Configuring Alarm and Event Settings
Specifying Alarm Clean Up and Display Options
The
Administration > System Settings > Alarms and Events
page enables you to specify when to delete alarms and how to set display and email options for alarms.
Step 1 Choose
Administration > System Settings
.
Step 2 From the left sidebar menu, choose
Alarms and Events
. The Administration > System Settings > Alarms and Events page appears.
Step 3 Modify the Alarm and Event Cleanup Options:
-
Delete active and cleared alarms after—Enter the number of days after which active and cleared alarms are deleted. You can disable this option by unselecting the check box.
-
Delete cleared security alarms after—Enter the number of days after which Security, Rogue AP, and Adhoc Rogue alarms are deleted.
-
Delete cleared non-security alarms after—Enter the number of days after which non-security alarms are deleted. Non-security alarms include all alarms that do not fall under the Security, Rogue AP, or Adhoc Rogue categories.
-
Delete all events after—Enter the number of days after which all the events are deleted. If you want this deletion task to be performed first, set its value smaller than all the other Alarm and Events Cleanup Options.
Note Cisco Prime Infrastructure deletes old alarms nightly, as part of normal data cleanup tasks, and checks the storage size of the database alarm table once an hour. When the alarm table exceeds the 300,000 limit, Prime Infrastructure deletes the oldest cleared alarms until the alarm table size is within the limit. If you want to keep cleared alarms for more than seven days, then you can specify a value more than seven days in the Delete cleared non-security alarms after text box, until the alarm table size reaches the limit.
Step 4 In the
Syslog Cleanup Options
area, in the
Delete all syslogs after
text box, enter the number of days after which all aged syslogs are to be deleted.
Step 5 Modify the
Alarm Display Options
as needed:
-
Hide acknowledged alarms—When the check box is selected, Acknowledged alarms do not appear in the Alarm Summary page. This option is enabled by default. Emails are not generated for acknowledged alarms, regardless of severity change.
-
Hide assigned alarms—When the check box is selected, assigned alarms do not appear in the Alarm Summary page.
-
Hide cleared alarms—When the check box is selected, cleared alarms do not appear in the Alarm Summary page. This option is enabled by default.
-
Add controller name to alarm messages—Select the check box to add the name of the controller to alarm messages.
-
Add Prime Infrastructure address to email notifications—Select the check box to add the Prime Infrastructure address to email notifications.
Note Changes in these options affect the Alarm Summary page only. Quick searches for alarms for any entity will display all alarms for that entity, regardless of alarm state.
Step 6 Modify the Alarm Email Options:
-
Include alarm severity in the email subject line—Select the check box to include alarm severity in the email subject line. This option is enabled by default.
-
Include alarm Category in the email subject line—Select the check box to include alarm category in the email subject line. This option is enabled by default.
-
Include prior alarm severity in the email subject line—Select the check box to include prior alarm severity in the email subject line.
-
Include custom text in the email subject line—Select the check box to add custom text in the email subject line. You can also replace the email subject line with custom text by selecting the Replace the email subject line with custom text check box.
-
Include custom text in body of email—Select the check box to add custom text in the body of email.
-
Include alarm condition in body of email—Select the check box to include alarm condition in the body of email.
-
Add link to Alarm detail page in body of email—Select the check box to add a link to the Alarm detail page in the body of email.
-
Enable Secure Message Mode—Select the check box to enable a secure message mode. If you select the Mask IP Address and Mask Controller Name check boxes, the alarm emails are sent in secure mode where all the IP addresses and controller names are masked.
Step 7 Modify the Alarm Other Settings:
-
Controller license count threshold—Enter the minimum number of available controller licenses you want to maintain. An alarm is triggered if the number of available controller licenses falls below this threshold.
-
Controller access point count threshold—Enter the maximum number of available controller access points you want to maintain. An alarm is triggered if the number of available access points exceeds this threshold limit.
Step 8 Click
Save
.
Changing Alarm Severities
You can change the severity level for newly generated alarms. Existing alarms remain unchanged.
Step 1 Choose
Administration >
System
Settings >
Severity Configuration.
Step 2 Select the check box of the alarm condition whose severity level you want to change.
Step 3 From the Configure Severity Level drop-down list, choose the new severity level:
Critical
,
Major
,
Minor
,
Warning
,
Informational
, or
Reset to Default
.
Step 4 Click Go, then click OK.
Configuring Audit Settings
Setting Up Auditing Configurations
The
Administration > System Settings > Audit
page allows you to determine the type of audit and on which parameters the audit is performed.
Choosing the Type of Audit
The audit mode area allows you to choose between basic auditing and template based auditing. Basic audit is selected by default.
-
Basic Audit—Audits the configuration objects in the Prime Infrastructure database against current Cisco Wireless LAN Controller device values.
Configuration objects refer to the device configuration stored in Prime Infrastructure database.
-
Template-based Audit—Audits on the applied templates, config group templates (which have been selected for the background audit), and configuration audits (for which corresponding templates do not exist) against current Controller device values.
Step 1 Choose
Administration > System Settings
.
Step 2 From the left sidebar menu, choose
Audit
. The Audit page appears.
Step 3 Choose Basic
Audit
or Template Based
Audit
:
-
A basic audit audits the device configuration in Prime Infrastructure database against the current Controller configuration.
-
A template-based audit audits the applied templates, config group templates, and configuration objects (for which corresponding templates do not exist) against current Controller configuration.
Step 4 Choose if you want the audit to run on all parameters or only on selected parameters. If you select the Selected Parameters radio button, you can access the Configure Audit Parameters configuration page (see Enabling Change Audit Notifications).
The selected audit parameters are used during network and controller audits.
Step 5 Click
Save
.
These settings are in effect when the controller audit or network audit is performed.
Selecting Parameters on Which to Audit
The Audit On area allows you to audit on all parameters or to select specific parameters for an audit. When the Selected Parameters radio button is selected, you can access the Select Audit Parameters configuration page. The selected audit parameters are used during network and controller audits.
Step 1 Choose Administration > System Settings.
Step 2 From the left sidebar menu, choose Audit.
Step 3 Select the Selected Parameters radio button to display the
Select Audit Parameters
link, then click
Save
.
Step 4 Click Select Audit Parameters to choose the required parameters for the audit in the
Administration > System Settings > Audit > Select Audit Parameters
page.
Step 5 Enter the required information, then click Submit. The selected audit parameters are displayed on the Selected Attributes tab.
To access a current Controller Audit Report from the
Configure > Controllers
page, select an object from the Audit Status column.
To audit a controller, choose
Select a command >Audit Now
in the
Configure > Controllers
page, or click
Audit Now
directly from the Controller Audit report.
Enabling Change Audit Notifications
Prime Infrastructure can send notifications to a Java Message Server (JMS) whenever there are changes in inventory or configuration parameters that are part of an audit you have defined.
By default, JMS notification of audit changes is disabled. To enable this feature in Prime Infrastructure, you must select the
Enable Change Audit Notification
check box. Prime Infrastructure sends all change audit notifications in XML format to the topic
ChangeAudit.All
. You must be subscribed to
ChangeAudit.All
to receive the notifications.
Step 1 Choose
Administration >
System
Settings
>
Change Audit Notification
.
Step 2 Select the
Enable Change Audit Notification
check box to enable notifications.
Step 3 Click
Save
.
In addition to sending JMS notifications, Prime Infrastructure also sends Syslog messages to notify the Add/Delete/Edit/Create events that take place in the following features:
-
Device management
-
Device community and credential changes
-
User management
-
Configuration templates management
-
Monitoring templates management
-
Job management
-
Login/logout
-
Image distribution
-
Configuration changes
-
Inventory changes
To configure Syslog message notification settings, follow these steps:
Step 1 Choose
Administration > System settings >
Change Audit Notification.
Step 2 Enter the
IP Address
and
TCP Port Number
in the Syslog Receiver pane.
Step 3 Click
Save
.
Step 4 Click the
Edit
or
Delete
buttons, if you want to change or delete the Syslog message notification settings.
Note If you have configured syslog message notification settings but are still not receiving syslogs, you may need to change the anti-virus or firewall settings on the destination syslog receiver to permit reception of syslog messages.
Downloading and Emailing Error Logs
Prime Infrastructure logs all error, informational, and trace messages generated by all devices that are managed by Prime Infrastructure. Prime Infrastructure also logs all SNMP messages and Syslogs that it receives. You can download and email the logs to use for troubleshooting Prime Infrastructure:
Step 1 Choose
Administration > Logging
. The General Logging Options Screen appears.
Step 2 Choose a message level.
Step 3 Select the check boxes within the Enable Log Module option to enable various administration modules. Click
Log Modules
to select all modules.
Step 4 In the Log File Settings section, enter the required settings. These settings will be effective after you restart Prime Infrastructure.
By default, the File Prefix entry is ncs-
%g
-
%u
.log where
%g
is a sequential number for the log file, and
%u
is a unique number assigned by the local disk file system. For example, the first log file created is named ncs-1-0.log.
Step 5 Click
Download
to download the log file to your local machine.
Note The logs.zip filename includes a prefix with the hostname, date, and time so that you can easily identify the stored log file. An HTML file that documents the log files is included in the ZIP file.
Step 6 Enter the Email ID or Email IDs separated by commas to send the log file, then click Send.
Note To send the log file in an email, you must have configured an email server.
Enabling SNMP Tracing
You can enable SNMP tracing to access more detailed information about the packets sent and received through SNMP. The SNMP tracing settings you specify are stored and used by the Prime Infrastructure SNMP server. To enable SNMP tracing, follow these steps.
Step 1 Choose Administration > Logging >
SNMP Logging Options
.
Step 2 Select the Enable SNMP Trace check box to enable sending SNMP messages and traps between controllers and Prime Infrastructure, then select the Display Values check box to see the SNMP message values.
Step 3 Configure the IP addresses on which to trace the SNMP traps. You can add up to 10 IP addresses in the text box.
Step 4 You can configure the maximum SNMP log file size and the maximum number of SNMP log files to retain.
Step 5 Click
Save
.
Changing Syslog Logging Options
Step 1 Choose
Administration > Logging >
Syslog Logging Options
.
Step 2 Select the Enable Syslog check box to enable collecting and processing of system logs.
Step 3 In
Syslog Host
, enter the IP address of the interface from which the message is to be transmitted.
Step 4 Choose the Syslog Facility. You can choose any of the eight local use facilities for sending syslog messages. The local use facilities are not reserved and are available for general use.
Step 5 Click
Save
.
Changing Logging Options to Enhance Troubleshooting
You can change the amount of troubleshooting data Prime Infrastructure collects to help you debug an issue. For easily reproduced issues, follow these steps prior to contacting TAC.
Step 1 In Converged view, choose
Administration > Logging
.
Step 2 From the
Message Level
drop-down list, choose
Trace
.
Step 3 Select each check box to enable all log modules.
Step 4 Reproduce the current problem.
Step 5 Return to the Logging Options page and click
Download
from the Download Log File section.
The logs.zip filename includes a prefix with the hostname, date, and time so that you can easily identify the stored log file. An HTML file that documents the log files is included in the ZIP file.
Step 6 After you have retrieved the logs, choose
Information
from the Message Level drop-down list.
Caution Leaving the Message Level at
Trace for a long period of tim
e can adversely affect performance.
Changing Mobility Service Engine Logging Options
You can use Prime Infrastructure to specify the Mobility Services Engine logging level and types of messages to log.
Step 1 In Classic view: Choose
Design > Mobility Services > Mobility Services Engines
, then select the name of the mobility services engine that you want to configure.
Step 2 Choose
System
>
Logs
, then choose the appropriate options from the Logging Level drop-down list.
There are four logging options: Off,
Error
,
Information
, and
Trace
. All log records with a log level of
Error
or preceding are logged to a new error log file locserver-error-%u-%g.log. This is an additional log file maintained along with the location server locserver-%u-%g.log log file. The error log file consists of logs of
Error
level along with their context information. The contextual information consists of 25 log records prior to the error. You can maintain up to 10 error log files. The maximum size allowed for each log file is 10 MB.
Caution Use
Error and
Trace only when directed to do so by Cisco TAC personnel.
Step 3 Select the
Enable
check box next to each element listed in that section to begin logging its events.
Step 4 Select the
Enable
check box in the Advanced Parameters dialog box to enable advanced debugging. By default, this option is disabled.
Step 5 To download log files from the server, click
Download Logs
. See Downloading Mobility Services Engine Log Files for more information.
Step 6 In the Log File Parameters area, enter the following:
-
The number of log files to be maintained in the mobility services engine. You can maintain a minimum of 5 log files and a maximum of 20 log files in the mobility services engine.
-
The maximum log file size in MB. The minimum log file size is 10 MB and the maximum is 50 MB.
Step 7 In the MAC Address Based Logging Parameters area, do the following:
-
Select the
Enable
check box to enable MAC address logging. By default, this option is disabled.
-
Add one or more MAC addresses for which you want to enable logging. You can also remove MAC addresses that you have already added by choosing the MAC address from the list and clicking
Remove
(see MAC Address-Based Logging).
Step 8 Click
Save
to apply your changes.
MAC Address-Based Logging
This feature allows you to create log files that are specific to an entity whose MAC address is specified. The log files are created in the locserver directory under the following path:
/opt/mse/logs/locserver
A maximum of five MAC addresses can be logged at a time. The log file format for MAC address aa:bb:cc:dd:ee:ff is:
macaddress-debug-aa-bb-cc-dd-ee-ff.log
You can create a maximum of two log files for a MAC address. The two log files might consist of one main and one backup or rollover log file.
The minimum size of a MAC log file is 10 MB. The maximum size allowed is 20 MB per MAC address. The MAC log files that are not updated for more than 24 hours are pruned.
Downloading Mobility Services Engine Log Files
If you need to analyze mobility services engine log files, you can use Prime Infrastructure to download them to your system. Prime Infrastructure downloads a zip file containing the log files.
To download a zip file containing the log files:
Step 1 In Classic view: Choose
Design > Mobility Services > Mobility Services Engines
.
Step 2 Select the name of the mobility services engine to view its status.
Step 3 From the left sidebar menu, choose
System
>
Logs
.
Step 4 In the Download Logs area, click
Download Logs
.
Step 5 Follow the instructions in the File Download dialog box to open the file or save the zip file to your system.