监视 TCPv6\Segments Sent/sec 性能计数器。
此监视器跟踪通过 TCPv6 每秒发送的段数(但排除那些仅包含重新传输字节的段)。当发送的段数超过 TCPv6\Segments Sent/sec 性能计数器的阈值时,监视器将切换至警告状态。
发送段数突然增加可能表明具有安全漏洞。
采取措施消除安全薄弱环节。
Target | Microsoft.Windows.Server.10.0.OperatingSystem | ||
Parent Monitor | System.Health.PerformanceState | ||
Category | PerformanceHealth | ||
Enabled | False | ||
Instance Name | TCPv6 | ||
Counter Name | Segments Sent/sec | ||
Frequency | 300 | ||
Alert Generate | True | ||
Alert Severity | Warning | ||
Alert Priority | Normal | ||
Alert Auto Resolve | True | ||
Monitor Type | System.Performance.ConsecutiveSamplesThreshold | ||
Remotable | True | ||
Accessibility | Public | ||
Alert Message |
| ||
RunAs | Default |
<UnitMonitor ID="Microsoft.Windows.Server.10.0.TCPv6.SegmentsSentPerSec" Accessibility="Public" Enabled="false" Target="ServervNext!Microsoft.Windows.Server.10.0.OperatingSystem" ParentMonitorID="SystemHealth!System.Health.PerformanceState" Remotable="true" Priority="Normal" TypeID="SystemPerf!System.Performance.ConsecutiveSamplesThreshold" ConfirmDelivery="false">
<Category>PerformanceHealth</Category>
<AlertSettings AlertMessage="Microsoft.Windows.Server.10.0.TCPv6.SegmentsSentPerSec.AlertMessage">
<AlertOnState>Warning</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>Normal</AlertPriority>
<AlertSeverity>Warning</AlertSeverity>
<AlertParameters/>
</AlertSettings>
<OperationalStates>
<OperationalState ID="OverThreshold" MonitorTypeStateID="ConditionTrue" HealthState="Warning"/>
<OperationalState ID="UnderThreshold" MonitorTypeStateID="ConditionFalse" HealthState="Success"/>
</OperationalStates>
<Configuration>
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<CounterName>Segments Sent/sec</CounterName>
<ObjectName>TCPv6</ObjectName>
<InstanceName/>
<Frequency>300</Frequency>
<Threshold>100</Threshold>
<Direction>greaterequal</Direction>
<NumSamples>12</NumSamples>
</Configuration>
</UnitMonitor>