ipl-logo

15Log Analytics

.pdf
School
Palo Alto College**We aren't endorsed by this school
Course
BIOL 123
Subject
Industrial Engineering
Date
Dec 18, 2024
Pages
9
Uploaded by misagova
urses 15.2- Log Analytics v Done: View Attempt: 1 You have earned 0 point(s) out of 0 point(s) thus far. ISE 301 for Field Engineers 15.2 - Log Analytics 1. Log Analytics provides a flexible analytics system for in-depth analysis of endpoint authentication, authorization, and accounting (AAA), and profiling syslog data. You can also analyze the Cisco ISE health summary and process statuses. You can generate reports that are similar to the Cisco ISE Counters and Health Summary report. Log Analytics is not enabled by default. Begin by enabling it. Still logged in as tony on ISE in m, navigate to Operations > System 360 > Settings. '\ Operations ' RADIUS Live Logs 2 Live Sessions Threat-Centric NAC Live Logs TACACS Live Logs Troubleshoot Diagnostic Tools Download Logs Debug Wizard Adaptive Network Control Policy List Endpoint Assignment Reports System 360 Settings v Monitoring & 2. Enable Log Analytics. Save your changes. @ Monitoring Go to Monitoring & View different endpoints Monitoring and Log Analytics Settings Monitoring enables you to monitor a wide range of applications, system statistics, and key performance indicators (KPI) of all deployment nodes from a centralized console Log Analytics provides a flexible analytics system for in-depth analysis of syslog data generated from
Background image
I Log Analytics I o E 3. Click on Log Analytics. ] Settings Monitoring Log Analytics " Monitoring and Log Analytics Settings X Monitoring enables you to monitor a wide range of applications, system statistics, and key performance indicators (KPI) of all deployment nodes from a centralized console. ( @O Monitoring 2 Go to Monitoring [ View n Log Analytics provides a flexible analytics system for in-depth analysis of syslog data generated from different endpoints. @ Log Analytics Go to Log Analytics [ View It can take between 5-10 minutes for Log Analytics to fully load. elastic = Dashboard. Dashboards Q search Tags v ISE Obsarvability Dashboard ISE Overview Dashboard ISE Processes Summary ISE Troubleshooting Dashboard Profiler Performance Profiler Summary RADIUS Accounting Summary RADIUS Authentication Summary RADIUS Performance RADIUS Step Latency TACACS Accounting Summary TACACS Authentication Summary Rows per page: 20 v/ 1 4. Log Analytics uses Kibana, an open-source data visualization platform, to analyze and visualize the syslog data, and Elasticsearch is used to store and index the syslog data. Click on ISE Processes Summary. [ ] ) elastic Dashboards Q searcn. Tage e Descrtion Togs Actons ISE Observabitty Dashboard 1SE Overview Dashboard
Background image
5. The ISE Process Summary dashboard displays the same kind of information as the CLI command show application status ISE. et et e 8 et Ieaged.ttmezone per 6 minven e300t imesene pur 6 meten P S tngne .......Liimesone per 8 minutes 29020, tene e e 8 s 6. After familiarizing yourself with this dashboard, return to the Log Analytics home by clicking on Dashboard in the top left corner. = Dashboard ISE Processes Summary [8) v Search 7. Click on RADIUS Authentication Summary to view another dashboard. Dashboards Q searc Togs v
Background image
RADIUS Per RADIUS st TACACS Authentication S 8. The RADIUS Authentication Summary dashboard displays the same information as RADIUS Live Logs and more. RADIUS Authentication 3 Summary - Shows the top 10 RADIUS authentication records for the specific period based on the selected parameters 9. After familiarizing yourself with this dashboard, return to the Log Analytics home by clicking on Dashboard in the top left corner. = Dashboard ISE Processes Summary [8) v Search 10. Click Create dashboard. Q searc Togs e oescrpton Toos actons
Background image
11. Click Create visualization. xa|[@ Lastsaays Show astes @ +nganmer v so [ Allypes v B3 Addfrom fbrary. 1 Create visuaization 5 Adyour st vsuszaton Create 12. Begin by choosing an Index Pattern. In Kibana, Index Patterns are configurations that allow you to define how Kibana interacts with one or more Elasticsearch indices. Select mnt_analytics_process_status* as the Index Pattern. This Index Pattern is used to view system statistics such as CPU utilization, disk space, load average, memory utilization, network utilization, RADIUS request latency, and TACACS request latency. This data can be used to create the System Health Summary report. = owwons e + Add fiter stacked " mnt_analytics_process_st.. s jig} Barvertica stacked i & Index pattern 13. Drag-and-drop the database field into the center. @ elastic ° Inspect Canca ° [EET—— o (@ Lost1s mines Show aat m © +adafiter Q Fiter by type (0 o Rocords Drop some fields here to start 14. The database field should default to using logged_at_timezone along the horizontal axis, and Median of database along the vertical axis, for the last 15 minutes. ® elastic Eastic ©
Background image
—T —— §s) s Q sea . ° ~ —— © Add or drag-and-drop a field i ) 3 i H [R——— Inspect Doy ot anaiytics_process_st.. w5 Barvertcalstacked :u Lanatytcs process. i it Bar verticalstacked Ve ¥ Won [rm— logged_attimezone x Vertea s © Add or rag-and-crop a fie Broak down oy © Acd or arag-and-crop a i Q searcn i Fiterby type (0 v #) aatabase.sstener ©) database istenerkeywora
Background image
16. Feel free to add additional visualizations to your dashboard. When you are ready, save your new dashboard as STARK Dashboard. © acatier © create visusization AN ] b @ ogged. X Save dashboard Title STARK Dashboard Description Vi Tags v X Store time with dashboard han e each time this dashboard is loaded 17. Finally, logoff as tony by pointing to the user icon in the top right corner and
Background image
click Logout. R Make a wish About ISE and Server Account Settings Logout Selected 0 Total 1 [ 4o% (Ao B ETCD What s the relationship between Kibana and Elasticsearch? O Elasticsearch is used to analyze and visualize the syslog data, and Kibana is used to store and index the syslog data. © Kibana is used to analyze and visualize the syslog data, and Elasticsearch is used to store and index the syslog data. You have completed 0% of the lesson Previous activity Next activity 15.1 - [ fump to... 16.1 - Install Patch Infrastructure on ISE Monitoring
Background image
(OlAngli¢tina Cedtina Hlasova funkce je omezena na 200 znaku Moznosti : Historie : Zpétna vazba : Donate Zavrit
Background image