1
00:00:00,770 --> 00:00:05,170
It on sexual merit take a look to the network monitoring.

2
00:00:05,720 --> 00:00:07,720
Let's start with the CS log.

3
00:00:09,110 --> 00:00:15,530
Since love is a standard for message logging and used for system management and security audit thing

4
00:00:15,560 --> 00:00:23,510
as well as generally informational analyzes and debugging messages each message is labeled with a facility

5
00:00:23,510 --> 00:00:32,380
called indicating the Sofaer type generating the message and is signed with the label.

6
00:00:32,400 --> 00:00:33,810
Let's go ahead with this just looks.

7
00:00:33,810 --> 00:00:35,030
Who are the labels.

8
00:00:35,070 --> 00:00:42,860
The meaning of several labels are other than the emergency and debugging are related to the application.

9
00:00:42,870 --> 00:00:49,500
For example if the purpose of the system is to process transactions to update customer account balance

10
00:00:49,500 --> 00:00:55,730
information and error in the files there should be a sign the error label.

11
00:00:55,830 --> 00:01:03,390
However an error occurring in an attempt to display the zip code of the customer may be assigned an

12
00:01:03,630 --> 00:01:07,090
error or even warning level.

13
00:01:07,340 --> 00:01:15,120
This server processes which handles the message usually includes all lower levels.

14
00:01:15,120 --> 00:01:22,660
That is if messages are separated by individual so were the warning and three will be included in the

15
00:01:23,100 --> 00:01:26,790
notice info and the debark process.

16
00:01:26,790 --> 00:01:31,140
For example as you can see in here we have some sever levels.

17
00:01:31,140 --> 00:01:41,710
For example the emergency level became an example such as Cisco Ayas software could not be load.

18
00:01:42,080 --> 00:01:47,620
For example an alert level message can be temperature is too high.

19
00:01:47,690 --> 00:01:50,730
For example a critical error message.

20
00:01:50,750 --> 00:01:57,890
I'm certain the clinical sorta level example can be unable to allocate the memory and something like

21
00:01:57,980 --> 00:01:59,300
that as a concern here.

22
00:02:00,760 --> 00:02:08,770
And here is the format office slug message in the first fields that refers to the time stamp.

23
00:02:08,830 --> 00:02:14,190
This is showing as when the log message was created simply.

24
00:02:14,350 --> 00:02:18,880
The second thing shows us this facility.

25
00:02:18,950 --> 00:02:27,490
Third shows the Square-D low end the another field shows us the MNM Monique.

26
00:02:27,500 --> 00:02:34,330
Which means what is going on on the link link is going up.

27
00:02:34,520 --> 00:02:43,700
Which means that's going to down or that is going to OP and then weird Grimsey interface changed state

28
00:02:43,760 --> 00:02:44,620
too.

29
00:02:44,930 --> 00:02:51,240
That's the main log message.

30
00:02:51,910 --> 00:02:58,360
So let's go with this this looks so worse this looks so helps to collect blocks and warnings to a central

31
00:02:58,360 --> 00:02:59,850
Sisler point.

32
00:02:59,950 --> 00:03:08,770
Network administrators can easily never get the large amount of data compiled in a cyst locked server

33
00:03:09,100 --> 00:03:12,520
and to display the Sisler message you can use.

34
00:03:12,520 --> 00:03:21,940
The show log command and you can see the all logs that are created in our rather.

35
00:03:21,950 --> 00:03:33,880
Or maybe switch by typing the show look command let's go with the S&amp;P simple management protocol as

36
00:03:33,880 --> 00:03:40,860
an MP is an Internet standard protocol for collecting and organizing information about managed to eyes

37
00:03:40,860 --> 00:03:47,850
on IP networks and for modifying that information to change the way its behavior.

38
00:03:47,870 --> 00:03:56,880
US is that topical to support as an MP include cable modems rather Swades servers workstations printers

39
00:03:56,910 --> 00:03:58,200
and more.

40
00:03:58,460 --> 00:04:03,550
As an MP is widely used in network management for network monitoring.

41
00:04:03,780 --> 00:04:12,450
As an MP expose's management data in the form of variables on the managed systems organize in a managed

42
00:04:12,570 --> 00:04:21,630
information base MIB which describe the system status and the configuration these variables can them

43
00:04:21,630 --> 00:04:29,470
be remotely queried and in some circumstances many plated by managing applications.

44
00:04:31,350 --> 00:04:35,670
It's an imperfect process consists of some steps.

45
00:04:35,830 --> 00:04:44,250
The first step that we're going to take a look is get request get request is use to get the value of

46
00:04:44,290 --> 00:04:51,150
a specific MIB and there is a manager to Agent message.

47
00:04:51,150 --> 00:04:55,380
The second thing is the get response message.

48
00:04:55,590 --> 00:04:56,080
Yes.

49
00:04:56,090 --> 00:05:03,250
Yes your response is used to retrieve the next value of the MIB where I bowl.

50
00:05:03,540 --> 00:05:11,890
And then third is this search request search request that is used to change the value of where we're

51
00:05:11,910 --> 00:05:15,690
able or list of where eyeballs and Edge.

52
00:05:15,840 --> 00:05:23,130
Let's go ahead with the agent to manage your message which are to get response and the trap yet response

53
00:05:23,220 --> 00:05:31,950
is to receive notification message form agent manager and trap our losen agent to not manager of important

54
00:05:32,120 --> 00:05:41,820
winds wire and also state that as an MP message we have three thirds of the SMP as an MP version.

55
00:05:41,850 --> 00:05:46,430
One is the initial implementation of the SMP protocol.

56
00:05:46,560 --> 00:05:54,630
It's an MP version 2 Rees's version 1 and includes improvements in the areas of performance security

57
00:05:54,660 --> 00:05:56,610
and the confidentiality.

58
00:05:56,670 --> 00:06:05,160
And as an MP version 3 primally as the security and the remote configuration enhancements to the SMP

59
00:06:06,990 --> 00:06:14,730
Let's go ahead with the SMP committee street term they said and become world string is like a user ID

60
00:06:14,790 --> 00:06:23,370
or password that allows access to others or other devices statistics if to come in the string is correct

61
00:06:23,580 --> 00:06:30,590
that the worst response with the requested information is to commit a string is not correct.

62
00:06:30,750 --> 00:06:38,960
The D-y simply discards the request and does not response it is an empty command the string is used

63
00:06:38,970 --> 00:06:46,570
in essence it rewards one and the SMP version to Emyr two thirds of it.

64
00:06:46,570 --> 00:06:51,340
As an MP the strings the first thing is the read only.

65
00:06:51,360 --> 00:06:56,880
That means you can access the method but you cannot make any change.

66
00:06:56,880 --> 00:06:59,240
The second type is the redirect.

67
00:06:59,310 --> 00:07:06,930
That means you can access and modify the meet and go figure that's an origin.

68
00:07:06,940 --> 00:07:16,350
3 What we're doing is we're just defining an access list and here as you can see I Pax's the standard

69
00:07:16,380 --> 00:07:25,470
and the access list name and we're defining the IP address that we are going to permit then we're using

70
00:07:25,530 --> 00:07:29,820
the SMP server commands.

71
00:07:29,820 --> 00:07:33,650
It's an IP so we'll just monitor.

72
00:07:33,850 --> 00:07:43,270
I also include and we are defining the administrators group and we're defining the rights of the group

73
00:07:43,270 --> 00:07:51,610
as you can see here and then we are defining as single user in here as you can see in here.

74
00:07:53,510 --> 00:08:01,440
To air Friday a Senate version 3 configuration we can use the show as an MP group command.

75
00:08:01,670 --> 00:08:03,440
Let's go ahead with the net flow.

76
00:08:03,440 --> 00:08:11,600
Now let flow is an embedded instrumentation within Cisco software to characterize network operation

77
00:08:11,960 --> 00:08:19,640
with ability into the network isn't indispensable to for I.T. professionals in response to new requirements

78
00:08:19,670 --> 00:08:26,330
and the procedures network operators are finding it's critical to understand how the network is behaving

79
00:08:26,360 --> 00:08:33,730
including application and the network usage network per day to day and utilization of network services.

80
00:08:33,860 --> 00:08:40,610
The impact of chase to the network network and family and the security will notabilities and the long

81
00:08:40,610 --> 00:08:43,050
term compliance issues.

82
00:08:43,250 --> 00:08:50,360
And let's go ahead how we can cover you with the net FULDE configured the network we are using the IP

83
00:08:50,360 --> 00:08:57,620
flow of commands and we're tapping the direction is it's going to be an ingress or egress then we are

84
00:08:57,620 --> 00:09:07,010
defining our IP for export Wurzels or the destination will is as you can see in here we're finding the

85
00:09:07,070 --> 00:09:15,250
full of configuration we are using to show IP for export commands and we can also use the show IP cash

86
00:09:15,250 --> 00:09:16,620
flow command.