Troubleshooting

This appendix describes nShield Monitor troubleshooting information.

Global Troubleshooting Enhancement feature

Overview

HSMs, nShield Monitor (NM) Servers, and nShield Monitor users can be globally dispersed crossing multiple time zones. nShield Monitor stores all collected HSM events in Greenwich Mean Time (also referred to as nShield Monitor Server time). Users who remotely log into nShield Monitor see NM information displayed in the local time zone of their browser.

The Global Troubleshooting Enhancement feature allows nShield Monitor users in various time zones, to select and view nShield Monitor Log and Alarms in a common Timezone. This ability is helpful during global troubleshooting discussions.

Procedure

Prerequisite:

You are logged into nShield Monitor.

Just for the duration of a special global collaboration work-session, a logged in user can choose a SELECTED time zone for viewing Logs and Alarms on their browser connected to nShield Monitor.

  1. Navigate to either the Logs tab or the Alarms tab.

    Select logs or alarms

  2. Go to the Date/Time drop down.

    Date/time

  3. Select your preferred time zone.

Notes:

  • The setting applies to both Alarms and Logs tabs. That is, you only have to select the time zone once.

  • ONLY the time zone displayed in these two tabs will be affected by this selection (nShield Monitor displays on the other nShield Monitor tabs are NOT affected).

  • The default time zone in Logs and Event pages are browser 'Local Time' unless the Date/Time Format is set to UTC in User Profile, and in such case, the default time zone is GMT.

  • The time zone change is NOT persisted across user logout/login. The time zone change is temporary. The next time that you login, the time zone is reset to the default 'Local Time' which is the default (or UTC if the Date/Time Format is UTC in the login User Profile).

  • The Time Zone customization in Logs/Alarms pages does NOT affect Date/Time in other WebUI pages, including Charts, Export Logs, and so on. All other WebUI pages display Date/Time in 'Local Time' Time Zone (or UTC if the Date/Time Format is UTC in the login User Profile).

Network test tools

Event logs provide additional information about security and operations issues.

The following networking test tools are available through the CLI to facilitate nShield Monitor inter-networking tests.

  • Ping

  • RouteDump

  • TCPDump

  • Traceroute

To run the nShield Monitor Network test tools:

  1. Log into the CLI as an Administrator.

  2. Enter the command: troubleshoot

  3. Press Enter or Tab to display available options as follows:

    nShield Montor > troubleshoot
ping  routedump  tcpdump  traceroute
nShield Monitor > troubleshoot

  4. Type one of the four options to run the appropriate test tool.

Ping

Ping is a pass-fail continuity test that determines the accessibility of a target IP address on an IP network. It sends ICMP echo request packets from the selected nShield Monitor Management Interface to the specified target IP address and waits for an ICMP response.

Using Ping

  1. Log into the CLI as an Administrator.

  2. Enter the command:

    troubleshoot ping <Hostname or IP Address to ping>

  3. Press Enter.

    Ping output is displayed directly on the CLI screen. If the ping returns successfully, the network statistics and properties display appear. If the ping does not return, a failure message appears.

    Example: Success case

    Ping success

    Example: Not Successful

    Ping not successful

RouteDump

RouteDump displays routing information used by nShield Monitor.

Using RouteDump

  1. Log into the CLI as an Administrator.

  2. Enter the command: troubleshoot routedump

  3. Press Enter.

    The routing information for nShield Monitor is displayed on the screen.

    RouteDump

TCPDump

TCPDump is a common packet analyzer. It enables users to intercept and display TCP/IP and other packets being transmitted/received over a network to which the computer is attached.

Using the CLI commands tcpdump on and tcpdump off, the utility can be turned on and off.

Using TCPDump

  1. Log into the CLI as an Administrator.

  2. Turn on TCPDump.

  3. Enter the command:

    troubleshoot tcpdump on

  4. Press Enter.

    The utility starts capturing.

    Each Interface TCPDump capture generates a trace file. The TCPDump trace file can only be exported as part of exporting debug logs.

    Restarting the TCPDump capture overwrites any previously captured data.

Traceroute

Traceroute determines network response time, displays route (path) information from an IP source to an IP destination address, and measures the associated transit delays of packets across the network. It operates by sending a sequence of ICMP packets from a specified source IP address to a specified destination IP address, and uses responses to determine the intermediate routers traversed.

Using Traceroute

  1. Log into the CLI as an Administrator.

  2. Enter the command:

    troubleshoot traceroute <Hostname or IP Address>

  3. Press Enter.

    Traceroute output is displayed directly on the CLI. The last Traceroute operation performed can also be exported as part of the debug logs.

    Traceroute output

No monitoring data received

If no monitoring data is received or if a device is not reachable, verify that:

  • SNMP is enabled

  • SNMPv3 user is configured

  • Utilization and health collection is enabled.