Chapter 3 Cisco ANA Event Correlation and Suppression
Root-Cause Alarms
Potential
Correlation Flows
The VNEs utilize their internal device component model (DCM) in order to perform the actual correlation. This action is considered to be a correlation flow. There are two basic correlation mechanisms used by the VNE:
1.Correlation by Key (correlation in the same VNE).
2.Correlation by Flow (correlation across VNEs or in the same VNE). Each event can be configured to:
•Not correlate at all.
•Perform correlation by key.
•Perform correlation by flow.
For more information about these parameters, see Chapter 6, “Event and Alarm Configuration
Parameters”.
In addition, the DC model cache enables the system to issue correlation flows over an historical network snapshot that existed in the network before a failure occurred. For more information see DC Model Correlation Cache.
Correlation by Key
When the root cause problem is at the box level, attempts to correlate to other events are restricted to the specific VNE. This means that the correlation flow does not cross the DCM models of more than one VNE. An example is a
An exception for this behavior is the
Correlation by Flow
Network problems and their effects are not always restricted to one network element. This means that a certain event could have the capability of correlating to an alarm several hops away. To do this the correlation mechanism within the VNE uses an active correlation flow that runs on the internal VNE’s DCM model and tries to correlate along a specified network path to an alarm. This is similar to the Cisco ANA PathTracer operation when it traces a path on the DCM model from point A to point Z, except that it is trying to correlate to a
Cisco Active Network Abstraction Fault Management User Guide, Version 3.6 Service Pack 1
|
| ||
|
|