The Monitor > Managed Elements menu provides tools to help you monitor your network on a daily basis, as well as perform other day-to-day or ad hoc operations relating to network device inventory and configuration management.
Monitoring Network Devices
Select Monitor > Managed Elements > Network Devices to view the list of devices that have been added to Prime Infrastructure. You can also add, edit, synchronize, and group devices.
Network Devices Page
Table 9-1 describes the information that is displayed when you select Monitor > Managed Elements > Network Devices to view the list of devices that have been added to Prime Infrastructure. You can sort the table by clicking on any cell heading.
Table 9-1 Network Devices Page Description
Device details such as software version, port information, CPU and memory utilization
Click on a Device Name.
Device 360 view
Click the icon in the IP Address field.
Collection status details
Click the icon in the Last Inventory Collection column.
Use the Jobs dashboard to:
- View all running and completed jobs and corresponding job details
- Filter jobs to view the specific jobs in which you are interested
- View details of the most recently submitted job
- View job execution results
- Modify jobs, including deleting, editing, running, canceling, pausing, and resuming jobs
- Change the refresh rate of the job dashboard
- Export job dashboard information in CSV or PDF formats
Prime Infrastructure can have a maximum of 25 jobs running concurrently. If a new job is created while 25 jobs are already running, the new job state is “scheduled” until a job completes and the new job can start. If a new job’s scheduled time has already passed before it could be started, the new job will not run and you’ll need to reschedule or start it when less than 25 jobs are running.
To monitor jobs, follow these steps:
Step 1 Choose Administration > Dashboards > Job Dashboard.
Step 2 Click a job, then perform any of the following actions:
- Click Run to start the currently scheduled job immediately. If a job has the status “failed,” click Run to resubmit the same job, which creates a new scheduled job with the same parameters as the previous job. Only the failed and partially successful devices within the job will be selected for retry.
- Click Abort to stop a discovery job currently in progress and return it to its scheduled state. You cannot abort all jobs. For example, you receive an error message if you try to abort a running configuration job.
- Click Cancel to delete any future scheduled jobs for the job you specified. If a job is currently running, it will complete.
- If you select any report status job listed under User Jobs, all the buttons will be disabled.
Step 3 To change the auto refresh rate of the job dashboard, click Settings, then select a refresh rate. By default, the auto refresh rate is Off, and you must manually refresh the job dashboard by clicking the Refresh icon.
Step 4 To view information on when the job was created, started or scheduled and its history, select a job to view the Job Detail View page. Hover the mouse over the Status column of the specific job to view the troubleshooting information for a failed job.
When a minute job is scheduled to run recursively, the first trigger of the job falls on nth minute of the hour, as divided by the quartz scheduler, and successive runs will be placed as per the schedule. For example, if you have given the start time as 12:02:00 and you want the job to run every 3 minutes, then the job will be executed at 12:03 (in a minute), with the next recurrence at 12:06, 12:09, and so on. Another example, if you have given the start time as 12:00:00 and you want the job to run every 3 minutes, then the job will be executed at 12:00 (without any delay), with the next recurrence at 12:03, 12:06, and so on.
Viewing Options for Job Dashboard Metrics
You can perform the following actions on the Metrics, which are displayed at the top of the Administration > Dashboards > Job Dashboard page:
- Add or remove metrics by select Settings > Add or Remove Metric Dashlet(s).
- Reorder the metrics by clicking near the metric title and dragging and dropping it to the area you prefer.
- Click any of the hyperlinks in any of the boxes to go the details for that metric.When you click on a number in any of the boxes, the page filters and displays the jobs of the type you specified.
Monitoring Background Tasks
A background task is a scheduled program running in the background with no visible pages or other user interfaces. In Prime Infrastructure, background tasks can be anything from data collection to backing up configurations. You can monitor background tasks to see which background tasks are running, check their schedules, and find out whether the task was successfully completed.
To monitor the background tasks, follow these steps:
Step 1 Choose Administration > Settings > Background Tasks to view scheduled tasks. The Background Tasks page appears.
Step 2 Choose a command from the drop-down list:
- Execute Now —Runs all of the data sets with a selected check box.
- Enable Tasks —Enables the data set to run on its scheduled interval.
- Disable Tasks —Prevents the data set from running on its scheduled interval.
Using Packet Capture to Monitor and Troubleshoot Network Traffic
In addition to aggregating data from multiple NAMs, Prime Infrastructure makes it easy to actively manage and troubleshoot network problems using multiple NAMs and ASRs.
Note This feature is supported for NAMs and ASRs. For more information on minimum Cisco IOS XE version supported on ASRs, see the Cisco ASR 1000 Series Aggregation Services Routers Release Notes.
In the following workflow, a network operator needs to troubleshoot a set of similar authentication violations taking place at multiple branches. Because the operator suspects that the authentication problems are due to a network attack in progress, the operator runs the Packet Capture feature against the NAMs or ASRs for each branch, then runs the Packet Decoder to inspect the suspicious traffic.
Step 1 Create a capture session definition:
a. Choose Monitor > Tools > Packet Capture, then click Capture Session to create a new capture session definition.
b. Complete the General section as needed. Give the session definition a unique name and specify how you want to file the captured data. To capture the full packet, enter 0 in the Packet Slice Size.
c. If you want to restrict the captured traffic to particular source or destination IPs, VLANs, applications, or ports, click Add in the Software Filters section and create filters as needed. If you do not create a software filter, it captures everything.
d. In the Devices area, you can select:
– A NAM and its data ports. You can create one capture session per NAM only, whether the capture session is running or not.
– An ASR and its interfaces.
e. Click Create and Start All Sessions.
Prime Infrastructure saves the new session definition, then runs separate capture sessions on each of the devices you specified. It stores the sessions as files on the device and displays the list of packet capture files in the Capture Files area.
Step 2 To decode a packet capture file:
a. Choose Monitor > Tools > Packet Capture.
b. Select a PCAP file in a NAM or ASR device.
c. Select Copy To to copy the PCAP file to the Prime Infrastructure server (the decode operation only runs on files in the Prime Infrastructure server).
d. Click View Jobs to confirm that the copy job completed successfully.
e. Open the localhost folder, select the check box for the new capture file, then click Decode. The decoded data appears in the bottom pane.
f. A TCP Stream displays the data as the application layer sees it. To view the TCP Stream for a decoded file, select a TCP packet from the Packet List, then click TCP Stream. You can view the data as ASCII text or in a HEX dump.
Step 3 To run a packet capture session again, select the session definition in the Capture Sessions area and click Start.
Securing Network Services
Cisco TrustSec technology uses software-defined segmentation to simplify the provisioning of security policies, to accelerate security operations, and to consistently enforce policy anywhere in the network. TrustSec is embedded technology in Cisco switches, routers, wireless, and security devices. It is a secure network architecture that extends security across the network from campus to branch to data center. TrustSec is the foundation for using the Network as an Enforcer and mitigates risk by reducing attack surface through better segmentation, whilst also increasing operational efficiency and making compliance goals easier to achieve.