Alerting or logging from AnyConnect NAM

Similar Messages

• How to get the job logs from sm35 by using the queue id and session name?

  hi all,
  can any one please let me know how to read the job log from sm35 by using the session name and queue id. i have the job name and job count but is it possible to download the job log by using the queue id and session name.
  FYI..
  i want to read this job log and i want to send it to an email id.
  -> i am using the job_open and submitting the zreport via job name and job count and then i am using the function module  job_close.
  but this is not working in my scenario i have the queue id and session name by using this two i want to get the job log is there any function module available or code please provide me some inputs.
  thanks in advance,
  koushik

  Hi Bharath,
  If you want to download it to the local file then you can follow the instructions in the below link.
  How to download Batch Input Session Log?
  Regards,
  Sachin

• How to get logged in user name from windows service c#

  i use the below code to get logged in user name.
  private string GetLoggedInUser()
  string userName = "";
  if (System.Security.Principal.WindowsIdentity.GetCurrent() != null)
  userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
  return userName;
  just do not understand why it is not giving a logged in user name rather it is return data in this format
  NT AUTHORITY\SYSTEM but i want to get user name.
  i try to run my service as Local Service and local system account but in every case i am getting this string
  NT AUTHORITY\SYSTEM instead of logged in user name.
  so please guide me what to change in code. thanks

  System is the account the service is running under.
  There can be none or many interactive users be logged in. What if none or multiple are logged in? Which one are you referring to then?
  Armin

• Unable to recieve any logs from Sun machine....

  Hi,
  I'm using Sun Solaris v10 and i have problem in receiving logs from sun machine. The syslog server is my windows which i want my sun machine to sends logs to (windows machine is ALIVE on default port 514).
  I have edited the syslog.conf file as:-
  t100: Unknown terminal type
  I don't know what kind of terminal you are on - all I have is 't100'.
  [Using open mode]
  "/etc/syslog.conf" 42 lines, 1098 characters
  #ident  "@(#)syslog.conf        1.5     98/12/14 SMI"   /* SunOS 5.0 */
  # Copyright (c) 1991-1998 by Sun Microsystems, Inc.
  # All rights reserved.
  # syslog configuration file.
  # This file is processed by m4 so be careful to quote (`') names
  # that match m4 reserved words.  Also, within ifdef's, arguments
  # containing commas must be quoted.
  *.err;kern.notice;auth.notice                   /dev/sysmsg
  *.err;kern.debug;daemon.notice;mail.crit        /var/adm/messages
  *.alert;kern.err;daemon.err                     operator
  *.alert                                         root
  *.emerg                                         *
  # if a non-loghost machine chooses to have authentication messages
  # sent to the loghost machine, un-comment out the following line:
  #auth.notice                    ifdef(`LOGHOST', /var/log/authlog, @loghost)
  mail.debug                      ifdef(`LOGHOST', /var/log/syslog, @loghost)
  *.info @192.168.50.253:514
  auth.* @192.168.50.253
  *.debug @192.168.50.253
  *.* @192.168.50.253
  # non-loghost machines will use the following lines to cause "user"
  # log messages to be logged locally.
  ifdef(`LOGHOST', ,
  user.err                                        /dev/sysmsg
  user.err                                        /var/adm/messages
  user.alert                                      `root, operator'
  user.emerg                                      *
  )I even have made en entry at /etc/hosts which is given as:-
  *192.168.50.253 asad loghost*
  All this but my syslog server remains empty of any logs yet.
  Is there a way where i could explicitly make Sun machine to generate logs by invoking some methods......as for now its taking for ever to generate logs by the machine.
  Please rectify this problem as I have reached a dead-end making sense of the logging mechanism proposed by the sun machine.

  Try replacing any space characters in the lines you added to syslog.conf with tabs.

• How to write to windows event logs from determinations-server under IIS

  This is just an FYI technical bit of information I wish someone had shared with me before I started trying to write OPA errors to the windows event log... Most problems writing to the windows event log from log4net occur because of permissions. Some problems are because determinations-server does not have permissions to create some registry entries. Some problems cannot be resolved unless specific registry entry permissions are actually changed. We had very little consistency with the needed changes across our servers, but some combination of the following would always get the logging to the windows event log working.
  To see log4net errors as log4net attempts to utilize the windows event log, temporarily add the following to the web.config:
  <appSettings>
  <!-- uncomment the following line to send diagnostic messages about the log configuration file to the debug trace.
  Debug trace can be seen when attached to IIS in a debugger, or it can be redirected to a file, see
  http://logging.apache.org/log4net/release/faq.html in the section "How do I enable log4net internal debugging?" -->
  <add key="log4net.Internal.Debug" value="true"/>
  </appSettings>
  <system.diagnostics>
  <trace autoflush="true">
  <listeners>
  <add
  name="textWriterTraceListener"
  type="System.Diagnostics.TextWriterTraceListener"
  initializeData="logs/InfoDSLog.txt" />
  </listeners>
  </trace>
  </system.diagnostics>
  To add an appender for the windows event viewer, try the following in the log4net.xml:
  <appender name="EventLogAppender" type="log4net.Appender.EventLogAppender" >
  <param name="ApplicationName" value="OPA" />
  <param name="LogName" value="OPA" />
  <param name="Threshold" value="all" />
  <layout type="log4net.Layout.PatternLayout">
  <conversionPattern value="%date [%thread] %-5level %logger [%property{NDC}] - %message%newline" />
  </layout>
  <filter type="log4net.Filter.LevelRangeFilter">
  <levelMin value="WARN" />
  <levelMax value="FATAL" />
  </filter>
  </appender>
  <root>
  <level value="warn"/>
  <appender-ref ref="EventLogAppender"/>
  </root>
  To put the OPA logs under the Application Event Log group, try this:
  Create an event source under the Application event log in Registry Editor. To do this, follow these steps:
  1.     Click Start, and then click Run.
  2.     In the Open text box, type regedit.
  3.     Locate the following registry subkey:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application
  4.     Right-click the Application subkey, point to New, and then click Key.
  5.     Type OPA for the key name.
  6.     Close Registry Editor.
  To put the OPA logs under a custom OPA Event Log group (as in the demo appender above), try this:
  Create an event log in Registry Editor. To do this, follow these steps:
  1.     Click Start, and then click Run.
  2.     In the Open text box, type regedit.
  3.     Locate the following registry subkey:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog
  4.     Right-click the eventlog subkey, point to New, and then click Key.
  5.     Type OPA for the key name.
  6.     Right-click the new OPA key and add a new DWORD called "MaxSize" and set it to "1400000" which is about 20 Meg in order to keep the log file from getting too large.
  7.     The next steps either help or sometimes cause an error, but you can try these next few steps... If you get an error about a source already existing, then you can delete the key.
  8.     Right-click the OPA subkey, point to New, and then click Key.
  9.     Type OPA for the key name.
  10.     Close Registry Editor.
  You might need to change permissions so OPA can write to the event log in Registry Editor.  If you get permission errors, try following these steps:
  1.     Click Start, and then click Run.
  2.     In the Open text box, type regedit.
  3.     Locate the following registry subkey:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog
  4.     Right-click the EventLog key, select Permissions.
  5.     In the dialog that pops up, click Add...
  6.     Click Advanced...
  7.     Click Locations... and select the current machine by name.
  8.     Click Find Now
  9.     Select both the Network user and IIS_IUSERS user and click OK and OK again. (We never did figure out which of those two users was the one that fixed our permission problem.)
  10.     Change the Network user to have Full Control
  11.     Click Apply and OK
  To verify OPA Logging to the windows event logs from Determinations-Server:
  Go to the IIS determinations-server application within Server Manager.
  Under Manage Application -> Browse Application click the http link to pull up the local "Available Services" web page that show the wsdl endpoints.
  Select the /determinations-server/server/soap.asmx?wsdl link
  Go to the URL and remove the "?wsdl" from the end of the url and refresh. This will throw the following error into the logs:
  ERROR Oracle.Determinations.Server.DSServlet [(null)] - Invalid get request: /determinations-server/server/soap.asmx
  That error should show up in the windows event log, OR you can get a message explaining why security stopped you in "logs/InfoDSLog.txt" if you used the web.config settings from above.
  http://msdn.microsoft.com/en-us/library/windows/desktop/aa363648(v=vs.85).aspx
  Edited by: Paul Fowler on Feb 21, 2013 9:45 AM

  Thanks for sharing this information Paul.

• How to get current logged-in user name in data access driver or in universe

  In universe, to get the current log in user is via @Variable('BOUSER').
  Right now, I need to be able to get the user name in the data access driver. I am writing a customized data access driver because we need to patch some where clause on the the query generated by the universe based on the logged-in user info. I only think of using end_sql parameter or adding an universe level filter to patch the @Variable('BOUSER') to the query, which would not work if user want to use customized query.
  Can anyone tell me how to get currentBO user name from connection server ? or how @Variable('BOUSER') is translated into the logged-in user name in the universe?

  I do not know your EJB Service. But you should pass the credentials of the current logged on portal user to your service. That's not by default I think.
  I had a similar problem with CAF developed webservices. I had to turn on permission checks in my web service and passed the credentials via logon ticket.
  Regards, Bernd

• Login scripts not running with AnyConnect NAM and ISE 1.2

  I am using AnyConnect 3.1 NAM as my 802.1x supplicant for ISE 1.2.  When users log in with EAP Chaining (User and Machine Auth), the login script seems hit or miss on if it runs to map their drives.  If I uninstall the NAM client, they map drives every time.  I would think that running a login script to map drives is a common scenario and I was wondering if anyone else using AnyConnect NAM was having similar issues or how they were dealing with it.

  I have the same issue and I solve the issue with change these parameters.
  1.- You must change on configuration profile "before user logon". I have 5 seconds
  2.- You must change on configuration profile  "port authentication Exception policy" and you must enable checkbox "enable port exceptions" and select "allow data traffic before authentication"
  3.- You must enable in the option of interface Ethernet Intel on PC "Wait for link" this option It's in "configured advanced of Intel. You must select "on" in this option.
  4.- (this recommendation it was by Cisco) 
  Active Direct GPO has a setting "Computer Configuration\Administrative
  Templates\System\Logon\ Always wait for the network at computer startup and logon" that
  can be enabled to make the logon scripts wait till 802.1x authentication is completed.
  With those changes the logon script run fine.
  Regards
  David.

• After effects alert last log message

  What to do when I get this message when opening after effects cs6?
  cs6 after effects Alert last log message was: <140735200987488> >GPUManager> <2>Sniffer Result Code: 3. Generating crash log, which may take a few minutes.
  I just cannot open after effects anymore.

  Hi,
  Now I here again, my Mac os X version is 10.7.5
  Prosessor is 2.66ghz intel core 2 duo
  memory 4gt 1067 mhz DDR3
  Graphic card: NVIDIA GeForce 9400 256 MB
  After effects version is 11.0 if I am checking it right
  I have used after effects about three mounths and suddenly it just quiet working. That´s not good for my work. Luckily I got almost everything in premiere pro. Because I can´t even use files from AE in Premiere pro.
  I have rebooted machine.
  I haven´t reinstall AE yet. I will.
  How do I trash preferences and from where? I cannot open AE at all.

• B2B identifying TP from file name and not Interchange

  We want B2B to identify trading partner from ISA/GS segment, but B2B is taking it from file name. We have property oracle.tip.adapter.b2b.edi.identifyFromTP set to "Interchange". As I understand based on the tip.property it should always take from the ISA/GS segment in dat file.
  We also have Trading Partner Identification Type set to EDI Interchange ID while setting up trading partner and it is set to the same value as Interchange Receiver Id in the Document Protocol.
  Anyone has any ideas?
  Thanks

  Hello Venkat,
  ideally this should work. Guess you have not restarted b2b after changing the tip.properties. If you still have issues, please raise an SR and also send the b2b.log in DEBUG mode.
  Rgds,Ramesh

• Capturing Application Error log from SXMB_Moni

  Hi,
  I wanted to capture the error information from Application error log from ECC sxmb_moni and forward that as email alert.
  We have already alert configuration in place with alert category using standard variables. Was wondering if I have to capture application error log from sxmb_moni what would be steps involved. Please let me know if anybody has worked on this and appreciate your help on this.
  Sample Error message from sxmb_moni of ECC system
  MT_Fault
  Error in Application System
  Detailed Information
  Process Order invalid
  Thanks
  Selvam
  Edited by: Selvam_muthu on Jun 23, 2011 5:40 PM

  Hi Selvam,
  As the exception is raised in ECC system, alert cannot be trigger, alert will get trigger when there is a error in PI system. To raise a email, write additional code in ECC to trigger the e-mail with proper error content

• How to capture content activity log from DMP?

  Hi There,
  I try to implement content activity log from DMP. The information that I want to get are DMP IP, Conent File Name (video or jpg file), open date/time. The only way that I can do is sending http command direct to DMP (http.file via port 7777).
  Is it possible to implement Syslog server to get those information from DMP?
  Thank you
  Panya

  Hi Panya,
  There is a feature called "Proof Of Play" which was created exactly to track what the DMPs are playing, you can find the documentation at the following link:
  http://www.cisco.com/en/US/docs/video/digital_media_systems/5_x/5_2/dmm/user/guide/signs/proof.html
  Is this what you are looking for?
  Best Regards,
  Marco

• Abrupt increase in alert SID .log file size

  alert<SID>.log file is abrubtly increasing in size which is in process filles up a disk space, hence further no DB login.
  I shutdown the database, took a bakup of the alert log file, nullified the alert log ( using cat /dev/null > alert.log) and started up the database.
  As of now, its okay, but can I nullify this alert log file while the database is up and running..???

  It is better to write a simple shell script to housekeep the alert.log.
  Below is an example
  if [ `ls -al $ALERTLOG | awk '{print $5}'` -gt 2500000 ]
  then
  cp -p $ALERTLOG $ALERTLOG.`date +%d%m%y`
  cat /dev/null > "$ALERTLOG
  gzip $ALERTLOG.`date +%d%m%y`
  find "$ALERTLOGFOLDER "-name *.gz -mtime +10 -print -exec rm {} \;"
  fi
  Also, you need to housekeep adump, bdump, cdump ... etc folders

• Anyconnect NAM, does not disable windows wireless supplicant

  I am having some issues with anyconnect nam for wireless. When i install nam with a profile, my wireless works fine, and authenticates as it should, no problem there. I can however not figure out how to get nam to remove the built-in windows supplicant in the tray, which shows me a tray icon, where a user can browse the list of SSID's currently broadcasted, i only want the nam supplicant's own list of ssid's to be shown. Any suggestion on how to accomplish this ?

  Jan,
  http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/administration/guide/ac04namconfig.html
  Windows Network Status Task Tray Icon
  Network Access Manager overrides Windows network management. After  installing Network Access Manager,  the Windows networking icon in the  task bar may confuse users, because the user can no longer use the  network status icon to connect to networks.
  You can remove the Windows network icon from the task bar by setting  'Remove the networking icon' in a Windows group policy. This setting  only affects the tray icon, the user can still create native wireless  networks using  the Control Panel.
  **Share your knowledge. It’s a way to achieve immortality.
  --Dalai Lama**
  Please Rate if helpful.
  Regards
  Ed

• Specifying Client Auth Cert in Anyconnect NAM

  Hi guys,
  Currently i have set up an SSID which uses EAP-FAST to perform user certificate authentication against an Identity store in ISE connected to AD. On the client devices I have install the Anyconnect NAM to act as the dot1x supplicant and have been in the process of setting up the profile using the Anyconnect Profile Editor.
  The issue that I am having is users on the network have several certs assigned to them from AD. Orindarily it the NAM just prompts the user to select the correct certificate when they attempt to connect, which is not feasible.
  Can I configure the NAM to use a specific user Cert to authenticate to the SSID (without prompting the user on connection)? And if so how?
  Thanks

  Hello Evan,
  Please check the following Cisco doc for specifying client auth cert in anyconnect. Hope it helps!
  http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect24/administration/guide/ac02asaconfig.html

• I am unable to reach the my content page of mysites from the name link within my site collection

  For some reason I am no longer able to get to the personal mysites page from within our site collection. My name appears at the top right and it has an option for setting which leads to some minimal page but I can no longer use this to get to the actual
  mysites page. Is there a setting I am missing that allows this to happen?

  Hi,
  According to your post, my understanding is that you failed to reach the content page of mysites from the name link within site collection.
  As this issue is always related to the inadequacy configuration about the MySite, you need to make sure that you had configured correctly with your MySite. You can refer to:
  http://technet.microsoft.com/en-us/library/ee624362(v=office.14)
  What’s more, you can also check with the following steps.
  Make sure the Web site for MySites in IIS is started.
  Make sure the App pool is running
  Use ULSVIEWER to check your Sharepoint ULS logs for the issue.
  There are two similar articles for your reference.
  http://blogs.msdn.com/b/jorman/archive/2009/01/19/sharepoint-my-site-link-stops-redirecting-users-to-their-personal-site.aspx
  http://sharepoint.stackexchange.com/questions/59434/sharepoint-my-profile-404-not-found
  Thank you for your understanding.
  Best Regards,
  Linda Li
  Linda Li
  TechNet Community Support