SmartView Monitor Commands

In This Section:

Overview

Description The rtm command and all its derivatives are used to execute SmartView Monitor operations.

rtm debug

Description Send debug printouts to the $FWDIR/log/rtmd.elg file.

Usage rtm debug <on | off> [OPSEC_DEBUG_LEVEL | TDERROR_<AppName>_<Topic>=<ErrLevel>]

Syntax

Parameter	Description
`on`	Start debug mode
`off`	Stop debug mode
`OPSEC_DEBUG_LEVEL`	Turn on OPSEC debug printouts
`TDERROR_RTM_ALL`	Turn on SmartView Monitor debug printouts

rtm drv

Description Start, stop or check the status of the SmartView Monitor kernel driver.

Usage rtm drv <on | off | stat>

Syntax

Parameter	Description
`on`	Start the SmartView Monitor kernel driver
`off`	Stop the SmartView Monitor kernel driver
`stat`	SmartView Monitor kernel driver status

rtm monitor

Description

Starts the monitoring process for an interface or a virtual link.

If options and grouping are not used, this command monitors all traffic, on all interfaces, in both directions.

Syntax

rtm monitor {<module_name> [<interface_name>] | <module_name>-filter ["<complex filter>"] | -v <virtual_link_name>} [<options>] [-g <grouping> <entity-1>...<entity-n>]

Parameter		Description

module-name		The name of the SmartView Monitor module.
interface-name		The name of the monitored interface.
"<complex filter>"		Boolean regular expression to match traffic to be monitored.
virtual_link_name		The name of the monitored Virtual Link.
grouping		`svc` \| `src` \| `dst` \| `ip` \| `fgrule` \| `topsvc` \| `topsrc` \| `topdst` \| `topip` \| `topfw` \| `topfgrule`
`svc`	Monitors according to a service.
`src`	Monitors according to a network object (source only).
`dst`	Monitors according to a network object (destination only).
`ip`	Monitors according to a network object (source and destination).
`fgrule`	Monitors according to a QoS Policy rule.
`topsvc`	Monitors the traffic of the top 50 services.
`topsrc`	Monitors the traffic of the top 50 sources.
`topdst`	Monitors the traffic of the top 50 destinations.
`topdst`	Monitors traffic to and from the top 50 IP addresses (source of destination).
`topfwn`	Monitors according to the top 50 Firewall rules.
`topfgrule`	Monitors according to the top 50 QoS Policy rules.

Options	Description
`-a`	`aggregate` (default) - Shows connections as a group. `individual` - Shows individual connections.
`-w`	`bandwidth` (default) - Shows effective bandwidth. `loss` - Shows the difference between the transmission rate and the receiving rate. `rtt -` Shows the time required to travel between two endpoints.
`-t`	`wire -` Shows the data on the wire after compression or encryption. `application -` Shows the data as the application sees it (not compressed and not encrypted).
`-i`	<number of seconds> Default: `2`
`@@`	Specifies a sub-rule (for example, '`rule@@subrule`')
`-d`	Specifies the monitor direction. Valid values for an interface: `- inbound` `- outbound` `- eitherbound` Valid values for a virtual link: `- a2b` - endpoint A to endpoint B `- b2a` - endpoint B to endpoint A `- a2b_b2a` - both directions
`-y`	Specifies the units of bandwidth (when -w = bandwidth) `- bytes` (default) `- pkts` `- line`
`c`	Indicates the number of new connections opened per second.
`C`	Average concurrent connections (use with a grouping value).
`-p`	Specifies whether or not thousands will be separated by commas.

Examples

This command shows monitoring data in bytes-per-second for the top 50 services passed on all interfaces in both directions: rtm monitor localhost -filter -g topsvc

This command shows monitoring data in concurrent connections for the top 50 sources inbound to interface eth0: rtm monitor localhost -filter "[and[[interface 0 [[eth0in]]][svc 1 [telnet http]]]" -y C -g topsrc

This command shows monitoring data in bytes-per-sec for the top 50 services passed on interface hme1: rtm monitor localhost hme1 -g topsvc -y b

Comments

The specified entities correspond to the specified grouping option. For example, if the monitoring process works according to a service (svc), add all the monitored services, separated by a space.

To monitor for the QoS Policy, use rule@@fgrule

rtm rtmd

Description Start the SmartView Monitor daemon manually. This also occurs manually when rtmstart is run.

Usage rtm rtmd

rtm stat

Description Display the general SmartView Monitor status. In addition, it displays the status of the daemon, driver, opened views and active virtual links.

Usage rtm stat [flavor(s)] [-h] [-v[v][v]]

Syntax

Parameter	Description
`-h`	Help
`-v`	Verbose
`vl`	Current virtual links
`view`	Current views

rtm ver

Description Display the SmartView Monitor version.

Usage rtm ver [-k]

Syntax

Parameter	Description
`-k`	Displays the SmartView Monitor kernel version.

rtmstart

Description Load the SmartView Monitor kernel module and starts the SmartView Monitor daemon.

Usage rtmstart

rtmstop

Description Kill the SmartView Monitor daemon and unloads the SmartView Monitor kernel module.

Usage rtmstop