The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
SNMP version 3 provides security features such as authentication (verifying that the request comes from a genuine source), privacy (encryption of data), authorization (verifying that the user allows the requested operation), and access control (verifying that the user has access to the objects requested). To prevent SNMP packets from being exposed on the network, you can configure encryption with SNMPv3.
The following sections describe how to configure SNMP v3 so the network management system can monitor Cisco HCM-F.
Note | To configure SNMP v2, see Enable Sending SNMP v2 Traps from HCM-F. |
Step 1 | Install and configure the SNMP NMS.
For more information, refer to the SNMP product documentation that supports the NMS. | ||
Step 2 | In the command line interface, enter utils service list . Verify that the system started the SNMP services, including: | ||
Step 3 | Configure the SNMP user. See | ||
Step 4 | Configure the notification destination for traps or informs. See: | ||
Step 5 | Configure the system contact and location for the MIB2 system group. See MIB2 system group. | ||
Step 6 | Configure trap settings for CISCO-SYSLOG-MIB.
Use these guidelines to configure CISCO-SYSLOG-MIB trap settings on your system:
| ||
Step 7 | (Optional) At the command line enter utils service start SNMP Master Agent to restart the SNMP Master Agent service.
| ||
Step 8 | On the NMS, configure the Cisco HCM-F trap parameters.
For more information refer to:
|
An SNMP agent sends notifications to NMS in the form of traps or informs to identify important system events. Traps do not receive acknowledgments from the destination whereas informs do receive acknowledgments.
The following sections apply to SNMP V3 notification destination configuration.
Add a v3 trap notification destination that is associated with a configured v3 username. |
The system prompts you for the parameters. See Trap notification destination parameter settings for parameter names and descriptions. |
utils snmp config 3 trap update The system prompts you for the parameters. See Trap notification destination parameter settings for parameter names and descriptions. |
|
utils snmp config 3 trap delete The system prompts you for the parameters. See Trap notification destination parameter settings for parameter names and descriptions. |
The notification-receiving port number on the destination server. The default port number is 162. |
|
The notification-receiving port number on the destination server that is currently configured. |
|
The notification-receiving port number on the destination server that you want to use when updating the trap notification destination. |
|
Specifies the SNMP user associated to the notification destination. |
An SNMP agent sends notifications to NMS in the form of traps or informs to identify important system events. Traps do not receive acknowledgments from the destination whereas informs do receive acknowledgments.
utils snmp config 3 inform add The system prompts you for the parameters. See Inform notification destination parameter settings for parameter names and descriptions. |
|
utils snmp config 3 inform update The system prompts you for the parameters. See Inform notification destination parameter settings for parameter names and descriptions. |
|
utils snmp config 3 inform delete The system prompts you for the parameters. See Inform notification destination parameter settings for parameter names and descriptions. |
The notification-receiving port number on the destination server. The default is port 162. |
|
The notification-receiving port number on the destination server that is currently configured. |
|
The notification-receiving port number on the destination server that you want to use when updating the inform notification destination. |
|
Specifies the SNMP user associated to the notification destination. |
|
Specifies the v3 username that is currently associated with the inform. |
|
Specifies the v3 username that you want to associate with the inform. |
|
Specifies confirmation for deleting the old user, either Y or N. |
|
Specifies the authentication protocol password. The password must contain at least 8 characters. |
|
Specifies the privacy protocol, either AES128, AES192, or AES256 |
|
Specifies the privacy protocol password. The password must contain at least 8 characters. |
|
Enter one of the following options for the access level:
|
|
Specifies the remote engine ID of the server to which to send inform messages. |
You can use the CLI to configure the system contact and system location objects for the MIB-II system group. For example, you could enter Administrator, 555-121-6633, for the system contact and San Jose, Bldg 23, 2nd floor, for the system location.
The system prompts you for the parameters. See CLI parameters for MIB2 system groups for parameter names and descriptions. |
|
The system prompts you for the parameters. See CLI parameters for MIB2 system groups for parameter names and descriptions. |
|
The system prompts you for the parameters. See CLI parameters for MIB2 system groups for parameter names and descriptions. |
Specifies the location of the person that is identified as the system contact. |
Simple Network Management Protocol (SNMP) allows access to a Management Information Base (MIB), which is a collection of information that is organized hierarchically. MIBs comprise managed objects, which are identified by object identifiers. A MIB object, which contains specific characteristics of a managed device, comprises one or more object instances (variables).
The SNMP interface provides these Cisco Standard MIBs:
The SNMP extension agent resides in the server. The SNMP interface also provides these industry-standard MIBs:
Use the CDP subagent to read the Cisco Discovery Protocol MIB (CISCO-CDP-MIB). This MIB enables Cisco HCM-F to advertise itself to other Cisco devices on the network.
The CDP subagent implements the CDP-MIB. The CDP-MIB contains the following objects:
Use the System Application Agent to get information from the SYSAPPL-MIB, such as installed applications, application components, and processes that are running on the system.
System Application Agent supports the following object groups of SYSAPPL-MIB:
Use MIB2 agent to get information from MIB-II. The MIB2 agent provides access to variables that are defined in RFC 1213, such as interfaces, IP, and so on, and supports the following groups of objects:
Use Host Resources Agent to get values from HOST-RESOURCES-MIB. Host Resources Agent provides SNMP access to host information, such as storage resources, process tables, device information, and installed software base. Host Resources Agent supports the following groups of objects:
Syslog tracks and logs all system messages, from informational through critical. With this MIB, network management applications can receive syslog messages as SNMP traps:
Cisco Syslog Agent supports trap functionality with the following MIB objects:
Note | The commands shown here are available on an Application Node. A WS Node has a different set. Use the help utils diagnose hcs command to display the available commands. |
utils diagnose hcs
utils diagnose hcs agp
utils diagnose hcs chpa
utils diagnose hcs cnf
utils diagnose hcs cucdmpa
utils diagnose hcs cucdmsync
utils diagnose hcs dmasa
utils diagnose hcs fulfillment
utils diagnose hcs hlm
utils diagnose hcs nbi
utils diagnose hcs sdrcnf
utils diagnose hcs si
utils diagnose hcs ucpa
utils diagnose hcs ucsmsync
utils diagnose hcs usersync
utils diagnose hcs vcentersync
Cisco HCM-F Real-Time Monitoring Tool (RTMT), which runs as a client-side application, uses HTTPS to monitor system performance. RTMT has performance counters for Memory, Network, CPU, Disk, Process, and Services including JVM statistics. RTMT can connect directly to devices through HTTPS to troubleshoot system problems.
The RTMT application launches when you double click on the application icon or open the application, but does not work properly unless you log in on the proper type of server. In this case, a Cisco Hosted Collaboration Mediation Fulfillment (Cisco HCM-F) server.
You can connect to either the HCM-F application server or the HCM-F Web Services server. The RTMT session does not provide monitoring support for all the servers in HCM-F cluster.
Note | You can launch more than one RTMT session, with each session connecting to a different server (for example, one session connection to the HCM-F application server and another session connection to an HCM-F Web Services server). However, multiple RTMT sessions are not recommended by Cisco. |
Ensure that a Cisco CDM Database service is running on the Cisco HCM-F server to which you want to establish the RTMT connection.
Step 1 | To launch
RTMT, perform one of the following tasks:
The Real-Time Monitoring Tool Login dialog appears. | ||
Step 2 | In the Host IP Address field, enter either the IP address or the hostname of the Cisco HCM-F server. | ||
Step 3 | Enter the port
that the application will use to listen to the server.
The default port is 8443. | ||
Step 4 | Check the Secure Connection check box. | ||
Step 5 | Click
OK.
If the Add Certificate to Store dialog appears, click Accept to continue. The Authentication Required dialog appears. | ||
Step 6 | In the User Name field, enter the Administrator username for the application. | ||
Step 7 | In the
Password field, enter the password for the Administrator username.
If the authentication fails or if the server is unreachable, RTMT prompts you to reenter the server and authentication details, or you can click Cancel to exit the application. If authentication succeeds, RTMT launches the monitoring module from local cache or from a remote server, if the local cache does not contain a monitoring module that matches the back-end version. The Cisco HCM-F Real-Time Monitoring Tool window and the Select Configuration dialog box appear. | ||
Step 8 | Select a profile, and then click OK. |
With RTMT, you can customize your monitoring window by monitoring different performance counters and then create your own configuration profiles. You can restore these monitoring windows in a single step rather than opening each window again.
You can switch between different profiles during the same RTMT session or use the configuration profile in subsequent RTMT sessions.
Step 1 | Choose
.
The Preferences dialog box appears. | ||
Step 2 | Click
Save.
The Save Current Configuration dialog box appears. | ||
Step 3 | In the Configuration name field, enter a name for this particular configuration profile. | ||
Step 4 | In the
Configuration description field, enter a description of this particular
configuration profile.
The system creates the new configuration profile. |
Perform the following procedure to restore a profile that you configured:
Perform the following procedure to delete a profile that you configured:
Alarms provide information about runtime status and the state of the system, so you can troubleshoot problems that are associated with your system; for example, to identify issues with the Disaster Recovery System. Alarm information, which includes an explanation and recommended action, also includes the application name and machine name to help you perform troubleshooting.
You configure the alarm interface to send alarm information to multiple locations, and each location can have its own alarm event level (from debug to emergency). Alarms can go to the Syslog Viewer (local syslog), Syslog file (remote syslog), SNMP traps, Cisco HCM-SA (Service Assurance), or to all destinations.
When a service issues an alarm, the alarm interface sends the alarm information to the locations that you configure (and that are specified in the routing list in the alarm definition). The system can either forward the alarm information, as is the case with SNMP traps, or the system can write the alarm information to its final destination (such as a log file).
As soon as you enter the alarm CLI command, the system prompts you for the required parameters. Enter the values to see the output.
Display the alarm configuration for a specific service/list of all services |
servicename—Name of the service. It can contain multiple words. Enter the servicename as all to show the alarm configurations of all the services. Enter the servicename as Cisco Tomcat to show the alarm configuration of Cisco Tomcat service. |
||
status—enable or disable. servicename—Name of the service. It can contain multiple words. monitorname—SDI, SDL, Event_Log, or Sys_Log. |
|||
servicename—Name of the service. It can contain multiple words. servername—Name of the remote Syslog server. |
|||
servicename—Name of the service. It can contain multiple words. monitorname—SDI, SDL, Event_Log, or Sys_Log. severity equals one of the following:
|
|||
Set alarm configuration to default values
|
servicename—Name of the service. It can contain multiple words. |
Traces assist you in troubleshooting issues with your application. You use the CLI to specify the level of information that you want traced as well as the type of information that you want included in each log file. You can configure trace parameters for any service on the Cisco HCM-F platform.
After you configure the information that you want to include in the log files for each service, you can collect and view log files through log collection. To do this, configure trace using the set trace CLI command.
You can configure the level of information that you want traced (debug level), what information you want to trace (trace fields), and information about the trace files (such as number of files per service, size of file, and time that the data is stored in the log files).
You use the command line interface (CLI) to enable and disable tracing as well as to configure trace settings for specific services on the Cisco HCM-F platform. As soon as you enter the CLI command, the system prompts you for the required parameters. For more information regarding trace collection, see Log collection.
servicename—Name of the service. It can contain multiple words. Enter the servicename as all to show the trace configurations of all the services. Enter the servicename as Cisco AMC Service to show the trace configuration of Cisco AMC Service. |
|||
servicename—Name of the service. It can contain multiple words. |
|||
status—enable or disable servicename—Name of the service. It can contain multiple words. |
|||
Specify the debug trace level settings for a specified service |
tracelevel—Use show tracelevels CLI command to find the trace levels for a given servicename. servicename—Name of the service. It can contain multiple words. You can obtain the name of the service from the utils service list CLI command. |
||
Specify the maximum size of a trace files for a specific service from 1 to 10 megabytes. |
servicename—Name of the service. It can contain multiple words. size—Maximum size of the trace files from 1 to 10 megabytes. |
||
Specify the maximum number of log files per service. The system automatically appends a sequence number to the file name to indicate which file it is; for example, cus299.txt. When the last file in the sequence is full, the trace data begins writing over the first file. |
servicename—Name of the service. It can contain multiple words. filecount—Number of trace files from 1 to 10000. |
||
Set the user categories flag to the value provided, for a specified service.
|
flagnumber—Hexadecimal value from 0 to 7FFF. 7FFF means all the flags are enabled. servicename—Name of the service. It can contain multiple words. |
||
Set trace configuration to default values for a specified service.
|
servicename—Name of the service. It can contain multiple words. |
You can collect log files by performing any of the following tasks:
To view the log files directly from the CLI, enter the following the CLI commands:
To bundle the various log files and send them to the local SFTP directory, enter the CLI command file get.
Then, use an SFTP client to obtain the .tar files and send them to the team that troubleshoots.
Use Cisco HCM-SA (Service Assurance) tools to obtain the log files.