Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

C-87

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Appendix C Troubleshooting

Gathering Information

Understanding the show tech-support Command

The show tech-support command captures all status and configuration information on the sensor and

includes the current configuration, version information, and cidDump information. The output can be

large, over 1 MB. You can transfer the output to a remote system. For the procedure for copying the

output to a remote system, see Displaying Tech Support Information, page C-87.

Note Always run the show tech-support command before contacting TAC.

Displaying Tech Support Information

Note The show tech-support command now displays historical interface data for each interface for the past

72 hours.

Use the show tech-support [page] [destination-url destination_url] command to display system

information on the screen or have it sent to a specific URL. You can use the information as a

troubleshooting tool with the TAC.

The following parameters are optional:

• page—Displays the output, one page of information at a time. Press Enter to display the next line

of output or use the spacebar to display the next page of information.

• destination-url—Indicates the information should be formatted as HTML and sent to the

destination that follows this command. If you use this keyword, the output is not displayed on the

screen.

• destination_url—Indicates the information should be formatted as HTML.The URL specifies where

the information should be sent. If you do not use this keyword, the information is displayed on the

screen.

• You can specify the following destination types:

–

ftp:—Destination URL for FTP network server. The syntax for this prefix is:

ftp://[[username@location]/relativeDirectory]/filename or

ftp://[[username@location]//absoluteDirectory]/filename

–

scp:—Destination URL for the SCP network server. The syntax for this prefix is:

scp://[[username@]location]/relativeDirectory]/filename or

scp://[[username@]location]//absoluteDirectory]/filename

Varlog Files

The /var/log/messages file has the latest logs. A new softlink called varlog has been created under the

/usr/cids/idsRoot/log folder that points to the /var/log/messages file. Old logs are stored in varlog.1 and

varlog.2 files. The maximum size of these varlog files is 200 KB. Once they cross the size limit the

content is rotated. The content of varlog, varlog.1, and varlog.2 is displayed in the output of the show

tech-support command.

previous next