Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trouble Shooting, Logs, Alarms and Triggers Configuration Example Lucent Security Products Configuration Example Series.

Published byJeffry McLaughlin Modified over 8 years ago

Similar presentations

Presentation on theme: "Trouble Shooting, Logs, Alarms and Triggers Configuration Example Lucent Security Products Configuration Example Series."— Presentation transcript:

1 Trouble Shooting, Logs, Alarms and Triggers Configuration Example Lucent Security Products Configuration Example Series

2 All Rights Reserved © Alcatel-Lucent 2006, ##### Trouble Shooting, Logs, Alarms and Triggers This Configuration example will show you many tools that can be used in the ALSMS system for reporting and troubleshooting. Many of the pre-configured reporting screens built into the ALSMS. It will also show you how to set up triggers so that administrators and others can be notified when a given situation occurs. There are many other tools that can be used that are beyond the scope of this example but can be found in others including: The Command Line from the ALSMS or the Brick The Log Viewer Application which comes with the ALSMS Third party sniffer tools like Wireshark from www.Wireshark.org (formerly known as Ethereal)www.Wireshark.org Hopefully this example will leave you comfortable with setting up Triggers and Alarms as well as Actions for those triggers.

3 All Rights Reserved © Alcatel-Lucent 2006, ##### The ALSMS can gather just about any information that you can think of from the Bricks that it is managing. The actual Log information is stored on the drive of the ALSMS machine. For NT installations the default path is users\isms\lmf\log. The reporting tools found in ALSMS allow you to filter and format the information from the log files into more easily understood output. Logs, Alarms and Triggers

4 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers Within the ALSMS you can use the custom report generator to produce custom reports. These reports are all generated in HTML format and can easily be exported to MS Excel just by right clicking on the report. Within Excel the data can be displayed in pie chart, bar chart and many other formats. There are also many third party reporting tools that work well with ALSMS. You may already have some of these reporting tools or may be interested in purchasing them in order to produce more colorful, graphics for reporting.

5 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers Three third party reporting tools that work well with the ALSMS are:  Webtrends http://www.webtrends.com/http://www.webtrends.com/  Sawmill www.sawmill.netwww.sawmill.net  Telematehttp://www.verso.comhttp://www.verso.com Any of these packages may be purchased separately.

6 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers This module is designed to give you a solid overview of the logging capabilities including what to do with the information that is gathered in the form of “Triggering” an action based on an event. There are pre-defined reports accessed from the menus, you can also customize reports by filtering the log information.

7 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers Status Overview One simple way to view information is to use the Status Overview. Monitor>Status overview This gives a good overview of what is happening in that Brick.

8 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers Brick Snapshot Another great source of information is the “Brick Snapshot” Double Click on your Brick then click Brick Utilities>View Brick Snapshot. If you open a rule set and click on Policy Utilities you can view a policy snapshot. Brick Snapshots and rule set snapshots are a great tool when seeking assistance from another person or collaborating with another person. If you send them snapshots you will save both them and you plenty of time.

9 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers Brick Snapshot

10 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers Brick Snapshot The previous slide shows only the top section of the output from a Brick Snapshot. It goes on to show a great deal of information with regard to the Brick’s current configuration. This tool is especially handy when working with others on troubleshooting configurations. Just save the snapshot and email it to them. A picture tells a thousand words.

11 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers Administrators and ALSMS There are plenty of other handy tools like these to check administrators and ALSMS. Monitor>Administrators Or Monitor>ALSMS/LSCS

12 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers ALSMS Service Status report Another good report that shows primarily utilization information is the ALSMS Service Status Report. Click Utilities>ALSMS Service Status

13 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers Generating reports The report structures within the ALSMS are incredibility diverse. You can create, run and save all kinds of custom reports from a single screen. The reports can be customized and saved. The reports can also be set to show history by dates and times. So for instance if you want to see a report detailing sessions and their activity over the past hour you would fill out your form as shown on the following slide. Pay attention to all of the various options that you have along the way, then go ahead and create your own reports.

14 All Rights Reserved © Alcatel-Lucent 2006, ##### Click on ALSMS/Reports/Sessions Logged. Right click on Sessions Logged and select New Sessions Logged. Click on the tabs to see what other information you can look at. Fill out the form any way you choose to see the information that you need, then click the “Run” button. Logs, Alarms and Triggers Generating reports

15 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers Generating reports

16 All Rights Reserved © Alcatel-Lucent 2006, ##### You can run reports on any of the following: Closed Sessions Sessions logged Administrative events VPN Events Alarms Authentication Logs, Alarms and Triggers Generating reports

17 All Rights Reserved © Alcatel-Lucent 2006, ##### Notice that you can turn the “Is” buttons into “Is not” buttons for even more variables. Create some reports. Use as many variables as you can. Press the “Run” button to view reports. See if you can export a report to MS Excel. Logs, Alarms and Triggers Generating reports

18 All Rights Reserved © Alcatel-Lucent 2006, ##### A Trigger scans the ALSMS logs for a set of conditions, when the conditions are matched the action associated with the trigger is taken. When a trigger detects a set of conditions that are user defined, the action that is associated with this trigger is taken. The next two slides will show you all of the triggers and all of the possible actions that can be taken based on these triggers, as of ALSMS version 9.1. Logs, Alarms and Triggers Actions This next section will discuss triggers for alarms and their associated actions.

19 All Rights Reserved © Alcatel-Lucent 2006, ##### Alarm code Brick Error Brick Failover event Brick ICM Alarm Brick interface lost Brick lost* Brick Proactive monitoring Brick SLA round trip delay alarm ALSMS error ALSMS proactive monitoring LAN to LAN tunnel lost* LAN to LAN tunnel up Local Presence map pool QOS Rule Bandwidth exceeded alarm QOS Rule Bandwidth guarantees alarm QOS Rule Bandwidth Throttling alarm QOS Zone Bandwidth Guarantees alarm QOS Zone Bandwidth throttling alarm Real Secure Unauthorized ALSMS login attempt* User authentication Triggers

20 All Rights Reserved © Alcatel-Lucent 2006, ##### Direct Page – Page the administrator. – Set up paging in the Configuration Assistant. Email – Send email to responsible party. – Set up email address in “action” or Administrator account. SNMP Trap – to any SNMP Manager – Set up SNMP host in “Action Wizard” and configuration assistant. SYSLOG – Sends UDP packet to Syslog server. – Set up SYSLOG server in “Action Wizard” and configuration assistant. Logs, Alarms and Triggers Here are the possible Actions:

21 All Rights Reserved © Alcatel-Lucent 2006, ##### The following is an example of an action being taken on a configured trigger. Example: The LAN Admin wants to be emailed when more than 5 failed user logins happen in a five-minute period. First, we need to create the email action, as that will be the required response when we define the Trigger. Logs, Alarms and Triggers and Actions

22 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers and Actions Creating an Action Expand the Alarms folder and click on the Actions folder. Right click and select New Action Set Action Name to “Email Admin” In Action Type pull-down select “Email”. You can select Use default, if Admin’s account includes an email address; otherwise insert the email of choice. Click File>Save and Close

23 All Rights Reserved © Alcatel-Lucent 2006, ##### Creating a Trigger 1.Open the Triggers folder and select New Trigger 2.Set Trigger Name to “Intruder alert” 3.In Trigger Type pull-down select “User Authentication”. 4.Fill in a Description 5.Set Threshold Count to 5, Threshold Period to 5 Minutes, Sleep Period to 15 seconds, and click Next. 6.Click on Group Tab, select System and click “>” 7.Click on Action Tab, select Email Admin and click “>” 8. Click File>Save and Close Logs, Alarms and Triggers and Actions

24 All Rights Reserved © Alcatel-Lucent 2006, ##### Logs, Alarms and Triggers and Actions If you are on email and there were 5 failed login attempts in less than 5 minutes the administrator would receive an email notifying him or her of a possible intruder to the network. Select Send a Console Message on this screen so that we can test our trigger without email.

25 All Rights Reserved © Alcatel-Lucent 2006, ##### Click on the pre-set trigger called “Unauthorized login attempts”. Modify as you see to the right. Threshold count 2, Threshold Period 5 Minutes. Note, not seconds but minutes. Save and Close. Test this by logging out and back in with the wrong password a few times. Or use the ALSMS Remote Navigator to test with. Logs, Alarms and Triggers and Actions

26 Lucent Technologies – Proprietary Use pursuant to company instruction Logs, Alarms and Triggers For more detailed information on configuring this feature click Help>On Line Product Manuals>Reports, Alarms and Logs Guide See the section on Configuring Alarm Triggers. The Product Manuals can also be found on your ALSMS CD.

Download ppt "Trouble Shooting, Logs, Alarms and Triggers Configuration Example Lucent Security Products Configuration Example Series."

Similar presentations

Mercury Quality Center 9.0 Training Material

Mercury Quality Center 9.0 Training Material
Little Used, but Powerful Features with GP Cathy Fregelette, CPA, PMP Practice Manager BroadPoint Technologies September 20, 2012.

Little Used, but Powerful Features with GP Cathy Fregelette, CPA, PMP Practice Manager BroadPoint Technologies September 20, 2012.
Copyright © 2006 Help Desk Systems, Inc. All rights reserved. Overview of Help Desk Systems Inc. (HDSI) HDSI offers a hosted, web based trouble ticket.

Copyright © 2006 Help Desk Systems, Inc. All rights reserved. Overview of Help Desk Systems Inc. (HDSI) HDSI offers a hosted, web based trouble ticket.
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.

VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.

Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.

Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
Implementing a Highly Available Network

Implementing a Highly Available Network
29 Oded Moshe, Director of Product Management Beta Release May 3rd, 2010 Official Release May 24, 2010.

29 Oded Moshe, Director of Product Management Beta Release May 3rd, 2010 Official Release May 24, 2010.
QoS Solutions Confidential 2010 NetQuality Analyzer and QPerf.

QoS Solutions Confidential 2010 NetQuality Analyzer and QPerf.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.
Chapter 11 - Monitoring Server Performance1 Ch. 11 – Monitoring Server Performance MIS 431 – created Spring 2006.

Chapter 11 - Monitoring Server Performance1 Ch. 11 – Monitoring Server Performance MIS 431 – created Spring 2006.
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.

(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
SecurityCenter & Palo Alto Configuration Guide. About this Guide This guide provides an overview of how to get the most from Palo Alto firewalls when.

SecurityCenter & Palo Alto Configuration Guide. About this Guide This guide provides an overview of how to get the most from Palo Alto firewalls when.
© 2012 Avaya, Inc. All rights reserved, Page 1 Module Duration: Module 04 Product Administration 3 Hours.

© 2012 Avaya, Inc. All rights reserved, Page 1 Module Duration: Module 04 Product Administration 3 Hours.
Configuring NOE VOIP Alcatel-Lucent Security Products Configuration Example Series January 2010 Software Version 9.4.

Configuring NOE VOIP Alcatel-Lucent Security Products Configuration Example Series January 2010 Software Version 9.4.
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Using the Windows Event Viewer and Task Scheduler Chapter 5.

Using the Windows Event Viewer and Task Scheduler Chapter 5.
How to Get The Most Out of Outlook 2003 Michele Schwartzman Division of Customer Support 301-594-6248 Summer 2006.

How to Get The Most Out of Outlook 2003 Michele Schwartzman Division of Customer Support Summer 2006.
Invoices On – Line Registration Instructions for Vendors.

Invoices On – Line Registration Instructions for Vendors.
ManageEngine ADAudit Plus A detailed walkthrough.

ManageEngine ADAudit Plus A detailed walkthrough.

Similar presentations

Ads by Google