Hello @emiacc ,
Considering that you installed Netdata recently, I will give a short explanation for you how Netdata works and finally the motive you are receiving this message.
All predefined alarms are present inside
/usr/lib/netdata/conf.d/health.d/, and the alarm that was raised on your computer is inside the file
/usr/lib/netdata/conf.d/health.d/tcp_resets.conf, to be more specific, this is the alarm:
lookup: average -1m at -10s unaligned absolute of OutRsts
units: tcp resets/s
info: average TCP RESETS this host is sending, over the last minute
lookup: average -10s unaligned absolute of OutRsts
units: tcp resets/s
warn: $this > ((($1m_ipv4_tcp_resets_sent < 5)?(5):($1m_ipv4_tcp_resets_sent)) * (($status >= $WARNING) ? (1) : (20)))
delay: up 0 down 60m multiplier 1.2 max 2h
info: average TCP RESETS this host is sending, over the last 10 seconds (this can be an indication that a port scan is made, or that a service running on this host has crashed; clear notification for this alarm will not be sent)
It says that the alarm is applied to the chart
ipv4.tcphandshake when it is running on
Linux, for all hosts(
*). It is calculated with data collected from database during the last 10 second (
-10s). It sends to you a
warn when the calculated result is bigger than a specified threshold that depends of the alarm
Unfortunately the first alarm that is raising for you is a little bit complicated if this is the first time you are seeing a Netdata alarm. For you understand more about alarms, you can take a look at our documentation.
Now on top of the chart
ipv4.tcphandshake we have the following information
EstabResets is the number of established connections resets (i.e. connections that made a direct transition from ESTABLISHED or CLOSE_WAIT to CLOSED). .
Finally, this means that you are having a lot of connections in a short period of time is establishing connection, but it is almost immediatelly closed.