Resolve this Issue in Zabbix Monitoring
The alert I receive from Kentik in Zabbix contains information about a security incident, specifically a DDoS (Distributed Denial of Service) attack.
The Kentik alert informs that a TCP SYN/ACK reflection DDoS attack has been detected and is active, but it has been marked as "Clear," indicating that the attack has been mitigated or resolved. However, the event is still in an "alarm" state, indicating that the system is monitoring the situation.
It appears that Zabbi is monitoring Kentik but is not taking corrective actions automatically when the service returns to "up" or "ok" status.
How to solve this error?
Look at attachment
The Kentik alert informs that a TCP SYN/ACK reflection DDoS attack has been detected and is active, but it has been marked as "Clear," indicating that the attack has been mitigated or resolved. However, the event is still in an "alarm" state, indicating that the system is monitoring the situation.
It appears that Zabbi is monitoring Kentik but is not taking corrective actions automatically when the service returns to "up" or "ok" status.
How to solve this error?
Look at attachment
Attached Files
Comment