Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Verifying the APE Rulebase

    Purpose

    When you are initially verifying APE rulebase functionality in your lab, you can use the scio utility to view APE-related process statistics. The counters should increase or decrement in accordance with your test load.

    Action

    To view APE-related statistics in the CLI:

    1. Log into the CLI as admin and enter su - to switch to root.
    2. Use the commands described in the following table to verify APE rulebase functionality.

    Table 1: APE-Related scio Commands

    Command Syntax

    Usage and Examples

    scio ape-stats s0

    Displays counts related to the APE rulebase rules where the action has been set to Rate Limit. For each applicable rule, the counter displays the rate limit, current utilization, and dropped packet count for both client-to-server (c2s), server-to-client (s2c) flows.


    [root@defaulthost admin]# scio ape-stats s0
    Rule  C2S(Mb)  S2C(MB)  C2S bytes   S2C bytes  C2S pkts   S2C pkts C2S D-pkts  S2C D-pkts C2S-flows S2C-flows
    1         100          10             2622002        1234           75615        123           73866           0                   1           1 
    

    scio var -s s0 sc_ape_flow_table

    Displays the flow table for any current sessions where the rate-limit action is applied:


    [root@defaulthost admin]# scio var -s s0 sc_ape_flow_table
    sc_ape_flow_table:
    |   Source IP   |  Port | Destination IP |  Port |FSt| Dir |Xtra info| VLAN | Timeout | Rule-index |
    |---------------+-------+----------------+-------+---+-----+---------+------+---------+----------- |
    [10.10.0.227       1050] [67.99.176.30        80]  R   CTS  Estblshd  0      3589/3600  1
    [67.99.176.30        80] [10.10.0.227       1050]  R   STC  Estblshd  0      3589/3600  1
    [10.157.5.2        1722] [10.157.6.234        80]  R   CTS  Estblshd  0      3586/3600  1

    Tip: You can also use sctop to view the flow table for sessions where matching APE rate-limit rules. With sctop, use the -o option.

    Note: Collection of APE statistics is disabled by default. Use the following command to turn on collection:


    scio const -s s0 set sc_enable_ape_stats 1

    To view APE-related logs in NSM:

    1. In the NSM navigation tree, select Investigate > Log Viewer > Predefined.
    2. Click Traffic to display the predefined view of traffic logs, where APE logs are collected.
    3. Use NSM sorting and filtering features to locate APE-related logs.

    Published: 2011-02-08