Technical Documentation
Viewing Auto-Recovery Logs
Purpose
Use recovery-related logs as cues to examine the surrounding traffic logs. The surrounding logs can indicate the type of traffic that caused the failure condition.
In addition, the auto-recovery process is unable to identify the application for buffered sessions. As a result, in processing buffered traffic, the application identification feature is unavailable and application rate limiting cannot be applied. In addition, the latest interval of application volume tracking data is discarded. Keep this in mind when examining application-related logs generated immediately after restart.
Table 1 describes recovery-related logs.
Table 1: Auto-Recovery Logs
Log Message | Description |
|---|---|
IDP instance number successfully recovered. | Verifies successful restart. Success indicates that the IDP engine was restarted with the same device configuration, feature configuration, and security policy that were in place before the restart. |
IDP instance number is detected to be terminated. | Indicates a particular IDP engine has encountered a condition that requires the IDP engine to be terminated and restarted. |
Failed to recover IDP instance number. | Indicates a failure restarting. |
Restarting IDP instance for the nth time. | Indicates that a particular IDP engine has been terminated and restarted a total of number times. |
IDP is being stopped since IDP instance number restarted for nth time. | Indicates that the auto-recovery feature has reached its maximum number of restart attempts before shutting down the IDP Series device. The auto-recovery process makes up to six attempts to restart the failed IDP engine. After six failed attempts, the IDP auto-recovery process issues an idp.sh stop command. If you have enabled internal bypass, the IDP Series device enters bypass. |
Action
Use the NSM Log Viewer filtering features to identify auto-recovery events and examine the surrounding traffic. Auto-recovery logs belong to category Alarm and subcategory Others.
You can also find auto-recovery logs on the IDP Series device
in /var/idp/device/sysinfo/logs/idpinit.date.
