Perform Catalyst Health and Configuration Check

Introduction

This document describes the procedure and requirements to perform automatic health and configuration checks for Catalyst 9000 platforms.

The health check is scheduled for general availability in October 2025.

Prerequisites

Requirements

Automated Health and Configuration Check is supported only for the Catalyst 9000 platforms that run standalone Cisco IOS® XE software, and not switches that run Meraki software.

Cisco RADKit is used to access the devices that the health check is being performed on. A connected RADKit instance is required jhwatson@cisco.com must be an allowed user. Review RADKit documentation and installation instructions here.

If Cisco RADKit is not available there is also a manual file upload option.

These hardware platforms and software versions are supported:

• Catalyst 9200
• Catalyst 9300
• Catalyst 9400
• Catalyst 9500
• Catalyst 9600
• Cisco IOS®XE 17.3.1 and later versions

Note: Catalyst 9500X and 9600X switches are not currently supported.

Components Used

This document is not restricted to specific software and hardware versions.

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Health and Configuration Check Procedure

To get started with Catalyst 9000 Automated Health Check all you need to do is open a regular TAC Service Request (SR) at Cisco Support Case Manager with this set of keywords (Technology/Sub-Technology/Problem Code):

Tech: LAN Switching

Sub-Tech: Catalyst 9000 - Health Check (Automated)

Problem Code: Health and Config Check

Once the SR is opened, a Cisco Guided Workflow walks you through the steps to upload the required logs.

After the required logs are uploaded, Cisco analyzes the logs and provides a health check report (in PDF format), which is attached to an email sent to the user. The report contains a list of issues detected, relevant steps to troubleshoot the problems, and recommended actions plan.

If you have any questions regarding the health check failures reported, it is advised to open a separate SR with appropriate keywords to get further expert assistance. It is strongly recommended to refer the original SR number opened for the Automated Health and Configuration Check along with the report generated to expedite the investigation.

Health and Configuration Check Modules

Automated Catalyst Health and Configuration Check Version 1 performs the checks listed in the Table 1.

Table 1: Health Check Modules and Associated CLI commands used by the Modules.

*Commands vary slightly depending on the model of switch and if it is part of a Stackwise or Stackwise-Virtual setup

Manual File Upload

To optimize ease of use of the manual file upload the commands needed are listed based on the hardware configuration type. Copy and paste the command list into a file and upload it when prompted.

Catalyst 9200 Standalone or Catalyst 9200 Stackwise

Catalyst 9300 Standalone or Catalyst 9200 Stackwise

Catalyst 9500 in Stackwise-Virtual

term exec prompt expand
show version
show running-config
show redundancy
show platform resources
show wireless mobility summary
show run all
show ap status
show snmp user
show ip ssh
show spanning-tree inconsistentports
show platform hardware fed switch active qos queue stats internal cpu policer
show app-hosting list
show ip sockets
show udld
show environment all
show avc sd-service info detailed
show iox-service
show spanning-tree detail
show spanning-tree instances
show platform hardware fed switch active fwd-asic resource utilization
show spanning-tree
show interfaces
show platform hardware fed switch active fwd-asic resource tcam utilization
show udp
show mdns-sd summary
show post
show process cpu sorted | exclude 0.00
show module
show ip interface brief
show process cpu platform sorted | exclude 0% 0% 0%
show inventory
show interfaces status err-disabled
show platform hardware fed switch active fwd-asic resource rewrite utilzation
show logging
show diagnostic result module all detail
show platform software object-manager switch active f0 statistics
show spanning-tree summary
show subsys
show ip nat statistics

Catalyst 9500 Standalone

term exec prompt expand
show version
show running-config
show module
show inventory
show iox-service
show spanning-tree instances
show run all
show platform resources
show subsys
show ip nat statistics
show udld
show interfaces
show platform hardware fed active fwd-asic resource rewrite utilzation
show spanning-tree detail
show wireless mobility summary
show platform hardware fed active fwd-asic resource tcam utilization
show snmp user
show platform hardware fed active qos queue stats internal cpu policer
show spanning-tree inconsistentports
show diagnostic result module all detail
show ip sockets
show mdns-sd summary
show ap status
show process cpu sorted | exclude 0.00
show avc sd-service info detailed
show udp
show ip ssh
show spanning-tree
show redundancy
show post
show logging
show process cpu platform sorted | exclude 0% 0% 0%
show app-hosting list
show platform software object-manager f0 statistics
show ip interface brief
show platform hardware fed active fwd-asic resource utilization
show interfaces status err-disabled
show spanning-tree summary
show environment all

Catalyst 9400 Standalone and Catalyst 9600 Standalone

term exec prompt expand
show version
show running-config
show ip sockets
show ip interface brief
show ap status
show ip nat statistics
show diagnostic result module all detail
show ip ssh
show iox-service
show snmp user
show interfaces status err-disabled
show run all
show wireless mobility summary
show logging
show redundancy
show spanning-tree detail
show module
show mdns-sd summary
show spanning-tree
show app-hosting list
show udld
show process cpu sorted | exclude 0.00
show udp
show platform hardware fed active qos queue stats internal cpu policer
show spanning-tree instances
show platform resources
show inventory
show avc sd-service info detailed
show process cpu platform sorted | exclude 0% 0% 0%
show platform hardware fed active fwd-asic resource utilization
show post
show interfaces
show platform software object-manager f0 statistics
show platform hardware fed active fwd-asic resource rewrite utilzation
show platform hardware fed active fwd-asic resource tcam utilization
show environment all
show spanning-tree summary
show spanning-tree inconsistentports
show subsys

Catalyst 9400 in Stackwise-Virtual and Catalyst 9600 in Stackwise-Virtual

term exec prompt expand
show version
show running-config
show stackwise-virtual
show spanning-tree summary
show spanning-tree
show platform software object-manager switch active f0 statistics
show platform hardware fed switch active fwd-asic resource rewrite utilization
show inventory
show ap status
show platform hardware fed switch active fwd-asic resource tcam utilization
show avc sd-service info detailed
show run all
show udp
show interfaces status err-disabled
show subsys
show stackwise-virtual dual-active-detection
show environment all
show platform resources
show logging
show ip sockets
show stackwise-virtual link
show platform hardware fed switch active qos queue stats internal cpu policer
show platform hardware fed switch active fwd-asic resource utilization
show app-hosting list
show ip interface brief
show post
show diagnostic result switch all all detail
show process cpu sorted | exclude 0.00
show spanning-tree instances
show udld
show snmp user
show iox-service
show process cpu platform sorted | exclude 0% 0% 0%
show spanning-tree detail
show ip nat statistics
show mdns-sd summary
show wireless mobility summary
show redundancy
show module
show interfaces
show spanning-tree inconsistentports
show ip ssh

Reports and Caveats

• The Health and Config Check SR is automated and handled by the Virtual TAC Engineer.
• The report (in PDF format) is usually generated within 24 business hours after all necessary logs are attached to the SR.
• The report is automatically shared over email (sourced from jhwatson@cisco.com)  with all contacts (primary as well as secondary) associated with the SR.
• The report is also attached to the SR to allow its availability at any later point in time.
• Be advised that the issues listed in the report are based on the logs provided and within the scope of the health check modules listed previously in Table 1.
• The list of health and configuration checks performed is not exhaustive and users are advised to perform further health checks as needed.

FAQs

Q1: Can I upload the command output manually instead of using Cisco RADKit?

A1: Yes -- if Cisco RADKit is not installed there is a manual file upload option available. 

Q2: What can I do if I have questions about one of the health check failures reported?

A2: Please open a separate TAC service request to get further assistance on the specific health check result. It is highly recommended to attach the health check report and refer the Service Request (SR) Case number opened for the automated health and config check.

Q3: Can I use the same SR opened for the Automated Health and Config Check to troubleshoot the issues found?

A3  No. As the proactive health check is automated, please open a new service request to troubleshoot and resolve the issues reported. Please be advised that the SR opened for health check is closed with in 24 hours after the health report published.

Q4: How do I close the SR opened for the automated health check?

A4: The SR is closed within 24 hours after the first health check report is sent. No action is needed from the user around SR closure.

Feedback

Any feedback on the operations of these tool is highly appreciated. If you have any observations or suggestions (for example, about the ease of use, scope, quality of the reports generated) please share them atCatalyst-HealthCheck-Feedback@cisco.com.