN ports you use the ‘port_groups.name’ to exclude the WAN ports from this alert. If your WAN link is only 500Mbit then you’ll need to match the LAN ports that trigger when it hits 450Mbit or something on that line.