E-78
Cisco Intrusion Prevention System Appliance Hardware Installation Guide for IPS 7.1
OL-24002-01
Appendix E Troubleshooting
Gathering Information
Note The ASA 5500-X IPS SSP and the ASA 5585-X IPS SSP do not support bypass mode. The adaptive
security appliance will either fail open, fail close, or fail over depending on the configuration of the
adaptive security appliance and the type of activity being done on the IPS.
Use the show health command in privileged EXEC mode to display the overall health status information
of the sensor. The health status categories are rated by red and green with red being critical.
To display the overall health status of the sensor, follow these steps:
Step 1 Log in to the CLI.
Step 2 Show the health and security status of the sensor.
sensor# show health
Overall Health Status Red
Health Status for Failed Applications Green
Health Status for Signature Updates Green
Health Status for License Key Expiration Red
Health Status for Running in Bypass Mode Green
Health Status for Interfaces Being Down Red
Health Status for the Inspection Load Green
Health Status for the Time Since Last Event Retrieval Green
Health Status for the Number of Missed Packets Green
Health Status for the Memory Usage Not Enabled
Health Status for Global Correlation Red
Health Status for Network Participation Not Enabled
Security Status for Virtual Sensor vs0 Green
sensor#
Tech Support Information
The show tech-support command is useful for capturing all sensor status and configuration information.
This section describes the show tech-support command, and contains the following topics:
• Understanding the show tech-support Command, page E-78
• Displaying Tech Support Information, page E-79
• Tech Support Command Output, page E-80
Understanding the show tech-support Command
The show tech-support command captures all status and configuration information on the sensor and
includes the current configuration, version information, and cidDump information. The output can be
large, over 1 MB. You can transfer the output to a remote system. For the procedure for copying the
output to a remote system, see Displaying Tech Support Information, page E-79.
Note Always run the show tech-support command before contacting TAC.
Comments to this Manuals