No easy way I'm afraid.

User Tracking is able to show just current status, I'm afraid, not the history. So even if you do UserTracking every hour, you could miss somebody connected to the port just for 5 minutes.

Even counters mentioned in http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1dd71112

are not reliable.

Regards,

Milan

Hi,

You can configure user tacking to remove switchport entries that haven't been seen on a switchport for a set period of time.

So if you produced a report say each month or whatever you feel more comfortable with then you can identify which ports haven't seen a MAC address within this period and disconnect the switch ports based on that.

Thanks

PD

Good idea, Patrick!

Not 100% reliable, but helpful, I think.

Thanks,

Milan

Hi,

Thanks, i've had good success using this in the past, however, there is always someone who has an old Macintosh under their desk that they need to use once every two months :(

Rgds

PD

Thanks for the help.

Thanks. I have getif, I'll try it.

HI Dave,

I have been looking to do this for a while and I was refered to this post by milan K.

I got the getif utility and see it can show me the realtime inter status. Could you pls. explain how you do what you have mentioned above.

Appreciate any help on this very much.

Thanks

Sunil emailed me for additional details, and I composed the following description, Posting here just in case anyone else wants the info or was having difficulties (GetIf is a great little SNMP utility, but it's interface takes some time to learn).

Here are the steps I take to get the SNMP information from swicthes using GetIf :

1 - on the Parameters tab

2 - enter the IP Address of the switch in to the "Host Name" box

3 - check that the "Read Community" is set to your ro community string (of course the Cisco switches must have SNMP enabled, and you muct know the string)

4 - click on the start button ... this 'gets' the basic MIB II System info like SysDescr, SysLoc, SysContact, etc

5 - switch to the MBrowser tab

6 - expand the 'iso' branch in the tree view as follows : .iso.org.dod.internet.mgmt.mib-2

7 - now expand the 'System' branch and select 'sysUpTime', then click the 'Start' button to get the snmp value, the returned value is displayed just below the tree view, make a note of this value as it will disappear when you get the next set of information

8 - expand the 'Interfaces' branch, then 'ifTable', then 'ifEntry' ... this is where the interface status and last change values appear

9 - I always select 'ifDescr' (click 'Start') to read the releationship between the ifIndex (how snmp indexes the interfaces) and the actual Cisco switch designation like FastEthernet 0/17 ... some switches have ifIndex 1 = VLAN 1, while others have ifIndex 1 = FastEthernet 0/1

10 - select 'ifOperStatus', click start, and note the interfaces that are operationally down (no link) ... again, be careful of ifIndex-to-port relationship as explained above

11 - select 'ifLastChange', click start, and now look at those interfaces which were operationally down, and that have a large difference between ifLastChange and sysUpTime.

Remember that the sysUpTime starts at 0:00:00:00.000 when the switch is powered up. Any ports that are down and show an ifLastChange that is close to '0', something like 0:00:00:25.37, were down when the switch powered on, and have never been up since. Of course if your switch was recently powered on, this entire method is unreliable, but if they run for months and months, then you should be able to find any ports that have been down for more than 30 days or however long you might think means it is 'unused'.

Great information. First let me say that I am not a programmer, can't even think like one. Do you know if there are programs that could pull this information for a range of switches?

Its got to be Cisco Works then

I have been using Campus Manager > User Tracking to locate unused ports for a long time now.

It basically does the same thing as using getif as mentioned in the post above, however without you actioning all the different stages,

Within User Tracking you just specify in the preferences how long undiscovered entries should remain in the table. After a period of time, say thirty days the entry will be deleted from the table, you can export the table to a spreadsheet and any entries that are missing (i.e. no switch port number in spreadsheet) can be unpatched.

EDIT: That is of course if your range of switches are all Cisco :)

HTH

Paddy

I'll give it a try. Thanks.