PHgeorge0603
Grasshopper
TIPS FOR SRX RSI LOGS ANALYSIS
(search on cli logs using notepad)
-------------------------------
show version
-------------------------------
It is useful to know the version to search for any defects that might be related.
You can do a PR search by version and keywords @ You do not have permission to view the full content of this post. Log in or register now. [note: use vendor site password]
-------------------------------
show chassis routing-engine
-------------------------------
Gives the CPU and memory utilization of the RE (control plane).
Reference: show chassis routing-engine (View)
Note: If Idle is 0 that means the CPU is at max utilization.
--------------------------------
show security monitoring fpc
--------------------------------
[not found on other srx initial rsi logs, request separate logs from the client]
Gives the CPU, memory, session counts, and session bring up rate of each SPU (forwarding plane)
Example:
root@Source> show security monitoring
Flow session Flow session CP session CP session
FPC PIC CPU Mem current maximum current maximum
0 0 0 68 0 524288 0 0
------------------------
show system uptime
------------------------
-Gives the time the system has been online, last booted, last configured, as well as the current system time.
-Both nodes of a cluster should display correct times. (Note: there is a delay when the command is run for node0 vs. node1)
-Time last configured may give clues about any changes that could be related
-----------------------------------
show security flow session summary
-----------------------------------
Shows the current session count and max limit of the SPU's
reference: You do not have permission to view the full content of this post. Log in or register now.
-----------------------------------
show chassis fpc pic-status
-----------------------------------
Shows if the modules have fully come online yet or not.
reference: You do not have permission to view the full content of this post. Log in or register now.
-------------------------------
show interfaces extensive
-------------------------------
Interface counters such as L2 channel errors, Input DA rejects, TCP sequence error, No more sessions, PPS rates, speed/duplex, etc
reference: You do not have permission to view the full content of this post. Log in or register now.
--------------------------------
show chassis cluster status
--------------------------------
If using cluster, check if redundancy group (RG) priorities are not 0, check if the redundancy groups are primary/secondary as expected.
reference: You do not have permission to view the full content of this post. Log in or register now.
----------------------------------
show chassis cluster information
----------------------------------
If using cluster, check if heartbeats & probes are sent & received, that cold synchronization has not failed,
any failover reasons or interface monitoring events
reference: You do not have permission to view the full content of this post. Log in or register now.
----------------------------------
show chassis cluster interfaces
----------------------------------
If using cluster, check that control and fab links are up, reth interfaces are up,
and child physical interfaces tracked by interface monitoring are up
reference: You do not have permission to view the full content of this post. Log in or register now.
-------------------------------------------
show security ipsec security-associations
-------------------------------------------
If IPSec is configured, check VPN status
reference: You do not have permission to view the full content of this post. Log in or register now.
------------------------
show system core-dumps
------------------------
Check for any recent coredumps
reference: You do not have permission to view the full content of this post. Log in or register now.
---------------------------------
show system processes extensive
---------------------------------
Check for any processes using high CPU, high memory, or excessive instances of the same process
Sample command: show system processes extensive | except 0.0 |this command not included on initial rsi logs,|
| ask client separate logs if needed |
---------------------------
show system statistics
---------------------------
For problems with traffic terminating/originating on the SRX itself, such as ARP, IPSec, TCP, UDP, IP, IGMP, etc
------------------------
show interfaces queue
------------------------
If using class of service, gives more details on interface drops |this command not included on initial rsi logs,|
| ask client separate logs if needed |
reference: You do not have permission to view the full content of this post. Log in or register now.
---------------------
show route brief
---------------------
Check if route information is correct |this command not included on initial rsi logs,|
| ask client separate logs if needed |
----------------------
show chassis alarms
----------------------
Check for any general alarms raised
reference: You do not have permission to view the full content of this post. Log in or register now.
---------------------------
show chassis fabric plane
---------------------------
High end only, check the connections between modules don't report errors
reference: You do not have permission to view the full content of this post. Log in or register now.
---------------------------
show system storage
---------------------------
Check for available disk space on the / and /var partitions
reference: You do not have permission to view the full content of this post. Log in or register now.
--------------------------
show configuration
--------------------------
Delete any unnecessary traceoptions
reference: You do not have permission to view the full content of this post. Log in or register now.
--------------------------
show system commit
--------------------------
Check when the last commit was performed and by whom. |this command not included on initial rsi logs,|
| ask client separate logs if needed |
---------------------------
show system rollback
---------------------------
Usage : show system rollback compare 1 0 |this command not included on initial rsi logs,|
| ask client separate logs if needed |
0 is the present configuration
1 is the last configuration
Output shows some configuration in "+" and some configuration in "-"
"+" configuration is the configuration that is added from 1 to 0
"-" configuration is the configuration that is deleted from 1 to 0
reference: You do not have permission to view the full content of this post. Log in or register now.
Other log commands not included on the initial rsi logs, advisable to ask these to client upon acknowledgement mail
*** show system processes extensive | except 0.0
*** show interfaces queue
*** show route brief
*** show system commit
*** show system rollback
Hit thanks if this is helpful
(search on cli logs using notepad)
-------------------------------
show version
-------------------------------
It is useful to know the version to search for any defects that might be related.
You can do a PR search by version and keywords @ You do not have permission to view the full content of this post. Log in or register now. [note: use vendor site password]
-------------------------------
show chassis routing-engine
-------------------------------
Gives the CPU and memory utilization of the RE (control plane).
Reference: show chassis routing-engine (View)
Note: If Idle is 0 that means the CPU is at max utilization.
--------------------------------
show security monitoring fpc
--------------------------------
[not found on other srx initial rsi logs, request separate logs from the client]
Gives the CPU, memory, session counts, and session bring up rate of each SPU (forwarding plane)
Example:
root@Source> show security monitoring
Flow session Flow session CP session CP session
FPC PIC CPU Mem current maximum current maximum
0 0 0 68 0 524288 0 0
------------------------
show system uptime
------------------------
-Gives the time the system has been online, last booted, last configured, as well as the current system time.
-Both nodes of a cluster should display correct times. (Note: there is a delay when the command is run for node0 vs. node1)
-Time last configured may give clues about any changes that could be related
-----------------------------------
show security flow session summary
-----------------------------------
Shows the current session count and max limit of the SPU's
reference: You do not have permission to view the full content of this post. Log in or register now.
-----------------------------------
show chassis fpc pic-status
-----------------------------------
Shows if the modules have fully come online yet or not.
reference: You do not have permission to view the full content of this post. Log in or register now.
-------------------------------
show interfaces extensive
-------------------------------
Interface counters such as L2 channel errors, Input DA rejects, TCP sequence error, No more sessions, PPS rates, speed/duplex, etc
reference: You do not have permission to view the full content of this post. Log in or register now.
--------------------------------
show chassis cluster status
--------------------------------
If using cluster, check if redundancy group (RG) priorities are not 0, check if the redundancy groups are primary/secondary as expected.
reference: You do not have permission to view the full content of this post. Log in or register now.
----------------------------------
show chassis cluster information
----------------------------------
If using cluster, check if heartbeats & probes are sent & received, that cold synchronization has not failed,
any failover reasons or interface monitoring events
reference: You do not have permission to view the full content of this post. Log in or register now.
----------------------------------
show chassis cluster interfaces
----------------------------------
If using cluster, check that control and fab links are up, reth interfaces are up,
and child physical interfaces tracked by interface monitoring are up
reference: You do not have permission to view the full content of this post. Log in or register now.
-------------------------------------------
show security ipsec security-associations
-------------------------------------------
If IPSec is configured, check VPN status
reference: You do not have permission to view the full content of this post. Log in or register now.
------------------------
show system core-dumps
------------------------
Check for any recent coredumps
reference: You do not have permission to view the full content of this post. Log in or register now.
---------------------------------
show system processes extensive
---------------------------------
Check for any processes using high CPU, high memory, or excessive instances of the same process
Sample command: show system processes extensive | except 0.0 |this command not included on initial rsi logs,|
| ask client separate logs if needed |
---------------------------
show system statistics
---------------------------
For problems with traffic terminating/originating on the SRX itself, such as ARP, IPSec, TCP, UDP, IP, IGMP, etc
------------------------
show interfaces queue
------------------------
If using class of service, gives more details on interface drops |this command not included on initial rsi logs,|
| ask client separate logs if needed |
reference: You do not have permission to view the full content of this post. Log in or register now.
---------------------
show route brief
---------------------
Check if route information is correct |this command not included on initial rsi logs,|
| ask client separate logs if needed |
----------------------
show chassis alarms
----------------------
Check for any general alarms raised
reference: You do not have permission to view the full content of this post. Log in or register now.
---------------------------
show chassis fabric plane
---------------------------
High end only, check the connections between modules don't report errors
reference: You do not have permission to view the full content of this post. Log in or register now.
---------------------------
show system storage
---------------------------
Check for available disk space on the / and /var partitions
reference: You do not have permission to view the full content of this post. Log in or register now.
--------------------------
show configuration
--------------------------
Delete any unnecessary traceoptions
reference: You do not have permission to view the full content of this post. Log in or register now.
--------------------------
show system commit
--------------------------
Check when the last commit was performed and by whom. |this command not included on initial rsi logs,|
| ask client separate logs if needed |
---------------------------
show system rollback
---------------------------
Usage : show system rollback compare 1 0 |this command not included on initial rsi logs,|
| ask client separate logs if needed |
0 is the present configuration
1 is the last configuration
Output shows some configuration in "+" and some configuration in "-"
"+" configuration is the configuration that is added from 1 to 0
"-" configuration is the configuration that is deleted from 1 to 0
reference: You do not have permission to view the full content of this post. Log in or register now.
Other log commands not included on the initial rsi logs, advisable to ask these to client upon acknowledgement mail
*** show system processes extensive | except 0.0
*** show interfaces queue
*** show route brief
*** show system commit
*** show system rollback
Hit thanks if this is helpful