Administration › Administration Page Reference › Incident Responses - Trace Route Investigation

Incident Responses - Trace Route Investigation

Use a Trace Route investigation to record the path and each hop between the monitoring device and end-points to detect latency and routing issues, and optionally, SNMP poll each router for its performance information. To SNMP poll each hop along the path, you do not need to add network devices to the management console.

To filter temporary incident conditions, edit the thresholds for Duration and Severity.

You can assign a Trace Route investigation to a network incident response. If the server that hosts the application is monitored by a CA Standard Monitor, the management console launches this investigation from the monitoring device that monitors the server. Otherwise, the management console launches the investigation from the management console.

Frequently Asked Questions

• How does a Trace Route investigation work? During a network incident, the management console will begin a Trace Route investigation from the monitoring device and attempt to reach a device on the subnet in question, the network with the incident. If the subnet is a /24 or is more specific, an IP address in the subnet is used as a target; the management console must have collected response time data for this address. If the subnet is less specific than a /24, the management console picks an address in the subnet range using another method. If within the Trace Route action properties, the option "Investigate Routers via SNMP" is enabled, then the trace route is performed first, and afterwards, the list of network devices in the route is used for SNMP investigation. If the management console discovers a valid SNMP profile, the management console queries the device for its performance information, which is included in the investigation results.

Property Details

Complete the following fields:

Minimum Conditions for Taking Action

Specify the minimum severity and duration required for the management console to launch the responsive action. Both criteria must be met for the management console to launch the responsive action.

Severity

Choose an option to specify the incident severity that is required for the management console to launch the responsive action:

• Minor
• Major
• Unavailable

Duration

Choose a threshold, in minutes, for the consecutive amount of time that the same Network or Server metric threshold must be violated for the management console to launch the responsive action.

For example, if Network Round Trip Time (NRTT) is Minor at 1:20, the management console opens a network incident. If NRTT is Minor again at 1:25, and the Duration for the responsive action is 10 minutes, the management console can launch the responsive action.

Trace Route Options

Protocol

Protocol of TCP or ICMP. When configured to run a TCP trace route, the TCP trace route actually uses the TCP port of the applications being monitored for the outbound traffic, and ICMP TTL Expired messages for the return to indicate the router along the path that killed the outbound packet.

Packet size

Packet size of from 32 to 8192 bits.

Retries

Number of retries from 1 to 20.

Route Searches

Number of times that the management console should attempt to find additional routes from 1 to 10.

Timeout

Timeout value of from 1 to 10 seconds.

Investigate Routers via SNMP

Whether to investigate routers through SNMP: Yes or No.

More information:

How Incident Responses Work