Table of Contents
Advertisement
Additional Features
Port Monitoring & Port Alerts
The SC-ADT can continuously monitor the received data stream from one or more ports. All
printable ASCII data from a monitored port is stored in a history buffer holding the last 1000 lines.
Port monitoring occurs regardless of the port state; that is, once a port is enabled for monitoring, the
port continuously stores received data in its history buffer whether or not the port is used for Telnet,
modem or T-port connection or is idle.
•
To show the history for a specified port, Supervisor or Admin mode must be on. This restriction
protects security information that may appear in the port history from a previous user session.
•
Each port can be independently enabled or disabled for port monitoring. The default is disabled.
•
For ports enabled for port monitoring, the last 1000 lines will be stored in a history buffer for
that port. The port history buffer may be examined and/or cleared at any time.
•
At the CLI interface, type: show port history port[#]
to display the history for that port 20 lines at a time in chronological order (oldest first).
•
At the CLI interface, type show port history port[#] reverse
to display a long history for that port in reverse chronological order (newest first).
•
At the web interface, click the show and ports links to access the history
button, which open a scrollable, seachable history buffer of the entire port history.
ADT-16 show ports history port5
History buffer for port5 in normal chronological order
------------------------------------------------------------------------
01:20:27: %QUICC_ETHER-1-LOSTCARR: Unit 0, lost carrier. Transceiver
problem?
01:20:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0,
changed state to down
01:20:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0,
changed state to up
Figure 5-16
Defining Port Alert Search Strings
The SC-ADT scans the port history buffer looking for user-defined character strings. If a match is
found, a SNMP trap is generated as a Port Alert, identifying the port number, port description, time
stamp and the complete text (up to 120 characters) of the line in which the string match was found.
Port alerts are also logged to the SYS MSG log.
•
A line is delimited by one or more CR(0x0D) and/or LF(0x0A) characters and may be up to 120
characters in length. Lines longer than 120 characters will be truncated to 120 characters.
•
Only printable ASCII data from character "space"(0x20) to character "~"(0x7E) inclusive will
be stored in the history buffer. Control characters and binary data are not included.
•
Up to five character strings (thirty characters max for each string) can be defined per port. These
strings are used to search the port history buffer for matches.
•
String matches can be defined as "match-case" (case sensitive) or "ignore-case" (case
insensitive). The default is "match-case".
•
When a match is found, a SYS MSG is printed to the console and logged to the SYSMSG log.
Also a SNMP trap is generated if trap hosts are defined and enabled. The message text includes
port number, port description, time stamp and the complete text (up to 120 characters) of the
line in which the string match was found.
•
A port may be enabled for port monitoring with no port alert strings defined. In this case,
received data is stored in the port history buffer, but port alert traps will never be generated.
076R172-000
Issue 6
Example: Port History Display
SpectraComm ADT
Installation and Operation Manual
Port Monitoring & Port Alerts
5-19
Advertisement
Table of Contents
