Ntuziaka njirimara Cisco Secure Network Analytics

Pịa akara ngosi (Ellipsis) maka ngwa wee họrọ Dezie
Nhazi ngwa.
Na mkpokọta taabụ, pịgharịa gaa na Ọrụ Mpụga wee wepụ akara
Kwado metrics ịga nke ọma ndị ahịa.

Pịa Tinye ntọala ma chekwaa mgbanwe dịka kpaliri.
Kwenye na ọnọdụ ngwa ga-alaghachi na Ejikọtara na Central
Ihe njikwa ngwa ahịa tab.

Ajụjụ (Ajụjụ a na-ajụkarị)

Kedu otu m ga-esi mara ma agbanyere metrik ịga nke ọma ndị ahịa?

A na-agbanye metrik ihe ịga nke ọma nke ndị ahịa na-akpaghị aka na Nchekwa gị
Ngwa nyocha netwọkụ.

Kedu data na-emepụta site na Secure Network Analytics?

Ntụle netwọkụ echekwara na-ebute JSON file na metrics data
nke ezigara igwe-oji.

View Fullscreen

Cisco Secure Network Analytics
Ntuziaka nhazi nhazi ihe ịga nke ọma ndị ahịa 7.5.3

Tebulu ọdịnaya

gafereview

Na-ahazi Firewall Network

Ịhazi onye njikwa

Ịkwụsị metrics ịga nke ọma ndị ahịa

Data ihe ịga nke ọma ndị ahịa

Ụdị mkpokọta

Nkọwa metrics

Onye nchịkọta mmiri

Flow Collector StatsD

Onye njikwa

Onye njikwa StatsD

Onye isi UDP

Ngwa niile

Nkwado kọntaktị

Gbanwee akụkọ ihe mere eme

-2-

gafereview
gafereview
Metrics Ịga nke Ọma nke ndị ahịa na-enyere aka iziga data Cisco Secure Network Analytics (nke bụbu Stealthwatch) na igwe ojii ka anyị nwee ike nweta ozi dị mkpa gbasara mbugharị, ahụike, arụmọrụ, na ojiji nke sistemụ gị.
Agbanyere: A na-enyere metrik ihe ịga nke ọma ndị ahịa na-akpaghị aka na ngwa nyocha netwọkụ gị echekwara.
l Ịnweta ịntanetị: achọrọ ohere ịntanetị maka metrik ịga nke ọma nke ndị ahịa. l Cisco Security Service Exchange: Cisco Security Service Exchange agbanyere
na-akpaghị aka na v7.5.x ma achọrọ maka Metrics Success Metrics. l Data Files: Ntụle netwọkụ echekwara na-ebute JSON file na metric data.
A na-ehichapụ data na ngwa ngwa ozugbo ezipụ ya na igwe ojii.
Ntuziaka a gụnyere ozi ndị a:
l Ịhazi Firewall: Hazie firewall netwọk gị iji kwe ka nkwurịta okwu sitere na ngwa gị gaa n'igwe ojii. Rụtụ aka na ịhazi Firewall netwọkụ.
l Ịkwụsị Metrics Ịga nke Ọma nke Ndị Ahịa: Ka ịpụ na Metrics Ịga nke Ọma nke Ndị Ahịa, rụtụ aka na Ịkwụsị Metrics Ịga nke Ọma nke Ndị Ahịa.
l Metrics Ịga nke Ọma nke Ndị Ahịa: Maka nkọwa gbasara metrik, rụtụ aka na Data Metrics Success Metrics Data.
Maka ozi gbasara njide data yana otu esi arịọ ka ihichapụ metric ojiji nke Cisco nakọtara, rụtụ aka na mpempe akwụkwọ data nzuzo Cisco Secure Network Analytics. Maka enyemaka, biko kpọtụrụ Cisco Nkwado.

-3-

Na-ahazi Firewall Network
Na-ahazi Firewall Network
Iji kwe ka nkwurịta okwu sitere na ngwa gị gaa na ígwé ojii, hazie firewall netwọk gị na Cisco Secure Network Analytics Manager (nke bụbu Stealthwatch Management Console).
Gbaa mbọ hụ na ngwa ngwa gị nwere ohere ịntanetị.
Ịhazi onye njikwa
Hazie firewall netwọk gị iji kwe ka nkwurịta okwu sitere na ndị njikwa gị gaa na adreesị IP ndị a na ọdụ ụgbọ mmiri 443:
l api-sse.cisco.com l est.sco.cisco.com l mx*.sse.itd.cisco.com l dex.sse.itd.cisco.com l emume-ingest.sse.itd.cisco.com
Ọ bụrụ na anabataghị DNS ọha, jide n'aka na ị hazie mkpebi ahụ na mpaghara na ndị njikwa gị.

-4-

Ịkwụsị metrics ịga nke ọma ndị ahịa
Ịkwụsị metrics ịga nke ọma ndị ahịa
Jiri ntuziaka ndị a iji gbanyụọ Metrics Ịga nke Ọma nke ndị ahịa na ngwa.
1. Banye na njikwa gị. 2. Họrọ Hazie> Global> Central Management. 3. Pịa akara ngosi (Ellipsis) maka ngwa ahụ. Họrọ Dezie ngwa
Nhazi. 4. Pịa General tab. 5. Pịgharịa gaa na ngalaba Ọrụ Mpụga. 6. Wepụ akara nlele Kwado Metrics Ịga nke Ọma Ndị Ahịa. 7. Pịa Tinye Ntọala. 8. Soro na-enyo enyo kpaliri iji chekwaa mgbanwe gị. 9. Na Central Management Inventory taabụ, gosi na ngwa ngwa ọnọdụ laghachi
Ejikọtara. 10. Iji gbanyụọ Metrics Success Metrics na ngwa ọzọ, megharịa usoro 3 ruo
9.

-5-

Data ihe ịga nke ọma ndị ahịa
Data ihe ịga nke ọma ndị ahịa
Mgbe agbanyere metrik ihe ịga nke ọma nke ndị ahịa, a na-anakọta metrik ahụ na sistemụ wee bulite kwa awa 24 ọ bụla na igwe ojii. A na-ehichapụ data na ngwa ngwa ozugbo ezipụ ya na igwe ojii. Anyị anaghị anakọta data njirimara dị ka otu nnabata, adreesị IP, aha njirimara, ma ọ bụ okwuntughe.
Maka ozi gbasara njide data yana otu esi arịọ ka ihichapụ metric ojiji nke Cisco nakọtara, rụtụ aka na mpempe akwụkwọ data nzuzo Cisco Secure Network Analytics.
Ụdị mkpokọta
A na-anakọta metrik ọ bụla dị ka otu n'ime ụdị mkpokọta ndị a:
l App Start: Otu ntinye kwa nkeji 1 (na-anakọta data niile kemgbe ngwa malitere).
l Nchịkọta: Otu ntinye maka oge awa 24 l Oge: Otu ntinye kwa nkeji 5 (ngụkọta nke ntinye 288 kwa awa 24)
A na-anakọta ụfọdụ ụdị mkpokọta n'ụdị dị iche iche karịa ndabara ndị anyị kọwapụtara ebe a, ma ọ bụ ha nwere ike hazie ya (dabere na ngwa). Rụtụ aka na nkọwa metrik maka ozi ndị ọzọ.
Nkọwa metrics
Anyị edepụtala data anakọtara site n'ụdị ngwa. Jiri Ctrl + F iji isiokwu wee chọọ tebụl.

-6-

Data ihe ịga nke ọma ndị ahịa

Onye nchịkọta mmiri

Nkọwa njirimara metrik

ngwaọrụ_cache. arụ ọrụ

Ọnụọgụ adreesị MAC nọ n'ọrụ sitere na ISE na cache ngwaọrụ.

Ụdị mkpokọta
Ihe onyonyo

ngwaọrụ_ cache.ehichapụ
ngwaọrụ_ cache.dabara
ngwaọrụ_cache. ọhụrụ
flow_stats.fps flow_stats.flows
flow_cache.arụ ọrụ
flow_cache.dabara
flow_cache. agwụla
flow_cache.max flow_ cache.percentage
flow_cache.malitere
hosts_cache.cached

Ọnụọgụ adreesị MAC ehichapụrụ site na ISE na cache ngwaọrụ n'ihi na oge agwụla.

Nchịkọta

Ọnụọgụ nke adreesị MAC agbadara site na ISE n'ihi na cache ngwaọrụ ezuola.

Nchịkọta

Ọnụọgụ nke adreesị MAC ọhụrụ sitere na ISE agbakwunyere na cache ngwaọrụ.

Nchịkọta

Ọpụpụ na-asọ kwa nkeji n'ime nkeji ikpeazụ. Ogologo oge

Hazie nbata mbata.

Ogologo oge

Ọnụọgụ nke ọsọ na-arụ ọrụ na nchekwa nchekwa Flow Collector.

Ihe onyonyo

Ọnụọgụ mkpọda agbadala n'ihi na nchekwa nchekwa Flow Collector eruola.

Nchịkọta

Ọnụọgụ nke mgbaba kwụsịrị na cache nke na-anakọta Flow.

Ogologo oge

Oke kachasị nke oghere nchekwa Flow Collector. Ogologo oge

Pasent nke ikike nke nchekwa nchekwa Flow Collector

Ogologo oge

Ọnụọgụ nke mgbaba agbakwunyere na cache nke na-anakọta Flow.

Nchịkọta

Ọnụọgụ nke ndị ọbịa na cache nnabata.

Ogologo oge

-7-

Data ihe ịga nke ọma ndị ahịa

Nkọwa njirimara metrik

Ụdị mkpokọta

hosts_cache.deleted Ọnụọgụ ndị ọbịa ehichapụrụ na cache nnabata.

Nchịkọta

hosts_cache.dabara

Ọnụọgụ ndị ọbịa dara n'ihi na cache onye ọbịa juru.

Nchịkọta

hosts_cache.max

Oke kachasị nke cache onye ọbịa.

Ogologo oge

hosts_cache. ọhụrụ

Ọnụọgụ nke ndị ọbịa ọhụrụ agbakwunyere na cache nnabata.

Nchịkọta

hosts_ cache.percentage

Pasent nke ikike nke cache nnabata.

Ogologo oge

hosts_ cache.probationary_ ehichapụrụ

Ọnụọgụ nke ndị ọbịa na-anwale ule* ehichapụrụ na cache ndị ọbịa.
* Ndị ọbịa na-anwale ule bụ ndị ọbịa na-abụbeghị isi mmalite nke ngwugwu na bytes. A na-ebu ụzọ ihichapụ ndị ọbịa ndị a mgbe ha na-ekpochapụ oghere na cache nnabata.

Nchịkọta

interfaces.fps

Ọnụọgụ ọnụ ọgụgụ interface nke na-apụ apụ kwa sekọnd ebugara Vertica.

Ogologo oge

security_events_ cache. arụ ọrụ

Ọnụọgụ ihe nchekwa na-arụ ọrụ na cache mmemme nchekwa.

Ihe onyonyo

security_events_ cache.dabara

Ọnụọgụ ihe nchekwa dara n'ihi na ebe nchekwa mmemme ezuola.

Nchịkọta

security_events_ cache. kwụsịrị

Ọnụọgụ mmemme nche kwụsịrị na cache mmemme nchekwa.

Nchịkọta

security_events_ cache. etinyere ya

Ọnụọgụ ihe nchekwa etinyere na tebụl nchekwa data.

Ogologo oge

security_events_ cache.max

Oke kachasị nke cache mmemme nchekwa.

Ogologo oge

-8-

Data ihe ịga nke ọma ndị ahịa

Nkọwa njirimara metrik

Ụdị mkpokọta

security_events_ cache.percentage

Pasent nke ikike nchekwa ihe omume nchekwa.

Ogologo oge

security_events_ cache.malitere

Ọnụọgụ mmemme nche malitere na cache mmemme nchekwa.

Nchịkọta

session_cache.arụ ọrụ

Ọnụọgụ nke oge nọ n'ọrụ sitere na ISE na cache nnọkọ.

Ihe onyonyo

session_ cache.ehichapụ

Ọnụọgụ nke oge ehichapụ site na ISE na cache nnọkọ.

Nchịkọta

session_ cache.dabara

Ọnụọgụ nke nnọkọ sitere na ISE wedara n'ihi na cache nke oge ezuola.

Nchịkọta

session_cache. ọhụrụ

Ọnụọgụ nke nnọkọ ọhụrụ sitere na ISE agbakwunyere na cache nnọkọ.

Nchịkọta

ndị ọrụ_cache.arụ ọrụ

Ọnụọgụ ndị ọrụ nọ na cache ndị ọrụ.

Ihe onyonyo

user_cache.ehichapụ

Ọnụọgụ ndị ọrụ ehichapụrụ na cache ndị ọrụ n'ihi na oge agwụla.

Nchịkọta

users_cache.dabara

Ọnụọgụ ndị ọrụ dara n'ihi na cache ndị ọrụ juru.

Nchịkọta

users_cache.new

Ọnụọgụ nke ndị ọrụ ọhụrụ na cache ndị ọrụ.

Nchịkọta

reset_hour

Oge nrụpụta ihe mkpoko mmiri.

N/A

vertica_stats.query_ duration_sec_max

Oge nzaghachi ajụjụ kacha.

Nchịkọta

vertica_stats.query_ duration_sec_min

Oge nzaghachi ajụjụ kacha nta.

Nchịkọta

vertica_stats.query_ duration_sec_avg

Nkezi oge nzaghachi ajụjụ.

Nchịkọta

-9-

Data ihe ịga nke ọma ndị ahịa

Nkọwa njirimara metrik

exporters.fc_count

Ọnụọgụ nke ndị na-ebupụ mbupụ kwa onye nchịkọta Flow.

Ụdị mkpokọta
Ogologo oge

Flow Collector StatsD

Nkọwa njirimara metrik

ndragent.unprocessable_ ịchọta

Ọnụọgụ nchoputa NDR nke e chere na agaghị edozi ya.

ndr-agent.ownership_ registration_failed

Nkọwa nka na ụzụ: Ọnụọgụ ụfọdụ ụdị njehie mere n'oge nhazi NDR.

ndr-agent.upload_ ịga nke ọma

Ọnụọgụ nchoputa NDR nke onye nnọchi anya haziri nke ọma.

ndr-agent.upload_ ọdịda

Ọnụọgụ nchoputa NDR nke onye nnọchite anya bulitere nke ọma.

ndr-agent.processing_ Ọnụọgụ ọdịda ahụrụ n'oge NDR

ọdịda

nhazi.

ndr-agent.processing_ Ọnụọgụ NDR emeziri nke ọma

ihe ịga nke ọma

nchoputa.

ndr-agent.old_file_ehichapụ

Ọnụọgụ nke fileehichapụrụ n'ihi ịka nká.

ndr-agent.old_ registration_delete

Ọnụọgụ ndebanye aha nwe kagburu n'ihi ịka nká.

Ụdị mkpokọta
A na-ekpochapụ mkpokọta kwa ụbọchị
A na-ekpochapụ mkpokọta kwa ụbọchị
A na-ekpochapụ mkpokọta kwa ụbọchị
A na-ekpochapụ mkpokọta kwa ụbọchị
A na-ekpochapụ mkpokọta kwa ụbọchị
A na-ekpochapụ mkpokọta kwa ụbọchị
A na-ekpochapụ mkpokọta kwa ụbọchị
A na-ekpochapụ mkpokọta kwa ụbọchị

- 10 -

Data ihe ịga nke ọma ndị ahịa

Metric Identification netflow fs_netflow netflow_bytes fs_netflow_bytes sflow sflow_bytes nvm_endpoint nvm_bytes nvm_netflow
emume_sal_ihe niile_sal_bytes

Nkọwa

Ụdị mkpokọta

Mkpokọta ndekọ NetFlow sitere na ndị na-ebupụ Netflow niile. Gụnyere ndekọ NVM.

A na-ekpochapụ mkpokọta kwa ụbọchị

Ndekọ Netflow enwetara site na Flow Sensors naanị.

A na-ekpochapụ mkpokọta kwa ụbọchị

Mgbakọta bytes NetFlow enwetara n'aka onye mbupụ NetFlow ọ bụla. Gụnyere ndekọ NVM.

A na-ekpochapụ mkpokọta kwa ụbọchị

NetFlow bytes nwetara site na Flow Sensors naanị.

A na-ekpochapụ mkpokọta kwa ụbọchị

Ndekọ sFlow enwetara n'aka onye mbupụ sFlow ọ bụla.

A na-ekpochapụ mkpokọta kwa ụbọchị

bytes sFlow enwetara n'aka onye mbupụ sFlow ọ bụla.

A na-ekpochapụ mkpokọta kwa ụbọchị

Ebe njedebe NVM pụrụ iche hụrụ taa (tupu nrụpụta kwa ụbọchị).

A na-ekpochapụ mkpokọta kwa ụbọchị

NVM enwetara (gụnyere mgbaba, ebe njedebe, mkpokọta

na ndekọ endpoint_interface).

kpochapụ kwa ụbọchị

NVM enwetara (gụnyere mgbaba, ebe njedebe, mkpokọta

na ndekọ endpoint_interface).

kpochapụ kwa ụbọchị

Ihe niile gbasara nchekwa na ndekọ ndekọ (OnPrem) enwetara (gụnyere ngwa nchekwa na ngwa nchekwa anaghị anabata), agụta site na ọnụọgụ mmemme natara.

A na-ekpochapụ mkpokọta kwa ụbọchị

Nchịkọta Nchebe na Ndebanye aha (OnPrem) mkpokọta

- 11 -

Data ihe ịga nke ọma ndị ahịa

Nchọpụta metrik
ftd_sal_event ftd_sal_bytes ftd_lina_bytes ftd_lina_event asa_asa_event asa_asa_bytes
Onye njikwa

Nkọwa

Ụdị mkpokọta

mmemme enwetara (gụnyere ngwa nchekwa na-agbanwe agbanwe na ngwa nchekwa anaghị eme mgbanwe, nke ọnụọgụ bytes natara.

kpochapụ kwa ụbọchị

Nchịkọta Nchekwa na Logging (OnPrem) (na-abụghị Ngwa Nchekwa Ngwa) enwetara site na naanị ngwaọrụ Firepower Threat Defense/NGIPS.

A na-ekpochapụ mkpokọta kwa ụbọchị

Nchịkọta Nchekwa na Logging (OnPrem) (na-abụghị Ngwa Nchekwa Amụma) sitere na ngwaọrụ Firepower Threat Defense/NGIPS naanị.

A na-ekpochapụ mkpokọta kwa ụbọchị

Data Plane bytes enwetara site na naanị ngwaọrụ nchekwa egwu Firepower.

A na-ekpochapụ mkpokọta kwa ụbọchị

Ihe omume data Plane enwetara site na ngwa nchekwa ọkụ ike egwu egwu.

A na-ekpochapụ mkpokọta kwa ụbọchị

Ihe omume nchekwa ngwa enwetara site na naanị ngwa nchekwa ihe nchekwa.

A na-ekpochapụ mkpokọta kwa ụbọchị

ASA bytes enwetara site na ngwa nchekwa Ada Ada naanị.

A na-ekpochapụ mkpokọta kwa ụbọchị

Nkọwa njirimara metrik

Exporter_cleaner_ Cleaner_enabled

Na-egosi ma agbanyere Interface adịghị arụ ọrụ yana Cleaner Exporters.

Ụdị mkpokọta
Ihe onyonyo

- 12 -

Data ihe ịga nke ọma ndị ahịa

Nkọwa njirimara metrik

Ụdị mkpokọta

Exporter_cleaner_ inactive_threshold

Ọnụọgụ awa onye mbupụ nwere ike ghara ịrụ ọrụ tupu ewepụ ya.

Ihe onyonyo

Exporter_cleaner_

Na-egosi ma Cleaner kwesịrị iji

iji_legacy_cleaner ihe nketa ihicha ọrụ.

Ihe onyonyo

Exporter_cleaner_ hours_after_reset

Ọnụọgụ awa ka emechara nrụpụta na ngalaba kwesịrị ihicha.

Ihe onyonyo

Exporter_cleaner_ interface_without_ status_presumed_ stale

Na-egosi ma Cleaner na-ewepụ ihu ihu ndị na-anakọta Flow amaghị na elekere nrụpụta ikpeazụ, na-ewere ha dị ka ndị anaghị arụ ọrụ.

Ihe onyonyo

onye nhazi.files_ ebugoro

Na-egosi ma mbunye nchịkọta nyocha netwọkụ echekwara na-arụ ọrụ dị ka Ụlọ Ahịa Data.

Ihe onyonyo

akụkọ_zuru oke

Aha akụkọ na oge ịgba ọsọ na milliseconds (naanị onye njikwa).

N/A

akụkọ_params

Ihe nzacha a na-eji mgbe onye njikwa na-ajụ ọdụ data mkpokọta Flow Collector.
Ebupu data maka ajụjụ ọ bụla:
l ọnụ ọgụgụ kacha nke ahịrị l gụnyere-interface-data ọkọlọtọ l ngwa ngwa ajụjụ ọkọlọtọ l ewepu-agụ ọkọlọtọ l na-agbapụta ntụzịaka nzacha l ịtụ-site na kọlụm l ndabere-ogidi ọkọlọtọ

Ihe onyonyo
Ugboro: kwa arịrịọ

- 13 -

Data ihe ịga nke ọma ndị ahịa

Nkọwa njirimara metrik

Ụdị mkpokọta

l Ọnụ ọgụgụ nke njirisi IP
l Ọnụọgụ nke ọnụọgụ IP
l Ọnụọgụ nke njirisi ndị ọbịa
l Ọnụ ọgụgụ nke ụsụụ ndị agha ụzọ abụọ njirisi
l Ma a na-enyocha nsonaazụ ya site na adreesị MAC
l Ma ọ bụ ọdụ ụgbọ mmiri TCP/UDP na-enyocha nsonaazụ ya
l Ọnụ ọgụgụ nke njirimara aha njirimara
l Ma a na-enyocha nsonaazụ ya site na ọnụọgụ bytes/ngwugwu
l Ma a na-enyocha nsonaazụ ya site na ngụkọta ọnụọgụ bytes/ngwugwu
l Ma a na-enyocha nsonaazụ ya URL
l Ma a na-enyocha nsonaazụ ya site na protocol
l Ma ọ bụ ngwa ids na-enyocha nsonaazụ ya
l Ma a na-enyocha nsonaazụ ya site na aha usoro
l Ma a na-enyocha nsonaazụ ya site na hash usoro
l Ma ọ bụ ụdị TLS na-enyocha nsonaazụ ya
l Ọnụọgụ nke ciphers na njirisi suite cipher

domain.integration_ ad_count

Ọnụọgụ njikọ AD.

Nchịkọta

domain.rpe_count

Ọnụọgụ nke amụma ọrụ ahaziri.

Nchịkọta

ngalaba.hg_changes_ ọnụ

Mgbanwe na nhazi otu ndị ọbịa.

Nchịkọta

- 14 -

Data ihe ịga nke ọma ndị ahịa

Nkọwa njirimara metrik

Ụdị mkpokọta

integration_snmp

Ojiji onye nnọchi anya SNMP.

N/A

mwekota_cognitive

Agbanyere mbanye ihe iyi egwu zuru ụwa ọnụ (nke bụbu ọgụgụ isi ọgụgụ isi).

N/A

ngalaba.ọrụ

Ọnụọgụ nke ọrụ akọwapụtara.

Ihe onyonyo

ngwa_default_ ọnụ

Ọnụọgụ ngwa akọwapụtara.

Ihe onyonyo

smc_users_count

Ọnụọgụ ndị ọrụ nọ na Web Ngwa.

Ihe onyonyo

login_api_count

Ọnụọgụ nke ndebanye API.

Nchịkọta

login_ui_count

Ọnụọgụ nke Web Ntinye ngwa.

Nchịkọta

report_concurrency Ọnụọgụ akụkọ na-aga n'otu oge.

Nchịkọta

apicall_ui_count

Oku API onye njikwa site na iji Web Ngwa.

Nchịkọta

apicall_api_count

Ọnụọgụ onye njikwa API na-eji API.

Nchịkọta

ctr. agbanyere

Nzaghachi iyi egwu Cisco SecureX(nke bụbu Cisco Threat Response) agbanyere mbanye.

N/A

ctr.alarm_sender_ agbanyere

Oti mkpu nyocha netwọkụ echekwara maka nzaghachi egwu SecureX agbanyere.

N/A

ctr.alarm_sender_ minimal_severity

Opekempe mkpu ezigara na nzaghachi iyi egwu SecureX.

N/A

ctr.enrichment_ agbanyere

Agbanyere arịrịọ nkwalite site na nzaghachi iyi egwu SecureX.

N/A

ctr.enrichment_limit

Ọnụọgụ nke emume nchekwa kachasị elu nke a ga-eweghachi na nzaghachi iyi egwu SecureX.

Nchịkọta

- 15 -

Data ihe ịga nke ọma ndị ahịa

Nkọwa njirimara metrik

Ụdị mkpokọta

ctr.enrichment_period

Oge a ga-eweghachi ihe omume Nchekwa na nzaghachi iyi egwu SecureX.

Nchịkọta

ctr.number_of_enrichment_request

Ọnụọgụ arịrịọ nkwalite enwetara site na nzaghachi iyi egwu SecureX.

Nchịkọta

ctr.number_of_refer_ Ọnụọgụ arịrịọ maka njikọ pivot Manager

arịrịọ

enwetara site na nzaghachi iyi egwu SecureX.

Nchịkọta

ctr.xdr_number_of_ mkpu

A na-ezigara XDR ọnụ ọgụgụ mkpu kwa ụbọchị.

Nchịkọta

ctr.xdr_number_of_ alerts

A na-ezigara XDR ọnụọgụ ọkwa kwa ụbọchị.

Nchịkọta

ctr.xdr_sender_ agbanyere

Eziokwu/Ụgha ma ọ bụrụ na agbanyere izipu.

Ihe onyonyo

failover_role

Ọrụ nchịkwa nke isi ma ọ bụ nke abụọ na ụyọkọ ahụ.

N/A

domain.cse_count

Ọnụọgụ nke mmemme nchekwa omenala maka ID ngalaba.

Ihe onyonyo

Onye njikwa StatsD

Nchọpụta metrik

Nkọwa

Ụdị mkpokọta

ndrcoordinator.analytics_ agbanyere

Na-egosi ma agbanyere nyocha. 1 ọ bụrụ ee, 0 ma ọ bụrụ na ọ bụghị.

Ihe onyonyo

ndrcoordinator.agents_ akpọtụrụ

Ọnụọgụ ndị ọrụ NDR akpọtụrụ n'oge kọntaktị ikpeazụ.

Ihe onyonyo

ndrcoordinator.processing_ Ọnụọgụ nke mperi n'oge nchọpụta NDR

mmejọ

nhazi.

Nchịkọta

- 16 -

Data ihe ịga nke ọma ndị ahịa

Nchọpụta metrik

Nkọwa

Ụdị mkpokọta

onye nhazi.files_ ebugoro

Ọnụọgụ nchoputa NDR ebugoro maka nhazi.

Nchịkọta

ndrevents.processing_errors

Ọnụọgụ nke files adaghị nhazi n'ihi na sistemụ ahụ ewepụtaghị nchoputa ahụ ma ọ bụ enweghị ike ịtụgharị arịrịọ ahụ.

Nchịkọta

ndrevents.files_ebugote

Ọnụọgụ nke files nke ezigara na mmemme NDR maka nhazi.

Nchịkọta

sna_swing_client_alive

Ngwa ime oku API nke onye ahịa Desktọpụ Onye njikwa SNA na-eji.

Ihe onyonyo

swrm_bụ_na_eji

Njikwa nzaghachi: Uru bụ 1 ma ọ bụrụ na ejiri njikwa nzaghachi. Uru bụ 0 ma ọ bụrụ na ejighị ya.

Ihe onyonyo

iwu swrm

Njikwa nzaghachi: Ọnụọgụ nke iwu omenala.

Ihe onyonyo

swrm_action_email

Njikwa nzaghachi: Ọnụọgụ omume omenala nke ụdị Email.

Ihe onyonyo

ozi swrm_action_syslog_

Njikwa nzaghachi: Ọnụọgụ omume omenala nke ụdị ozi Syslog.

Ihe onyonyo

swrm_action_snmp_trap

Njikwa nzaghachi: Ọnụọgụ omume omenala nke ụdị ọnyà SNMP.

Ihe onyonyo

swrm_action_ise_anc

Njikwa nzaghachi: Ọnụọgụ omume omenala nke ụdị amụma ISE ANC.

Ihe onyonyo

swrm_action_webnko

Njikwa nzaghachi: Ọnụọgụ omume omenala nke Webụdị nko.

Ihe onyonyo

swrm_action_ctr

Njikwa nzaghachi: Ọnụọgụ omume omenala nke nzaghachi egwu ụdị ọnọdụ.

Ihe onyonyo

- 17 -

Data ihe ịga nke ọma ndị ahịa

Metric Identification va_ct va_ce va_hcs va_hcs va_ss va_ses sal_input_size sal_completed_size
oge sal_flush
sal_batches_agara nke ọma

Nkọwa

Ụdị mkpokọta

Ntụle ọhụhụ: Oge ịgba ọsọ agbakọrọ na milliseconds.

Ihe onyonyo

Ntụle Visibility: Ọnụọgụ nke mperi (mgbe mgbako dakọtara).

Ihe onyonyo

Ntụle ọhụhụ: Ọnụ nzaghachi API nke ndị ọbịa na bytes (chọpụta nha nzaghachi oke).

Ihe onyonyo

Ntụle ọhụhụ: Nha nzaghachi API nyocha na bytes (chọpụta nha nzaghachi gabigara ókè).

Ihe onyonyo

Ntụle ọhụhụ: Ihe omume nchekwa nha nzaghachi API na bytes (chọpụta nha nzaghachi oke).

Ihe onyonyo

Ọnụọgụ ntinye n'ahịrị ntinye pipeline.

Ihe onyonyo
Ugboro: 1 nkeji

Ọnụọgụ ndenye na kwụ n'ahịrị ogbe emechara.

Ihe onyonyo
Ugboro: 1 nkeji

Ogologo oge n'ime milisekọnd kemgbe ọkpọkọ ọkpọkọ ikpeazụ.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Ihe onyonyo
Ugboro: 1 nkeji

Ọnụọgụ batches edegara nke ọma nke ọma file.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Ogologo oge
Ugboro: 1 nkeji

- 18 -

Data ihe ịga nke ọma ndị ahịa

Metric Identification sal_batches_processed sal_batches_failed sal_files moved sal_filesal_ darafilesal_rows_edederede sal_rows_ahaziri sal_rows_ dara

Nkọwa

Ụdị mkpokọta

Ọnụọgụ nke batches emebere. Ogologo oge

Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Ugboro: 1 nkeji

Ọnụọgụ nke batches na-emezubeghị ide ihe file.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Ogologo oge
Ugboro: 1 nkeji

Ọnụọgụ nke files kwagara na ndekọ dị njikere.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Ogologo oge
Ugboro: 1 nkeji

Ọnụọgụ nke files na-emezughị ịkwaga.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Ogologo oge
Ugboro: 1 nkeji

Ọnụọgụ nke files tụfuru n'ihi njehie.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Ogologo oge
Ugboro: 1 nkeji

Ọnụọgụ ahịrị ndị edere na ndị ezoro ezo file.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Ogologo oge
Ugboro: 1 nkeji

Ọnụọgụ ahịrị ndị edoziri.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Ogologo oge
Ugboro: 1 nkeji

Ọnụọgụ ahịrị ndị edeghị. Ogologo oge

Dị na Nchekwa Analytics na

Ugboro:

- 19 -

Data ihe ịga nke ọma ndị ahịa

Nchọpụta metrik
sal_total_batches_ gara nke ọma sal_total_batches_ hazie sal_total_batches_failed
ngụkọta_files_kpaliri
ngụkọta_files_emeghị
ngụkọta_files_chụpụrụ sal_total_rows_written

Nkọwa

Ụdị mkpokọta

Ịbanye (OnPrem) naanị ọnụ ọnụ.

Nkeji 1

Ngụkọta ọnụ ọgụgụ batches e degaara nke ọma nke ọma file.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Mmalite ngwa
Ugboro: 1 nkeji

Ngụkọta ọnụ ọgụgụ batches ahazichara.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Mmalite ngwa
Ugboro: 1 nkeji

Ngụkọta ọnụ ọgụgụ files na-emezughị idezi na file.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Mmalite ngwa
Ugboro: 1 nkeji

Ngụkọta ọnụ ọgụgụ files kwagara na ndekọ dị njikere.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Mmalite ngwa
Ugboro: 1 nkeji

Ngụkọta ọnụ ọgụgụ files na-emezughị ịkwaga.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Mmalite ngwa
Ugboro: 1 nkeji

Ngụkọta ọnụ ọgụgụ files tụfuru n'ihi njehie.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Mmalite ngwa
Ugboro: 1 nkeji

Ngụkọta ọnụ ọgụgụ ahịrị ndị edere na ntụnyere aka file.
Dị na Nchekwa Analytics na

Mmalite ngwa
Ugboro: 1 nkeji

- 20 -

Data ihe ịga nke ọma ndị ahịa

Nchọpụta metrik
emebere sal_total_rows
sal_total_rows_ dara sal_transformer_ sal_bytes_per_event sal_bytes_natara sal_events_natara sal_total_events_natara sal_events_dopped

Nkọwa

Ụdị mkpokọta

Ịbanye (OnPrem) naanị ọnụ ọnụ.

Ngụkọta ọnụọgụ ahịrị ndị edoziri.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Mmalite ngwa
Ugboro: 1 nkeji

Ngụkọta ọnụ ọgụgụ ahịrị ndị edeghị.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Mmalite ngwa
Ugboro: 1 nkeji

Ọnụọgụ nke njehie mgbanwe na transformer a.
Dị na Nchekwa Nyocha na Logging (OnPrem) Otu ọnụ ọnụ naanị.

Ogologo oge
Ugboro: 1 nkeji

Nkezi ọnụọgụ bytes kwa mmemme natara.

Ogologo oge
Ugboro: 1 nkeji

Ọnụọgụ bytes enwetara site na sava UDP.

Ogologo oge
Ugboro: 1 nkeji

Ọnụọgụ mmemme enwetara site na sava UDP.

Ogologo oge
Ugboro: 1 nkeji

Ngụkọta ihe omume nke rawụta nwetara.

Mmalite ngwa

Ọnụọgụ mmemme enweghị atụ tụbara.

Ogologo oge
Ugboro: 1 nkeji

- 21 -

Data ihe ịga nke ọma ndị ahịa

Metric Identification sal_total_events_dopped sal_events_eleghara sal_total_events_eleghara sal_receive_queue_size sal_events_per second sal_bytes_per_second sna_trustsec_report_runs
Onye isi UDP

Nkọwa

Ụdị mkpokọta

Ngụkọta ọnụ ọgụgụ mmemme enweghị atụ tụbara.

Mmalite ngwa
Ugboro: 1 nkeji

Ọnụọgụ mmemme eleghara/anaghị akwado.

Ogologo oge
Ugboro: 1 nkeji

Ngụkọta ọnụ ọgụgụ mmemme eleghara/anaghị akwado.

Mmalite ngwa
Ugboro: 1 nkeji

Ọnụọgụ mmemme na kwụ n'ahịrị nnata.

Ihe onyonyo
Ugboro: 1 nkeji

Ọnụọgụ oriri (ihe omume kwa nkeji).

Ogologo oge
Ugboro: 1 nkeji

Ọnụọgụ oriri (bytes kwa nkeji).

Ogologo oge
Ugboro: 1 nkeji

Ọnụọgụ nke arịrịọ mkpesa TrustSec kwa ụbọchị.

Nchịkọta

Nkọwa njirimara metrik

Source_count

Ọnụọgụ nke isi mmalite.

Ụdị mkpokọta
Ihe onyonyo

- 22 -

Data ihe ịga nke ọma ndị ahịa

Nkọwa njirimara metrik

Iwu_count packets_unmatched packs_dopped

Ọnụọgụ nke iwu. Ngwungwu kacha enweghị atụ. Ihe ngwugwu eth0.

Ụdị nchịkọta foto foto foto

Ngwa niile

Nkọwa njirimara metrik

Ụdị mkpokọta

ikpo okwu

Ikpo okwu ngwaike (dịka: Dell 13G, KVM Virtual Platform).

N/A

Oghere Usoro

Oghere Usoro nke ngwa.

N/A

ụdị

Nọmba ụdị nyocha netwọkụ echekwara echekwara (dịka: 7.1.0).

N/A

ụdị_build

Nọmba ihe nrụpụta (dịka: 2018.07.16.2249-0).

N/A

ụdị_patch

Nọmba patch.

N/A

csm_ụdị

Ụdị koodu ihe ịga nke ọma nke ndị ahịa (dịka: 1.0.24-SNAPSHOT).

N/A

power_supply.ọnọdụ

Ọnụ ọgụgụ ọkọnọ ike njikwa njikwa na Flow Collector.

Ihe onyonyo

ProductNgwaAha Smart ikike njirimara ngwaahịa.

N/A

- 23 -

Nkwado kọntaktị
Nkwado kọntaktị
Ọ bụrụ na ịchọrọ nkwado teknụzụ, biko mee otu n'ime ihe ndị a: Kpọtụrụ Cisco Partner mpaghara gị l Kpọtụrụ Cisco Nkwado l Ka imepe ikpe site na web: http://www.cisco.com/c/en/us/support/index.html l Maka nkwado ekwentị: 1-800-553-2447 (US) l Maka nọmba nkwado zuru ụwa ọnụ: https://www.cisco.com/c/en/us/support/web/tsd-cisco-kọntaktị ụwa niile.html

- 24 -

Gbanwee akụkọ ihe mere eme

Ụdị akwụkwọ 1_0

Ụbọchị Ebipụtara Ọgọstụ 18, 2025

Gbanwee akụkọ ihe mere eme
Ụdị nke mbụ nkọwa.

- 25 -

Ozi nwebisiinka
Cisco na akara Cisco bụ ụghalaahịa ma ọ bụ ụghalaahịa edenyere n'akwụkwọ ikikere nke Cisco na/ma ọ bụ ndị mmekọ ya na US na obodo ndị ọzọ. Iji view ndepụta nke Cisco ụghalaahia, gaa na nke a URLhttps://www.cisco.com/go/trademarks. Ighalaahia nke ndị ọzọ akpọrọ aha bụ ihe onwunwe nke ndị nwe ha. Ojiji okwu onye mmekọ anaghị egosi mmekọrịta mmekọrịta dị n'etiti Cisco na ụlọ ọrụ ọ bụla ọzọ. (1721R)
© 2025 Cisco Systems, Inc. na/ma ọ bụ ndị mmekọ ya. Ikike niile echekwabara.

Akwụkwọ / akụrụngwa

Cisco Secure Network Analytics [pdf] Ntuziaka onye ọrụ
v7.5.3, Ntụle netwọkụ echekwara, nyocha netwọkụ echekwara, nyocha netwọkụ, nyocha

Ntụaka

Akwụkwọ ntuziaka onye ọrụ

Ntuziaka njirimara Cisco Secure Network Analytics

Nyocha netwọkụ echekwara

Ozi ngwaahịa

Nkọwapụta:

Ntuziaka ojiji ngwaahịa

Ịhazi netwọk Firewall:

Ịhazi onye njikwa:

Ịgbanyụ metrik ihe ịga nke ọma ndị ahịa:

Ajụjụ (Ajụjụ a na-ajụkarị)

Kedu otu m ga-esi mara ma agbanyere metrik ịga nke ọma ndị ahịa?

Kedu data na-emepụta site na Secure Network Analytics?

Akwụkwọ / akụrụngwa

Ntụaka

Hapụ ikwu

Kagbuo nzaghachi