Cisco Support Community

Looking for Tool - Port Security/err-disable

I have implemented port security on our new 3750X's.  Does anyone know, or using, a tool that can report, poll or alert when an interface goes into err-disable and what caused the violation?

Everyone's tags (4)
Hall of Fame Super Silver

Looking for Tool - Port Security/err-disable

A port going into errdisable generates a syslog message. All syslog utilities let you see the messages. The better ones will give you the option of triggering an action (i.e. e-mail you, send SMS message etc.) for syslog messages you are most interested in.

You fist need to send the messages to the server with syslog utility. Then follow that products capability to setup the action. I have done this with Kiwi syslog server (now sold by SolarWinds), the SolarWinds syslog viewer included in Orion NPM, and Cisco Prime LMS.


Looking for Tool - Port Security/err-disable

Thanks Marvin.  I was hoping there was another utility, as well.  We have a syslog server, which does get the syslog messages.  I was hoping for a more proactive response versus a query for the information.  Building trends and such is not a big deal with the syslog data.

Our environment is fairly large with 70 buildings at one location and 15 at another.  Being a University we have students who try different things on the network as well as other "IT" arms doing their own thing.  We have a monitoring tool, Intermapper, but I was hoping there was something else that could be used, or someone else using something better, to give us a real time view, and something that could collect all the data at once and provide a report.

I was not sure if Cisco Prime Infrastructure provided that functionality or not, or if there was another product recommended.

Hall of Fame Super Silver

Looking for Tool - Port Security/err-disable

The tools I mentioned above can provide the alerts either proactively (send e-mail in near real time, display an alert (though you need to be watching the monitor) etc.) or allow for retroactive investigation  (i.e., "What ports went into errdisable last Tuesday on deivces x, y and z?").

Prime Infrastructure doesn't yet have a general purpose syslog tool as of 2.0. Prime LMS does.

CreatePlease to create content