Chapter 12 Managing Alarms

Creating, Editing, and Duplicating Alarm Thresholds

Note You can specify one or more filters to limit the passed authentications that are considered for threshold evaluation. Each filter is associated with a particular attribute in the authentication records and only those records whose filter value matches the value that you specify are counted. If you specify multiple filters, only the records that match all the filter conditions are counted.

Modify the fields in the Criteria tab as described in Table 12-10to create a threshold with the passed authentication criteria.

Table 12-10 Passed Authentications

 

Option

Description

 

 

 

 

 

 

Passed

Enter data according to the following:

 

Authentications

greater than count > occurrences %> in the past time > Minutes Hours for a object, where:

 

 

 

 

count values can be the absolute number of occurrences or percent. Valid values are:

 

 

count must be in the range 0 to 99 for greater than.

 

 

count must be in the range 1 to 100 for lesser than.

 

 

occurrences %> value can be occurrences or %.

 

 

time values can be 1 to 1440 minutes, or 1 to 24 hours.

 

 

MinutesHours value can be Minutes or Hours.

 

 

object values can be:

 

 

ACS Instance

 

 

User

 

 

Identity Group

 

 

Device IP

 

 

Identity Store

 

 

Access Service

 

 

NAD Port

 

 

AuthZ Profile

 

 

AuthN Method

 

 

EAP AuthN

 

 

EAP Tunnel

 

 

In a distributed deployment, if there are two ACS instances, the count is calculated as an absolute number

 

 

or as a percentage for each of the instances. ACS triggers an alarm only when the individual count of any

 

 

of the ACS instance exceeds the specified threshold.

 

 

 

 

 

 

 

 

 

Filter

 

 

 

 

 

 

 

 

 

 

 

ACS Instance

Click Select to choose a valid ACS instance on which to configure your threshold.

 

 

 

 

 

User

Click Select to choose or enter a valid username on which to configure your threshold.

 

 

 

 

 

Identity Group

Click Select to choose a valid identity group name on which to configure your threshold.

 

 

 

 

 

Device Name

Click Select to choose a valid device name on which to configure your threshold.

 

 

 

 

 

Device IP

Click Select to choose or enter a valid device IP address on which to configure your threshold.

 

 

 

 

 

 

 

 

 

 

User Guide for Cisco Secure Access Control System 5.3

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

OL-24201-01

 

 

 

12-15

 

 

 

 

 

 

 

Page 342 Page 344
Page 343
Image 343
Cisco Systems OL-24201-01 manual 12-15
Page 342 Page 344
Top Page Image Contents