Comments
-
Something I forgot to add but seems to be common in this thread: VPN monitoring There is a SAM template (Cisco ASA VPN Tunnels) that has some good info, but it appears to be the kind of info that NPM should be able to pull. SAM shouldn't be required to get this info and view. If anyone has SAM but does not have that…
-
I am, but that only works for the admin and user contexts since they can be managed as a unique host. The system config space, where the contexts are defined and failover is configured, is not backed up. It may be that a pseudo-device needs to be created, such that the managed object is not accessed directly but rather by…
-
Look at the top of the Thwack page, about halfway across. Click the down-pointing arrow under "Content Exchange".
-
I'd say add away. It sounds like you're not adding any additional workload - just adding more info that is no different than node name or IP address, machine type, etc. as far as the application is concerned.
-
Regarding the RW string: it sounds like Orion is trying to write to an OID that your device either doesn't support at all, or only supports get operations. Some devices, such as a Cisco ASA firewall, do not support any SNMP set operations. Device Studio poller: Good to hear. Feel free to submit it back to the community so…
-
I've had this with both 10.x and 11.x.
-
In the upper right-hand corner of web interface.
-
Are you trying to do this from a command line or from an Orion module?
-
You don't need a config template to perform those actions. I'm not trying to sound condescending but it sounds like you may benefit from reading through the user guide.
-
Have any of the policy maps or service policies changed lately? Has there been a routing change such that the SNMP get request is coming in through a different interface than the response is being sent? What are your ASA logs telling you about this traffic? Have you tried running the traffic through packet-tracer?
-
I've asked the same question. At this time the answer from management is that they want to have a single pane of glass solution, despite the need to have multiple monitors to view all the Orion modules. The stated goal is to allow NOC/helpdesk personnel to view the status of the DHCP scopes and view IP assignments. Logins…
-
For the 4500's, 6500'sand 7600 I use 1.3.6.1.4.1.9.9.13.1.5.1.3 ciscoEnvMonSupplyState I don't have any 3500s to test with. When you create your UnDP, use MIB value Type "Raw Value", SNMP Get Type "Get Table", and Format "Enumeration". My Enumerations are mapped to: 1 normal 2 WARNING 3 CRITICAL 4 SHUTDOWN 5 notPresent 6…
-
That's part of what leads me to believe that what discovery knows of versus what NPM monitoring knows of are 2 separate things. "New" devices haven't been through the complete discover/ignore/import process yet despite already being monitored by NPM. In the case of a single poller, importing devices and interfaces that are…
-
Generally I only monitor uplinks - I don't care about access ports. If the server admins want interface stats they can monitor the interfaces on their host. However, if you also have NTA then you may need to monitor VLAN interfaces if you are gathering NetFlow data on a layer 3 VLAN interface.
-
What knockers!
-
Correction: verify ICMP is allowed to the management address of the router, in this case your FastEthernet port.
-
Do we have an ETA?
-
This is the OID that I use. When defining the UnDP, set Format to "Enumeration". Map the values as such: 0 other 1 ok 2 minorFault 3 majorFault. I use this for all my 6500s and 7600s. This does not work for the 4500s I have tested. For 4500s I use 1.3.6.1.4.1.9.9.117.1.2.1.1.2 These values map as follows: 1 unknown 2 ok 3…
-
I'll add a +1 on "all related config statements". I would really like to be able to see the NAT config when I show the config of an object. Currently when I issue "show run object id <object name>" I get the name of the object, any description, and the hostname. What I don't get is the object NAT config. I have to use…
-
It probably won't be pretty, but something you could look at is the encrypt/decrypt stats on the tunnels to get the traffic metrics.
-
Ok, let me restate: I would use the IP address of the loopback interface on a router rather than an IP address on a physical port. I wouldn't add the loopback interface itself as an interface to monitor. Except for a few ASRs most of my devices are layer 3 switches. In these cases I use the IP address of a management vlan…
-
This modification only affects the Alerts page in NPM 10.0. If you have any later version then you don't want to be making these changes as the capability has already been added to the product. Regarding how this affects 10.0, according to my memory this affected the active alerts report but did not affect any other pages…
-
Given the version difference, I wouldn't try to overwrite your file with my version. My suggestion would be to go to the specified file, and see if the GenerateReport function is there. If so, make a backup of the file, then try placing the code snippet into your file and see what happens. The code doesn't modify any data,…
-
Aw, man, now I gotta go check my environment. Looking at cahunt's post make me recheck what I was seeing. We just did an upgrade last week from NPM 11.5.1 to NPM 11.5.3 (and core services, and NCM, and SAM, and VNQM, and .......). I just realized that my customized views for F5 devices are not being applied. All my F5…
-
I went down those paths. Yes, there is a nice step-by-step guide. What I was looking for was details such as syntax, keywords, arguments, etc that can be used with the various functions available for the transforms. For anyone interested, the If() function is as follows: IF(<condition to be tested> , <value to return if…
-
SWEET!!!! Even better than I hoped Many thanks.
-
Already read that. Other than the install/uninstall process, it has nothing I'm looking for. It tells me which files are changed, but it doesn't tell me why the changes were necessary. What specific issues have been fixed and what is still an open issue? For example, I have a polling issue when I run a discovery. I don't…
-
I'm currently finishing the process of migrating all my devices to ISE 2.3. Moving to ISE 2.4 as soon as my VMs get the CPU counts corrected. I am not missing the problems I've had with the ACS web interface corrupting my policies. We had a VAR perform the ISE build as well as import devices and create policies. They were…
-
Very good to know. Would probably also fit well into an FAQ or user guide.
-
There's 2 things you can look at depending on how old or new your code is. The easiest rule to implement is to look for the existence of a line that reads "tacacs-server host ______" with the IP of your 2nd tacacs server in there. Another rule to try is to look for a config block. That config block would start with the…
