Cisco Systems 5, NAM Diagnostics

5-14

User Guide for the Cisco Network Analysis Module (NAM) Traffic Analyzer, 5.0

OL-22617-01

Chapter 5 User and System Administration

Diagnostics

Diagnostics

The Diagnostics option of the Administration menu provides tools to aid in troubleshooting. You can

use these tools when you have a problem that might require assistance from the Cisco Technical

Assistance Center (TAC). There are options for:

• System Alerts, page 5-14

• Audit Trail, page 5-14

• Tech Support, page 5-15

System Alerts

You can view any failures or problems that the NAM Traffic Analyzer has detected during normal

operations. To view System Alerts, choose Administration > Diagnostics > System Alerts.

Each alert includes a date, the time the alert occurred, and a message describing the alert. The NAM

displays up to one thousand (1,000) of the most-recent alerts. If more than 1,000 alerts have occurred,

you need to use the NAM CLI command show tech support to see all of the alerts.

If you notice an alert condition and troubleshoot and attempt to solve the condition causing the alert, you

might want to click Clear to remove the list of alerts to see if additional alerts occur.

Audit Trail

The Audit Trail option displays a listing of recent critical activities that have been recorded in an internal

syslog log file. Syslog messages can also be sent to an external log.

The following user activities are logged in the audit trail:

• All CLI commands

• User logins (including failed attempts)

• Unauthorized access attempts

• SPAN changes

• NDE data source changes

• Enabling and disabling data collections

• Starting and stopping captures

• Adding and deleting users

Each log entry will contain the following:

Audit Trail The Audit Trail option displays a listing of recent critical

activities that have been recorded in an internal syslog log

file. Syslog messages can also be sent to an external log.

Capture File Download Format Choose ENC (.enc) or PCAP (.pcap) format for captured

files.

Table 5-7 Preferences (continued)

Field Description

Contents

Main Page CONTENTS Page Page Page Page Page Page Page About This Guide Chapter Overview Audience Conventions Notices Obtaining Documentation and Submitting a Service Request Page Overview Introducing NAM Traffic Analyzer 5.0 Dashboards Logical Site New Application Classification Architecture Standards-Based NBI NetFlow v9 Data Export Historical Analysis SNMP v3 Support -- NAM to Router/Switch Support Overview of the NAM Platforms Logging In Navigating the User Interface Common Navigation and Control Elements Menu Bar Detailed Views Context Menus Quick Capture Interactive Report Chart View / Grid View Mouse-Over for Details Zoom/Pan Charts Page Context-Sensitive Online Help Understanding How the NAM Works Page Understanding How the NAM Uses SPAN Understanding How the NAM Uses VACLs Understanding How the NAM Uses NDE Understanding How the NAM Uses WAAS Configuration Overview Page Configuring and Viewing Data Cisco WAAS NAM Virtual Service Blade Setting Up The NAM Traffic Analyzer Default Functions Traffic Analysis Application Response Time Metrics Voice Signaling/RTP Stream Monitoring Traffic Usage Statistics Traffic SPAN About SPAN Sessions Page Page Creating a SPAN Session Page Editing a SPAN Session Deleting a SPAN Session Data Sources SPAN ERSPAN Enabling Auto-Creation of ERSPAN Data Sources Using the Web GUI Enabling Auto-Creation of ERSPAN Data Sources Using the CLI Disabling Auto-Creation of ERSPAN Data Sources Using the Web GUI Disabling Auto-Creation of ERSPAN Data Sources Using the CLI Creating ERSPAN Data Sources Using the Web GUI Creating ERSPAN Data Sources Using the CLI Deleting ERSPAN Data Sources Using the Web GUI Deleting ERSPAN Data Sources Using the CLI Configuring ERSPAN on Devices VACL Configuring VACL on a WAN Interface Configuring VACL on a LAN VLAN NetFlow Understanding NetFlow Interfaces Understanding NetFlow Flow Records Managing NetFlow Data Sources Configuring NetFlow on Devices Page Enabling Auto-Creation of NetFlow Data Sources Using the Web GUI Enabling Auto-Creation of NetFlow Data Sources Using the CLI Disabling Auto-Creation of NetFlow Data Sources Using the Web GUI Disabling Auto-Creation of NetFlow Data Sources Using the CLI Creating NetFlow Data Sources Using the Web GUI Page Creating NetFlow Data Sources Using the CLI 2-26 assigned to the new device, you will need it to create the data source! shown here: Step 8 Enter ? to see all the command options available, as in the example below: Step 9 Enter the device ID from Step 4 (required): Deleting NetFlow Data Sources Using the Web GUI Deleting NetFlow Data Sources Using the CLI Testing NetFlow Devices WAAS Understanding WAAS Response Time Monitoring from WAAS Data Sources Monitoring Client Data Sources Monitoring WAN Data Sources Monitoring Server Data Sources Deployment Scenarios Managing WAAS Devices Adding Data Sources for New WAAS Device Editing WAAS Data Sources Deleting a WAAS Data Source Auto Create of New WAAS Devices Hardware Deduplication Alarms Alarm Actions Alarm Action Configuration Editing Alarm Actions Deleting Alarm Actions Thresholds Setting Host Thresholds Setting Conversation Thresholds Setting Application Thresholds Setting Response Time Thresholds Setting DSCP Thresholds Setting RTP Stream Thresholds Setting Voice Signaling Thresholds Setting NDE Interface Thresholds Editing an Alarm Threshold Deleting a NAM Threshold User Scenario Data Export NetFlow Viewing Configured NetFlow Exports Configuring NetFlow Data Export Page Editing NetFlow Data Export Scheduled Exports Editing a Scheduled Export Deleting a Scheduled Export Custom Export Managed Device Device Information Page NBAR Protocol Discovery Network Sites Definition Rules Specifying a Site Using Subnets Specifying a Site Using WAE devices (WAAS Data Sources) Specifying a Site Using Multiple Rules Resolving Ambiguity (Overlapping Site Definitions) Viewing Defined Sites Defining a Site Page Subnet Detection Editing a Site NDE Interface Capacity Creating an NDE Interface DSCP Groups Creating a DSCP Group Editing a DSCP Group Deleting a DSCP Group Classification Applications Creating a New Application Editing an Application Deleting a Protocol Application Groups Creating an Application Group Editing an Application Group Deleting an Application Group URL-based Applications Example Editing a URL-Based Application Deleting a URL-based Application Encapsulations Monitoring Aggregation Intervals Response Time Voice RTP Filter URL Enabling a URL Collection Changing a URL Collection Disabling a URL Collection WAAS Monitored Servers Adding a WAAS Monitored Server Deleting a WAAS Monitored Server Monitoring and Analysis Navigation Context Menus Interactive Report Saving Filter Parameters Traffic Summary Response Time Summary Site Summary Alarm Summary Page Analyzing Traffic Application Hosts Detail Host Applications Detail NDE Interface Traffic Analysis Viewing Interface Details DSCP Detail DSCP Application Groups Detail URL Hits Viewing Collected URLs Filtering a URL Collection List Host Conversations Network Conversation Top Application Traffic Page Application Traffic By Host WAN Optimization Top Talkers Detail Application Performance Analysis Transaction Time (Client Experience) Traffic Volume and Compression Ratio Average Concurrent Connections (Optimized vs. Passthru) Multi-Segment Network Time (Client LAN - WAN - Server LAN) Response Time Page Page Application Response Time Network Response Time Server Response Time Client Response Time Client-Server Response Time Server Application Responses Server Application Transactions Server Network Responses Client-Server Application Responses Client-Server Application Transactions Client-Server Network Responses Managed Device Interface Interfaces Stats Table Interface Statistics Over Time Health Switch Health Chassis Health Chassis Information Crossbar Switching Fabric Ternary Content Addressable Memory Information Router Health Router Health Router Information NBAR Media RTP Streams Purpose Monitoring RTP Streams Voice Call Statistics Calls Table Page RTP Conversation Page Page Capturing and Decoding Packet Data Sessions Viewing Capture Sessions Configuring Capture Sessions Page Page Software Filters Creating a Software Filter Page Page Editing a Software Capture Filter Hardware Assisted Filters Configuring a Hardware Filter VLAN VLAN and IP IP IP and TCP/UDP IP and Payload Data Payload Data Files Page Analyzing Capture Files Error Scan Downloading Capture Files Deleting a Capture File Deleting Multiple Files Viewing Packet Decode Information Browsing Packets in the Packet Decoder Filtering Packets Displayed in the Packet Decoder Viewing Detailed Protocol Decode Information Using Alarm-Triggered Captures Custom Display Filters Creating Custom Display Filters Page Tips for Creating Custom Decode Filter Expressions Editing Custom Display Filters Deleting Custom Display Filters Page User and System Administration System Administration Resources Network Parameters SNMP Agent Working with NAM Community Strings Creating NAM Community Strings Deleting NAM Community Strings Testing the Router Community Strings System Time Synchronizing the NAM System Time with the Switch or Router Synchronizing the NAM System Time Locally Configuring the NAM System Time with an NTP Server E-Mail Setting Web Data Publication Capture Data Storage Creating NFS Storage Locations Configuring the NFS Server Configuring the NFS Storage Location on the NAM Editing NFS Storage Locations Creating iSCSI Storage Locations Editing iSCSI Storage Locations Syslog Setting SNMP Trap Setting Creating a NAM Trap Destination Editing a NAM Trap Destination Deleting a NAM Trap Destination Preferences Diagnostics System Alerts Audit Trail Tech Support User Administration Local Database Recovering Passwords Changing Predefined NAM User Accounts on the Switch or Router Creating a New User Editing a User Deleting a User Establishing TACACS+ Authentication and Authorization Configuring a TACACS+ Server to Support NAM Authentication and Authorization Configuring a Cisco ACS TACACS+ Server Adding a NAM User or User Group Configuring a Generic TACACS+ Server Current User Sessions NAM Traffic Analyzer 5.0 Usage Scenarios Deployment Deploying NAMs in the Branch Deploying NAMs for Voice/Video applications Deploying NAMs for WAN Optimization Deploying Multi-NAM Consolidation Autodiscovery Capabilities of NAM Creating Custom Applications Utilizing Sites to Create a Geographically Familiar Deployment Integrating NAM with Third Party Reporting Tools Integrating NAM with LMS Monitoring Understanding Traffic Patterns at the Network Layer Understanding Traffic patterns for DiffServ-Enabled Networks Using NAM to Evaluate Application-Level Performance Monitoring for TCP-Interactive Applications Using NAM to Evaluate Application-Level Performance Monitoring for UDP Realtime Applications Troubleshooting Using NAM for Problem Isolation Using NAM for SmartGrid Visibility APPENDIX A Troubleshooting General NAM Issues Error Messages Packet Drops NAM Not Responding NAM Behavior WAAS Troubleshooting Page APPENDIX B Supported MIB Objects Supported MIBs Page Page Page INDEX A C D E F G H I M O P R S T U V W