Hi Rodrigo,
It could be any thing from closed port in firewall to process not running. Assuming FW is not an issue, I'd check it this way
source (was stap down ?) -------------> target (is sniffer up ?)
STAP side:
Run this command
# netstat -na |grep 16016
the output should return "ESTABLISHED" if stap and collector is physically connected
someone may have change STAP_ENABLE to 0 or KTAP_ENABLE to by accident. Both settings are GIM parameters.
==> for root case, collect stap mustgather and include the output in the support ticket.
Appliance side:
GUI > STAP Control , status is red could mean sniffer is down
In 11.2 you have this CLI command you can run: support show service_status all
look for "guard-snif.service active running"
if its not running, do "restart inspection-core"
==> for root cause, collect mustgather sniffer and include the output in the support ticket.
Even if the stap has recovered now you still can collect those mustgather data as they contain historical data.
------------------------------
DEMI SIEW PING LEE
------------------------------
Original Message:
Sent: Thu September 02, 2021 04:03 PM
From: Rodrigo Xavier
Subject: No Traffic Alert Issue
Hi All,
We had an incident with two S-TAP agents where there was no traffic during 72 hours. And we have a No Traffic alert configured, but it didn´t work in this case. No notification alert was sent. Any help?
Thanks,
Rodrigo
------------------------------
Rodrigo Xavier
------------------------------