-
- Monitoring Devices
- Monitoring Wireless Devices
- Creating Monitoring Policies and Thresholds
- Monitoring Alarms
- Monitoring Clients and Users
- Performance Routing Version 3 Based Network Monitoring
- Monitoring Wireless Technologies
- Using Monitoring Tools
- Viewing Performance Graphs
- Troubleshooting
- Monitoring Multiple Prime Infrastructure Instances
-
- Configuring and Monitoring IWAN
- Using Converged Access Workflow
- Configuring Application Visibility and Control
- Ensuring Consistent Application Experiences
- Troubleshooting Applications
- Monitoring Microsoft Lync Traffic
- Using Mediatrace
- Cisco Mobility Services Engine and Services
- Configuring the Cisco AppNav Solution
- Configuring WAAS Container
- Working with Wireless Mobility
- System Time Zones
Cisco Prime Infrastructure 3.0 User Guide
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
- Updated:
- July 30, 2018
Chapter: Monitoring Devices
Monitoring Devices
The Monitor > Managed Elements menu provides tools to help you monitor your network on a daily basis, as well as perform other day-to-day or ad hoc operations relating to network device inventory and configuration management.
Monitoring Network Devices
Select Monitor > Managed Elements > Network Devices to view the list of devices that have been added to Prime Infrastructure. You can also add, edit, synchronize, and group devices.
Network Devices Page
Table 8-1 describes the information that is displayed when you select Monitor > Managed Elements > Network Devices to view the list of devices that have been added to Prime Infrastructure. You can sort the table by clicking on any cell heading.
Note When you launch the Cisco WLC UI from the Monitor > Managed Elements > Network Devices page in Cisco Prime Infrastructure UI, HTTPS connection opens for the Cisco WLC. If you want to use any other protocol to open the Cisco WLC UI session, you must launch it from the Device 360 view > Action > Connect to Device page and select the protocol that you want to open the Cisco WLC with.
Monitoring Jobs
- View all running and completed jobs and corresponding job details
- Filter jobs to view the specific jobs in which you are interested
- View details of the most recently submitted job
- View job execution results
- Modify jobs, including deleting, editing, running, canceling, pausing, and resuming jobs
Prime Infrastructure can have a maximum of 25 jobs running concurrently. If a new job is created while 25 jobs are already running, the new job state is “scheduled” until a job completes and the new job can start. If a new job’s scheduled time has already passed before it could be started, the new job will not run and you’ll need to reschedule or start it when less than 25 jobs are running.
To monitor jobs, follow these steps:
Step 1 Choose Administration > Dashboards > Job Dashboard .
Step 2 Click a job, then perform any of the following actions:
- Click Run to start the currently scheduled job immediately. If a job has the status “failed,” click Run to resubmit the same job, which creates a new scheduled job with the same parameters as the previous job. Only the failed and partially successful devices within the job will be selected for retry.
- Click Abort to stop a discovery job currently in progress and return it to its scheduled state. You cannot abort all jobs. For example, you receive an error message if you try to abort a running configuration job.
- Click Cancel to delete any future scheduled jobs for the job you specified. If a job is currently running, it will complete.
Step 3 To view information on when the job was created, started or scheduled and its history, select a job to view the Job Detail View page. Hover the mouse over the Status column of the specific job to view the troubleshooting information for a failed job.
When a minute job is scheduled to run recursively, the first trigger of the job falls on nth minute of the hour, as divided by the quartz scheduler, and successive runs will be placed as per the schedule. For example, if you have given the start time as 12:02:00 and you want the job to run every 3 minutes, then the job will be executed at 12:03 (in a minute), with the next recurrence at 12:06, 12:09, and so on. Another example, if you have given the start time as 12:00:00 and you want the job to run every 3 minutes, then the job will be executed at 12:00 (without any delay), with the next recurrence at 12:03, 12:06, and so on.
Monitoring Background Tasks
A background task is a scheduled program running in the background with no visible pages or other user interfaces. In Prime Infrastructure, background tasks can be anything from data collection to backing up configurations. You can monitor background tasks to see which background tasks are running, check their schedules, and find out whether the task was successfully completed.
To monitor the background tasks, follow these steps:
Step 1 Choose Administration > Settings > Background Tasks to view scheduled tasks. The Background Tasks page appears.
Step 2 Choose a command from the drop-down list:
Using Packet Capture to Monitor and Troubleshoot Network Traffic
In addition to aggregating data from multiple NAMs, Prime Infrastructure features makes it easy to actively manage and troubleshoot network problems using multiple NAMs and ASRs.
Note This feature is supported for NAMs and ASRs. For more information on minimum Cisco IOS XE version supported on ASRs, see the Cisco ASR 1000 Series Aggregation Services Routers Release Notes.
In the following workflow, a network operator needs to troubleshoot a set of similar authentication violations taking place at multiple branches. Because the operator suspects that the authentication problems are due to a network attack in progress, the operator runs the Packet Capture feature against the NAMs or ASRs for each branch, then runs the Packet Decoder to inspect the suspicious traffic.
Step 1 Create a capture session definition:
a. Choose Monitor > Tools > Packet Capture , then click Capture Session to create a new capture session definition.
b. Complete the General section as needed. Give the session definition a unique name and specify how you want to file the captured data. To capture the full packet, enter 0 in the Packet Slice Size.
c. If you want to restrict the captured traffic to particular source or destination IPs, VLANs, applications, or ports, click Add in the Software Filters section and create filters as needed. If you do not create a software filter, it captures everything.
d. In the Devices area, you can select:
– A NAM and its data ports. You can create one capture session per NAM only, whether the capture session is running or not.
e. Click Create and Start All Sessions .
Prime Infrastructure saves the new session definition, then runs separate capture sessions on each of the devices you specified. It stores the sessions as files on the device and displays the list of packet capture files in the Capture Files area.
Step 2 To decode a packet capture file:
a. Choose Monitor > Tools > Packet Capture.
b. Select a PCAP file in a NAM or ASR device.
c. Select Copy To to copy the PCAP file to the PI server (the decode operation only runs on files in the PI server).
d. Click View Jobs to confirm that the copy job completed successfully.
e. Open the localhost folder, select the check box for the new capture file, then click Decode . The decoded data appears in the bottom pane.
f. A TCP Stream displays the data as the application layer sees it. To view the TCP Stream for a decoded file, select a TCP packet from the Packet List, then click TCP Stream . You can view the data as ASCII text or in a HEX dump.
Step 3 To run a packet capture session again, select the session definition in the Capture Sessions area and click Start .
Securing Network Services
Cisco TrustSec Identity-Based Networking Services (IBNS) is an integrated solution consisting of Cisco products that offer authentication, access control, and user policies to secure network connectivity and resources. Cisco TrustSec IBNS help enterprises to increase productivity and visibility, reduce operating costs, and enforce policy compliance.
In Prime Infrastructure, the TrustSec network service design enables you to choose preferred options for provisioning configurations to TrustSec-capable devices to enable 802.1X and other TrustSec functionality. You can configure wired 802_1x devices by creating TrustSec model-based configuration templates and choosing any one of the following navigation paths:
- Services > Network Services > TrustSec
- Configuration > Templates > Features & Technologies > Security > TrustSec > Wired 802_1x
Note that for Catalyst 6000 devices:
- Security violation as protect is not available for Catalyst 6000 supervisor devices.
- Security violation as replace is available in Cisco IOS Release 15.1(01)SY and later.
- The command macsec is not available for Catalyst 6500 supervisor 2T devices.
The MACsec support is available only for 3560-X series and 3750-X series devices with minimum supported image version “12.2.55SE3/15.0(1)SE2”.
Note For the TrustSec 2.0 platform support list, see the Cisco TrustSec 2.0 Product Bulletin.
For more details about configuring TrustSec model-based configuration templates, see Creating Feature-Level Configuration Templates.
Generating a TrustSec Readiness Assessment Report
TrustSec Readiness Assessment displays TrustSec-based device details such as TrustSec version, readiness category, readiness device count, and device percentage displayed in the pie chart.
To generate a TrustSec Readiness Assessment report, follow these steps:
Step 1 Choose Services > Network Services > TrustSec.
Step 2 Expand the Features-TrustSec folder, then click Readiness Assessment .
A pie chart appears with the following types of devices:
Step 3 Click Section view and click any of the pie chart slices to view the details of the selected TrustSec-based device type.
Step 4 Click Complete view to view the details of all TrustSec-based devices.
Step 5 Select the TrustSec version and click Export to export the readiness assessment details to a CSV file.
Feedback