How to run a report to show Unknowns
Has anyone figured out how to get the Unix ( aix, Linux, Solaris ) issues fixed in 4.0? I have over 1200 unknown devices and 3/4 of them are of the Unix flavors. Also is there a way to run a report that shows the unknowns?
I can answer your question about how to get a report of Unknown but not your first question.
From the console select Overview | System Configuration | Devices | Manage Monitoring Devices
Select Attribute as NIC Properties / Device Type
Select Comparison as IN
Select Criteria as Unknown
Click Apply and then use the Report button at bottom of page.
The lsmaint command has a 'scanUnknown' switch which will generate data for all unknown devices and events on the system. You can then send those to Support for investigation.
I have received a couple of different lsmaint commands from support to dump out all undefined events, you could try these.
Retrieve only undefined message from n.n.n.n device ip for time range of start and end time of collecti.
lsdata -events syslog -time start end -devices n.n.n.n(undefined) > e:\undefined.unx
To output ALL events from a device, taking into account that it could be a Multi-device, use this command:
lsdata -d 0 -time 201105261200 201105261500 -devices "*:22.214.171.124" > e:\unknown.unx
The below lsdata command can be used to extract the raw data of all the unknown devices.
lsdata -events syslog -time 201203261230 201203261400 -devices unknown >c:/unknown.unx
It is not possible to create report either via Create New Query or through any of the ADHOC Categories. Since the parsers are not available for unknown devices, the same can be established apart from extracting raw data.......