Cisco Systems 3.6 Correlation Logic Event Correlator, Alarm Sending Event Correlator

Page 68

Appendix B Event and Alarm Correlation Flow

Event Correlation Flow

If it is box-level correlation the event is stored in the application for the correlation delay period and during this period collects all possible root causes having the same correlation delay.

If it is flow-level correlation, then the flow will start after the correlation delay.

2.The flow starting and ending points are defined by the event correlation parameters (see Table B-1).

3.After the flow finishes it will get a message that contains all the collected alarms. Alarms are collected on every DC that the flow intercepts regardless of the original correlation key of the event that triggered it.

Correlation Logic (Event Correlator)

The correlation logic is used for determining the most fitting alarm to serve as a root cause for the specified event. It selects from the alarms, the most fitting alarm (root cause), based on the correlation filters and selects the root cause method.

Alarm Sending (Event Correlator)

Once an event has gone through the correlation process it will be transformed into an alarm and will be sent to the gateway.

Post-Correlation Rule (Event Correlator)

The post-correlation rule is used for performing logic which needs to be performed after the event had been sent. Usually the post-correlation rule is used for triggering additional behaviors such as search for affected services that where influenced by the alarm.

Cisco Active Network Abstraction Fault Management User Guide, Version 3.6 Service Pack 1

 

B-4

OL-14284-01

 

 

 

Image 68
Contents Americas Headquarters Page N T E N T S Multi Route Correlation Cloud VNE Alarm Sending Event Correlator About This Guide ViiViii Fault Management Overview Managing EventsAlarm Basic Concepts and TermsEvent Event SequenceRepeating Event Sequence Flapping EventsCorrelation By Root Cause TicketSeverity Propagation Sequence Association and Root Cause AnalysisEvent Processing Overview OL-14284-01 Fault Detection and Isolation Unreachable Network ElementsVNE Integrity Service Sources of Alarms On a DeviceAlarm Integrity Fault Detection and Isolation Integrity Service Event Suppression Cisco ANA Event Correlation and SuppressionRoot-Cause Correlation Process Cisco ANARoot-Cause Alarms Correlation FlowsCorrelation by Key Correlation by FlowCorrelating TCA Using WeightsDC Model Correlation Cache Connectivity Test Device Unreachable AlarmAdvanced Correlation Scenarios Device Fault Identification Device Unreachable ExampleIP Interface Status Down Alarm IP Interface Failure ScenariosCorrelation of Syslogs and Traps All IP Interfaces Down Alarm IP Interface Failure ExamplesInterface Example 10.200.1.2 General Interface Example ATM Examples Ethernet, Fast Ethernet, Giga Ethernet ExamplesInterface Registry Parameters Ip interface status down ParametersMulti Route Correlation Multi Route Correlation Example11 Multi Route Correlation Example GRE Tunnel Down/Up Alarm Generic Routing Encapsulation GRE Tunnel Down/UpGRE Tunnel Down Correlation Example 14 GRE Tunnel Down Example 1 Single GRE Tunnel15 GRE Tunnel Down Example 2 Multiple GRE Tunnels 16 Alarms Correlation to GRE Tunnel Down Ticket LDP Neighbor Down Alarm BGP Process Down AlarmMpls Interface Removed Alarm OL-14284-01 Types of Unmanaged Networks Supported Correlation Over Unmanaged SegmentsCloud VNE Supported When Logical Inventory Physical Inventory Cloud Problem Alarm Cloud Correlation ExampleOL-14284-01 Event and Alarm Configuration Parameters Alarm Type DefinitionGeneral Event Parameters Event Sub-Type Configuration ParametersRoot Cause Configuration Parameters Correlation Configuration Parameters Network Correlation ParametersSystem Correlation Configuration Parameters Flapping Event Definitions ParametersImpact Analysis Impact Analysis OptionsImpact Report Structure Affected SeveritiesImpact Analysis GUI Affected Parties TabViewing a Detailed Report For the Affected Pair Detailed Report For the Affected Pair Disabling Impact Analysis Accumulating Affected PartiesUpdating Affected Severity Over Time Accumulating the Affected Parties In an AlarmAccumulating the Affected Parties In the Correlation Tree OL-14284-01 Supported Service Alarms BGP process up Shut down on a deviceAll ip interfaces Sent when all IP interfaces True Warnin Shelf Out Link Over Utilized Rx DormantTx Dormant OL-14284-01 Event and Alarm Correlation Flow Software Function Architecture Figure B-1 Event Correlation Flow VNE levelEvent Correlation Event Correlation FlowEvent Creation VNE level Post-Correlation Rule Event Correlator Alarm Sending Event CorrelatorCorrelation Logic Event Correlator
Related manuals
Manual 4 pages 36.46 Kb

3.6 specifications

Cisco Systems 3.6 marks a significant advancement in network technology, presenting an innovative suite of features and capabilities designed to enhance performance, security, and flexibility for modern networks. As a leader in networking solutions, Cisco continues to evolve its offerings, ensuring they meet the demands of businesses operating in increasingly complex environments.

One of the standout features of Cisco Systems 3.6 is the introduction of enhanced automation capabilities. Automation reduces the manual effort required for network management, allowing IT teams to focus on strategic initiatives rather than routine maintenance. The system leverages advanced machine learning algorithms to analyze network behavior, detect anomalies, and suggest optimizations, which enhances operational efficiency and uptime.

In terms of security, Cisco Systems 3.6 integrates robust cybersecurity measures directly into its architecture. It incorporates Cisco's SecureX framework, which provides centralized visibility and control across the entire security stack. This feature allows organizations to respond rapidly to threats, leveraging threat intelligence and automated response mechanisms to mitigate risks effectively.

Another notable characteristic is improved compatibility with cloud environments. With the rise of hybrid cloud models, Cisco Systems 3.6 offers seamless integration capabilities that enable businesses to connect their on-premises networks with public and private cloud infrastructures. This ensures greater flexibility and enhanced performance for cloud-based applications.

Cisco also emphasizes software-defined networking (SDN) with its updated platform. This approach allows for greater agility, enabling network administrators to programmatically manage resources through a centralized interface. SDN facilitates rapid deployment of services and applications, optimizing the overall user experience.

Cisco Systems 3.6 also boasts enhanced collaboration tools, fostering improved communication across teams. Featuring advanced video conferencing and messaging capabilities, it enhances productivity and streamlines processes, regardless of employee location. These tools are designed to support remote work environments, which have become increasingly important in today's business landscape.

Furthermore, energy efficiency is a core aspect of Cisco Systems 3.6. The system is designed to optimize power consumption and reduce overall operating costs, aligning with global sustainability goals. The efficient design prioritizes environmentally friendly practices while still delivering high performance.

In conclusion, Cisco Systems 3.6 represents a comprehensive evolution in networking technology, focusing on automation, security, cloud integration, SDN, collaboration, and energy efficiency. These features position Cisco as a pivotal player in supporting organizations as they navigate the complexities of digital transformation and the future of networking.