Chapter 12 Managing Alarms

Creating, Editing, and Duplicating Alarm Thresholds

NAD-Reported AAA Downtime

When ACS evaluates this threshold, it examines the NAD-reported AAA down events that occurred during the specified interval up to the previous 24 hours. The AAA down records are grouped by a particular common attribute, such as device IP address or device group, and a count of records within each of those groups is computed.

If the count for any group exceeds the specified threshold, an alarm is triggered. For example, consider the following threshold configuration:

AAA Down count greater than 10 in the past 4 hours by a Device IP

If, in the past four hours, NAD-reported AAA down events have occurred for three different device IP addresses as shown in the following table, an alarm is triggered, because at least one device IP address has a count greater than 10.

 

 

Device IP

 

Count of NAD-Reported AAA Down Events

 

 

 

 

 

 

 

 

 

 

a.b.c.d

 

15

 

 

 

 

 

 

 

 

 

 

e.f.g.h

 

3

 

 

 

 

 

 

 

 

 

 

i.j.k.l

 

9

 

 

 

 

 

 

 

 

 

You can specify one or more filters to limit the AAA down records that are considered for threshold

 

 

evaluation. Each filter is associated with a particular attribute in the AAA down records and only those

 

 

records that match the filter condition are counted. If you specify multiple filter values, only the records

 

 

that match all the filter conditions are counted.

 

 

Choose this category to define threshold criteria based on the AAA downtime that a network access

 

 

device reports. Modify the fields in the Criteria tab as described in Table 12-24.

Table 12-24

NAD-Reported AAA Downtime

 

 

 

 

Option

 

 

Description

 

 

 

 

AAA down

 

 

greater than num in the past time MinutesHours by a object, where:

 

 

 

num values can be any five-digit number greater than or equal to zero (0).

 

 

 

time values can be 1 to 1440 minutes, or 1to 24 hours.

 

 

 

MinutesHours value can be Minutes or Hours.

 

 

 

object values can be:

 

 

 

Device IP

 

 

 

Device Group

 

 

 

 

 

 

 

 

 

User Guide for Cisco Secure Access Control System 5.3

 

 

 

 

 

 

OL-24201-01

 

 

12-31

 

 

 

 

 

Page 358 Page 360
Page 359
Image 359
Cisco Systems OL-24201-01 manual NAD-Reported AAA Downtime, Device IP Count of NAD-Reported AAA Down Events, 12-31
Page 358 Page 360
Top Page Image Contents