I'm looking for resources and enablement material to performing Cisco health checks; especially on Cisco Security equipment. Now I've found various resources scattered on different places, and I'm wondering where would be the best place to go and find out more on this subject.
The following are a few examples of resources that I've found up until now:
There is a lot that you can do on your own to check the health of your Stealthwatch installation.
Just by using your Stealthwatch Management Console (SMC) to check your connected devices you are checking the communications channel between the SMC and the flow collectors (and flow sensors if installed). You can also check whether the communications channel to your local ISE server is operational (ISE server will be online) at the SMC.
Running the Java client from the SMC (in addition to using the web client) is important because it validates that you have the needed version of Java installed. Too often Stealthwatch admins who don't usually use the Java client will find that they need to apply a Java update before they can run the client. Also clean up old version of Java while you are here.
Verify flow collection. Look at the directory structure in the SMC Java client and make sure that each of your flow collectors listed are online and functioning. If they are functioning the flow count should be increasing. Sometimes you'll find that one or more devices that should be exporting flow have gone off line.
Using the Admin interface check to make sure that all your SMC, flow collectors and flow exporters licenses are up to date; that all are using the same NTP clock and DNS settings; and all your certificates.