Beruflich Dokumente
Kultur Dokumente
Pigtail Logs
$ cd /var/log/sf/<upgrade>
Upgrade Monitoring tail –f status.log SNORT Logs
cd /var/tmp/
cd /var/cisco/deploy
cat /var/sf/detection_engines/<UUID>/instance-1
netstat -tunpa | less cat /var/sf/detection_engines/<UUID>/instance-2
Check Listening Ports cat /var/sf/detection_engines/<UUID>/instance-3
cat /var/sf/detection_engines/<UUID>/snort.conf
system support capture-traffic
Run Captures
Generate File
system support-troubleshoot all
TROUBLESHOOTING GUI Issues
Generate Troubleshoot File
system file copy 60.60.60.7 anonymous / result-10-02-2017--123316.tar.gz !--------------------------------------------------------------------
Download File Deployment Logs
less policy_deployment.log |grep Malformed
tail -f policy_deployment.log
Run ping and telnet NOTE: Will only show if deploy changes are made.
ping -m do -c 20 -s 1472 10.10.10.10
telnet 192.168.1.10 8305 !--------------------------------------------------------------------
Troubleshooting Registration Failures Pigtail Logs
pigtail --help
pmtools status | grep sftunnel
pmtools status | grep Down
verify using pmtools pmtools status | grep Disabled FILTERS
desploy
ui
system support sftunnel-status
all
verify sftunnel
show managers
expert RUN PIGTAIL TO FILE ON TMP FOLDER
ifconfig | less pigtail -outfile /var/tmp/pigtail.out &
ifconfig eth0
Verify Connectivity
netstat -an | grep 8305
pigtail > /var/tmp/pigtail.out &
sftunnel_status.pl cd /var/tmp/
less pigtail.out
less pigtail.out |grep Malformed
Reset Communication manage_procs.pl
run 3,4,5 RUN PIGTAIL TO FILE ON COMMON FOLDER
pigtail > var/common/pigtail.out
cd /var/common/
Remove Peers remove_peer.pl
grep appliance_UUID/etc/sf/ims.conf less pigtail.out
less pigtail.out |grep Malformed
cd /etc/sf