Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
897
Views
0
Helpful
1
Replies

Maintain history or capture of traffic passing through a router

krishnadig
Level 1
Level 1

‎07-02-2018 09:36 AM - edited ‎03-01-2019 06:40 PM

Hello Friends,

Looking for some industry practice or advise how to handle such situation proactively.

 

I generally come across a situation where users report a disconnection of production application connectivity in recent past (few minutes or hours back) and would like to know the cause of the issue. Unless a state change of routing protocol or HSRP, or interface status, etc logging buffer (or syslog) doesnt suffice the investigation; need more logs like NAT translation during realtime or check if did the traffic had really reached the router. Is there a way to capture this information continuously? 

 

I have heard of EPC (Embedded Packet Capture) can be used to monitor pass-through traffic, but its CPU intensive.

 

Thank you,

Krishna

Labels:
0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎07-02-2018 01:12 PM - edited ‎07-02-2018 01:13 PM

Either you can span the port  / Monitor the traffic sending to Log Server

 People use TAP also for the best practice in large environment.

BB

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents