Alert Details

EFA Certificate Expiry Notice

31000 EFA Certificate Expiry Notice
Description Send an alert when an EFA certificate is about to expire.
Preconditions

Certificate Manager Component (Monitor & Auth Service) has system default settings that are NOT user configurable.

  • Polling frequency for certificate expiry notice: daily
  • Monitors the following EFA Certificate Types:
    Sr No Type Value
    1 App Server certificate (of EFA) app_server_cert
    2 Default Intermediate CA default_intermediate_ca
    3 Default Root CA default_root_ca
    4 Third-Party CA third_party_ca
    5 K3s Server Certificate k3s_server_cert
    6 K3s CA k3s_ca
    7 JWT Certificate jwt_cert

The daily polling sends the “CertificateExpiryNoticeAlert” event notification with an expiry date per certificate type which is processed by the fault engine.

Requirements
Alert Data:
  1. Certificate Type
  2. Expiry Date

Syslog RFC-5424 Example: 

<116>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Environmental    
   [meta sequenceId=”47”]  
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]  
   [alert@1916  
   resource=”/App/System/Security/Certificate?type=app_server_cert” 
   alertId=”31000”  	  
   cause=”keyExpired”  
   type=”securityServiceOrMechanismViolation”  
   severity=”warning”]   
   [alertData@1916  
   certifcateType=”App Server certificate”  
   expiryDate=”Sep 12 10:00:45 2022 GMT”] 
   BOM The application server certificate on EFA will expire soon
Health Response Response
{
    Resource: /App/System/Security/Certificate?type=app_server_cert
    HQI {
        Color: Yellow
        Value: 1
    }
    StatusText: Application Server Certificate expires on <date>.
}

Managed Device Certificate Expiry Notice

31001 Managed Device Certificate Expiry Notice
Description Send an alert when a certificate on the SLX device is about to expire.
Preconditions

Inventory Service has default system settings that are NOT user configurable.

  • Polling frequency for certificate expiry notice: daily
  • Monitors the following Device Certificate Types:
    Sr No Type Value
    1 HTTPS Server certificate https_server_cert
    2 Syslog CA syslog_ca
    3 JWT Verifier (OAuth2) jwt_verifier

The daily polling sends the “DeviceCertificateExpiryNoticeAlert” event notification with an expiry date per certificate type which is processed by the fault engine.

Requirements

Alert Data:

  1. Device IP
  2. Certificate Type
  3. Expiry Date

Syslog RFC-5424 Example: 

<116>1 2022-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Environmental    
   [meta sequenceId=”47”]  
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]  
   [alert@1916  
   resource=”/App/System/Security/Certificate?device_ip=10.10.10.1&type=http_server_cert” 
   alertId=”31001”  
   cause=”keyExpired”  
   type=”securityServiceOrMechanismViolation”  
   severity=”warning”]   
   [alertData@1916  
   deviceIP=”10.10.10.1”    
   certifcateType=”HTTPS Server certificate”  
   expiryDate=”Sep 12 10:00:45 2022 GMT”] 
   BOMThe certificate on device “10.10.10.1” with subject “CN=slx-10.10.10.1.extremenetworks.com” will be expiring soon at “Sep 12 10:00:45 2022 GMT”
Health Response
Response
{
    Resource:/App/System/Security/Certificate?device_ip=10.10.10.1&type=http_server_cert
    HQI {
        Color: Yellow
        Value: 1
    }
    StatusText: Device 10.10.10.1 Http Server Certificate expires on <date>.
}

EFA Certificate Expired

31002 EFA Certificate Expired
Description Send an alert when an EFA certificate has expired. This might not work well in a few cases as the system would not be functional.
Preconditions

K3s must be up and running (k3s goes down if k3s certs have expired)

Only supports non-k3s cert expiry.

  • Polling frequency for certificate expiry notice: daily
  • Monitors the following EFA Certificate Types:
    Sr No Type Value
    1 App Server certificate (of EFA) app_server_cert
    2 Default Intermediate CA default_intermediate_ca
    3 Default Root CA default_root_ca
    4 Third-Party CA third_party_ca

If the App server certificate gets expired, you cannot communicate with EFA via REST API. Therefore, you cannot query the health status.
Requirements
Alert Data:
  1. Certificate Type
  2. Expired Date

Syslog RFC-5424 Example: 

<114>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Environmental    
   [meta sequenceId=”47”]  
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]  
   [alert@1916  
   resource=”/App/System/Certificate?type=app_server_cert” 
   alertId=”31002”  	  
   cause=”keyExpired”  
   type=”securityServiceOrMechanismViolation”  
   severity=”critical”]   
   [alertData@1916  
   certificateType=”App Server certificate”  
   expiredDate=”Sep 12 10:00:45 2022 GMT”] 
   BOMThe Application server certificate on EFA has expired “Sep 12 10:00:45 2022 GMT”.
Health Response
Response
{
    Resource: /App/System/Security/Certificate type=app_server_cert
    HQI {
        Color: Red
        Value: 3
    }
    StatusText: Application server Certificate expired on <date>.
}

Managed Device Certificate Expired

31003 Managed Device Certificate Expired
Description Send an alert when the SLX certificate has expired
Preconditions

SLX device‘s syslog server configuration is set to EFA IP so that the RASLog service receives events from the SLX device. Syslogs from the SLX device may not be sent to the RASLog Service if syslog CA cert has expired.

  • Polling frequency for certificate expiry notice: daily
  • Monitors the following Device Certificate Types:
    Sr No Type Value
    1 HTTPS Server certificate https_server_cert
    2 Syslog CA syslog_ca
    3 JWT Verifier (OAuth2) jwt_verifier

The daily polling sends the “DeviceCertificateExpiredNoticeAlert” event notification with an expiry date per certificate type which is processed by the fault engine.

Requirements
Alert Data:
  1. Device IP
  2. Certificate Type
  3. Expired Date

Syslog RFC-5424 Example: 

<114>1 2022-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Environmental    
   [meta sequenceId=”47”]  
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]  
   [alert@1916  
   resource=”/App/System/Security/Certificate?device_ip=10.10.10.1&type=https_server_cert” 
   alertId=”31003”  
   cause=”keyExpired”  
   type=”securityServiceOrMechanismViolation”  
   severity=”critical”]   
   [alertData@1916  
   deviceIP=”10.10.10.1”    
   certifcateType=”HTTPS Server certificate”  
   expiryDate=”Sep 12 10:00:45 2022 GMT”] 
  BOMThe certificate on device “10.10.10.1” with subject “CN=slx- 10.10.10.1.extremenetworks.com” has expired at “Sep 12 10:00:45 2022 GMT”
Health Response

Response

{
    Resource:/App/System/Security/Certificate?device_ip=10.10.10.1&type=https_server_cert
    HQI {
        Color: Red
        Value: 3
    }
    StatusText: Https server certificate x=on device 10.10.10.1 expired on <date>.
}

EFA Certificate Upload/Renewal

31004 EFA Certificate Upload/Renewal
Description Send an alert when a certificate is renewed.
Preconditions
  • For all the certificates managed by EFA, send an alert on renewal of any of the certificates.
  • The following table describes the types of certificates that EFA raises alerts for renewal:
    Sr No Type Value
    1 App Server certificate (of EFA) app_server_cert
    2 Default Intermediate CA default_intermediate_ca
    3 Default Root CA default_root_ca
    4 Third-Party CA third_party_ca
    5 JWT Certificate jwt_cert
    K3s Server Certificate k3s_server_cert
    K3s CA Certificate k3s_ca
Requirements
Alert Data:
  • Certificate Type

Syslog RFC-5424 Example:

Syslog RFC-5424 Example:
<116>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Environmental  
   [meta sequenceId=”47”]
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]
   [alert@1916
   resource=”/App/System/Security/Certificate?type=app_server_cert”
   alertId=”31004”           
   cause=”keyGenerated”
   type=”securityServiceOrMechanismViolation”
   severity=”warning”] 
   [alertData@1916
   certifcateType=”App Server certificate”]
  BOMThe application server certificate on EFA has been renewed
Health Response
Response
{
    Resource: /App/System/Security/Certificate?type=app_server_cert
    HQI {
        Color: Green
        Value: 0
    }
    StatusText: Application server certificate renewed by user <user>.
}

Managed Device Certificate Upload or Renewal

31005 Managed Device Certificate Upload or Renewal
Description Send an alert when a certificate is renewed.
Preconditions
For all the certificates managed by EFA, an alert is sent on renewal of any of the certificates.
Sr No Type Value
1 HTTPS Server certificate https_server_cert
2 JWT Verifier (OAuth2) jwt_verifier
Requirements
Alert Data:
  1. Device IP
  2. Certificate Type

Syslog RFC-5424 Example:

<118>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Environmental  
   [meta sequenceId=”47”]
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]
   [alert@1916
   resource=”/App/System/Security/Certificate?device_ip=10.10.10.1&type=https_server_cert”
   alertId=”31005”           
   cause=”keyGenerated”
   type=”securityServiceOrMechanismViolation”
   severity=”info”] 
   [alertData@1916
   deviceIP=”10.10.10.1”    
   certifcateType=”HTTPS certificate”]
  BOMThe device 10.10.10. 1HTTPS server certificate has been renewed.
Health Response
Response
{
  Resource:/App/System/Security/Certificate?device_ip=10.10.10.1&type=https_server_cert
    HQI {
        Color: Green
        Value: 0
    }
    StatusText: Device 10.10.10.1 Https server certificate was renewed by user <user>.
}

Security Level Thresholds (Login attempts)

31010 Security Level Thresholds (Login attempts)
Description Send an alert when a user login attempt to EFA fails.
Preconditions None
Requirements
Alert Data:
  • Username
Syslog RFC-5424 Example: 
<114>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Environmental    
   [meta sequenceId=”47”]  
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]  
   [alert@1916  
   alertId=”31010”  	  
   cause=”credentialError”  
   type=”securityServiceOrMechanismViolation”  
   severity=”major”]   
   [alertData@1916  
   userName=”bob”] 
  BOMFailed login attempt.
Health Response N/A

Login Successful

31011 Login Successful
Description Send an alert when a user successfully logs in to EFA.
Preconditions None
Requirements

Alert Data:

  • Username
Syslog RFC-5424 Example:
<118>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Environmental    
   [meta sequenceId=”47”]  
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]  
   [alert@1916  
   resource=”/App/System/Security/Authentication” 
   alertId=”31011”  	  
   cause=  
   type=  
   severity=”info”]   
   [alertData@1916  
   userName=”bob”] 
  BOM Successful login.
Health Response N/A

LDAP Connectivity

31030 LDAP Connectivity
Description Send an alert when LDAP server configured in EFA is not reachable.
Preconditions

The polling is enabled only if:

  1. LDAP servers are configured in the system.
  2. Authentication fallback preference is set to LDAP.
  • All the LDAP servers that are added in the fallback sequence will be monitored.
  • Polling frequency: hourly
  • During the poll, login is performed with the base user that is configured in the system.
Requirements Alert Data:
  1. LDAP Server IP
  2. Reason
Syslog RFC-5424 Example:
<115>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Environmental    
   [meta sequenceId=”47”]  
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]  
   [alert@1916  
   resource=”/App/System/Security/Authentication” 
   alertId=”31030”  	  
   cause=”underlyingResourceUnavailable”  
   type=”communicationsAlarm”  
   severity=”major”]   
   [alertData@1916  
   ldapServerIP=”10.x.x.x”  
   reason=”Unable to reach the LDAP server”] 
   BOMThe connection to LDAP Server could not be established.
Health Response
Response
{
    Resource: /App/System/Security/Authentication
    HQI {
        Color: Yellow
        Value: 1
    }
    StatusText: Failed to connect to LDAP server at <time>.
}

Storage Utilization Threshold

31040 Storage Utilization Threshold
Description Send an alert per monitored TPVM mount point when capacity has reached 75% utilization or more.
Preconditions

System Component (Monitor Service) has system default settings that are NOT user configurable.

  • Polling frequency for storage utilization threshold notice: hourly
  • Storage Utilization Thresholds:
    • Under 75% - info (31042 is raised)
    • 75% - warning
    • 85% - minor
    • 95% - major
    • 97% - critical
  • Monitors the TPVM storage utilization on the following mount points:
    • “/” (/dev/vda2)
    • “/apps” (/dev/vdb1)

The hourly polling sends an “Alert” event notification with the TPVM storage utilization percentage which is processed by the fault engine.
Requirements
Alert Data:
  1. Node IP
  2. Mount Point
  3. Used MB
  4. Available MB
  5. Utilization Percent
Syslog RFC-5424 Example: 
<116>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Operational     
   [meta sequenceId=”47”]   
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]   
   [alert@1916   
   resource=”/App/System/Storage?node_ip=10.2.3.4&mount_point=%2F”  
   alertId=”31040”  	   
   cause=”storageCapacityProblem” 
   type=”processingErrorAlarm”   
   severity=”warning”]    
   [alertData@1916   
   nodeIP=”10.2.3.4” 
   mountPoint=”/” 
   usedMB=”7114” 
   availableMB=”2371” 
   utilizationPercent=”75”]  
   BOMThe Node IP “10.2.3.4” mount point “/” has reached a storage utilization of 75% with 2.371 GB free.
Health Response
Response
{
    Resource: /App/System/Storage?node_ip=10.2.3.4&mount_point=%2F”
    HQI {
        Color: Yellow
        Value: 1
    }
    StatusText: Disk partition <partition name> is <x %> full on node 10.2.3.4.
}

Storage Utilization Full

31041 Storage Utilization Full
Description Send an alert per monitored TPVM mount point when available storage is less than or equal to 1000 MB.
Preconditions

System Component (Monitor and System Service) has system default settings that are NOT user configurable.

  • Polling frequency for storage utilization threshold notice: hourly
  • Monitors the TPVM storage utilization on the following mount points:
    • “/” (/dev/vda2)
    • “/apps” (/dev/vdb1)

The hourly polling sends an “Alert” event notification with the TPVM storage utilization percentage which is processed by the fault engine.
Requirements
Alert Data:
  1. Node IP
  2. Mount Point
  3. Used MB
  4. Available MB
  5. Utilization Percent
Syslog RFC-5424 Example: 
<113>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Operational     
   [meta sequenceId=”47”]   
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]   
   [alert@1916   
   resource=”/App/System/Storage?node_ip=10.2.3.4&mount_point=%2F””  
   alertId=”31041”  	   
   cause=”storageCapacityProblem” 
   type=”processingErrorAlarm”   
   severity=”alert”]    
   [alertData@1916   
   nodeIP=”10.2.3.4” 
   mountPoint=”/” 
   usedMB=”9485” 
   availableMB=”0” 
   utilizationPercent=”100”]  
   BOMThe Node IP “10.2.3.4” mount point “/” storage is full.
Health Response
Response
{
    Resource: /App/System/Storage?node_ip=10.2.3.4&mount_point=%2F”
    HQI {
        Color: Red
        Value: 3
    }
    StatusText: Disk partition <partition name> is <x %> full on node 10.2.3.4.
}

Storage Utilization Check

31042 Storage Utilization Check
Description Send an alert per monitored TPVM mount point when capacity has reached safe levels under 75% utilization.
Preconditions

System Component (Monitor Service) has system default settings that are NOT user configurable.

  • Polling frequency for storage utilization threshold notice: hourly

The “Under 75%” info level storage threshold alert is sent once on Monitor Service startup and once to clear the unhealthy storage resource path.

All other severities, higher than info level, are continually sent at the polling frequency.
Requirements
Alert Data:
  1. Node IP
  2. Mount Point
  3. Used MB
  4. Available MB
  5. Utilization Percent
Syslog RFC-5424 Example:
<118>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Operational     
   [meta sequenceId=”47”]   
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]   
   [alert@1916   
   resource=”/App/System/Storage?node_ip=10.2.3.4&mount_point=%2F””  
   alertId=”31042”  	   
   cause=”storageCapacityCheck” 
   type=”processingErrorAlarm”   
   severity=”info”]    
   [alertData@1916   
   nodeIP=”10.2.3.4” 
   mountPoint=”/” 
   usedMB=”6243” 
   availableMB=”4732” 
   utilizationPercent=”62”]  
   BOMThe Node IP “10.2.3.4” mount point “/” is at a safe storage utilization of 62% with 4.732 GB free.
Response
{
    Resource: /App/System/Storage?node_ip=10.2.3.4&mount_point=%2F”
    HQI {
        Color: Green
        Value: 0
    }
    StatusText: Disk partition <partition name> is at a safe storage utilization of <x %> on node 10.2.3.4.
}

HA Service (Non-Redundant)

31050 HA Service (Non-Redundant)
Description Send an alert when the standby is not up which indicates that the system isn‘t fully redundant.
Preconditions

EFA 3.1.0 has a timer task to periodically monitor the status of the standby node. The timer task checks the status of the nodes and raise an event to the fault management system, which in-turn will raise an Alert to indicate to the user that the system isn‘t fully redundant.

  • Polling frequency for HA events: every minute
Requirements
Alert Data:
  • - None
Syslog RFC-5424 Example: 
<116>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Operational     
   [meta sequenceId=”47”]   
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]   
   [alert@1916   
   resource=”/App/System/HA”  
   alertId=”31050”  	   
   cause=”lossOfRedundancy”
   type=”operationalViolation”   
   severity=”warning”]    
   BOMHA Degraded.
Health Response
Response
{
    Resource: /App/System/HA
    HQI {
        Color: Yellow
        Value: 1
    }
    StatusText: HA Degraded.
}

HA Service (Fully Redundant)

31051 HA Service (Fully Redundant)
Description Send an alert when the standby is up and ready. This indicates to the user that the system is fully redundant.
Preconditions

A timer task will periodically check the status of the nodes and raise an event to the fault management system, which in turn will raise an Alert to indicate to the user that the system is fully redundant.

  • Polling frequency for HA events: every minute
Requirements
Alert Data:
  • - None
Syslog RFC-5424 Example: 
<118>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Operational     
   [meta sequenceId=”47”]   
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]   
   [alert@1916   
   resource=”/App/System/HA”  
   alertId=”31051”  	   
   cause=”redundancyRestored”
   type=”operationalViolation”   
   severity=”info”]    
   BOMHA fully redundant
Health Response
Response
{
    Resource: /App/System/HA
    HQI {
        Color: Green
        Value: 0
    }
    StatusText: HA fully redundant.
}

HA Service (Failover Occurred)

31052 HA Service (Failover Occurred)
Description Send an alert when an HA failover has occurred.
Preconditions

A timer task will periodically check the status of the nodes and raise an event to the fault management system, which in turn will raise an Alert to indicate to the user that an HA failover has occurred.

  • Polling frequency for HA events: every minute
Requirements
Alert Data:
  • Active IP
Syslog RFC-5424 Example
<116>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Operational     
   [meta sequenceId=”47”]   
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]   
   [alert@1916   
   resource=”/App/System/HA/Nodes/Node”  
   alertId=”31052”  	   
   cause=”localNodeTransmissionError”
   type=”operationalViolation”   
   severity=”warning”]
   [alertData@1916   
   activeIP=”10.1.2.3”]  
   BOM10.1.2.3 is now the HA active node
Health Response
Response
{
    Resource: /App/System/HA
    HQI {
        Color: Yellow
        Value: 1
    }
    StatusText: <Active IP> is now the HA active node.
}

Managed Device Connectivity Loss

31501 Managed Device Connectivity Loss
Description Send an alert when EFA gets disconnected from SLX.
Preconditions

The polling is enabled only if

  • Configure or Enable Health Check to determine when EFA loses contact with SLX.

Example (User Configuration):

  • efa inventory device setting update --ip=10.10.10.1 --health-check-enable Yes --health-check-interval 6m --health-check-heartbeat-miss-threshold 5

The polling sends the “DeviceConnectivityFailureAlert” event notification upon loss of contact.
Requirements

Alert Data:

  1. Device IP
  2. FailedAdapters
  3. FailureReason
Syslog RFC-5424 Example: 
<114>1 2022-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Environmental    
   [meta sequenceId=”47”]  
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]  
   [alert@1916  
   resource=”/App/Component/Asset/Device?device_ip=10.10.10.1” 
   alertId=”31501”  
   cause=”connectionEstablishmentError”  
   type=”communicationsAlarm”
   severity=”major”]   
   [alertData@1916  
   deviceIP=”10.10.10.1”  
   failedAdapters=”ssh rest netconf” 
   failureReason=”Authentication failed” 
   BOMContact has been lost with device “10.10.10.1”
Health Response
Response
{
    Resource: /App/Component/Asset/Device?device_ip=10.10.10.1
    HQI {
        Color: Red
        Value: 1
    }
    StatusText: Contact has been lost with device <Device IP>.
}

Managed Device Connectivity Reestablished

31502 Managed Device Connectivity Reestablished
Description Send an alert when the SLX device is not reachable.
Preconditions

The polling will be enabled only if

  • Configure/Enable Health check to watch for device connectivity.

Example (User Config):

  • efa inventory device setting update --ip=10.10.10.1 --health-check-enable Yes --health-check-interval 6m --health-check-heartbeat-miss-threshold 5

The polling sends the “DeviceConnectivitySuccessAlert” event notification upon loss of contact.
Requirements
Alert Data:
  • Device IP
Syslog RFC-5424 Example:
<118>1 2022-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - Environmental    
   [meta sequenceId=”47”]  
   [origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]  
   [alert@1916  
   resource=”/App/Component/Asset/Device?device_ip=10.10.10.1” 
   alertId=”31502”  
   cause=”connectionEstablished”
   type=”communicationsAlarm”
   severity=”info”]   
   [alertData@1916  
   deviceIP=”10.10.10.1”    
   BOMContact has been regained with device “10.10.10.1”.
Health Response
Response
{
    Resource: /App/Component/Asset/Device?device_ip=10.10.10.1
    HQI {
        Color: Green
        Value: 0
    }
    StatusText: Contact has been regained with device <Device IP>.
}
9037624-00 RevAA