On-demand Troubleshooting
Operations
On-demand Troubleshooting
Product Documentation
Product Improvements
On-demand Troubleshooting
Operations
On-demand Troubleshooting
Admin | Co-admin | |
---|---|---|
Run on-demand troubleshooting tests | ||
Download PCAP files |
Run on-demand network tests from any agent directly from the dashboard without accessing the host device.
The troubleshooting tab on each agent page enables a SEI Dashboard Admin or Co-admin to instantly run a suite of on-demand troubleshooting tests on any online agent without the need to access the agent or host device.
Following are details about available tests
Begin troubleshooting with real-time network information for the agent.
Static Agents - Linux | Mobile Agents - macOS | Mobile Agents - Windows |
---|---|---|
Interfaces (ifconfig -a) | Interfaces (ifconfig -a) | Interfaces (ipconfig /all) |
Routing Table (ip route show and ip -6 route show) | Interface details (ipconfig getsummary | Routing Table (route print) |
Arp Table (arp -an) | Routing Table (netstat -rn) | Arp Table (arp -a -v) |
IPv6 Neighbor Table (ip -6 neighbor show) | Arp Table (arp -an) | IPv6 Neighbor Table (netsh interface ipv6 show neighbors) |
WIFI Status (using netlink API) | IPv6 Neighbor Table (ndp -an) | WIFI Status (netsh wlan show interface) |
WIFI Status (/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -I) |
Ping test sends ICMP pings to any IP address or domain name
Parameter | Notes | Default |
---|---|---|
Target | Destination Target. All Targets are listed. List may include Target that doesn’t respond to the selected protocol or options. Either a Target or Destination Address is required. | none |
Destination Address | Destination address or domain name. IP address and domain name are acceptable. Either a Target or Destination Address is required. | none |
Count | The number of ICMP ECHO_REQUEST packets. (1 - 1,000) | 3 |
Interval | Wait interval seconds between sending each packet. (1 - 60) | 1 |
IP Version | v4 or v6 is acceptable. [v4, v6] | v4 |
Payload Size | The number of data bytes to be sent. (8 - 10,000) | 48 |
Don’t Fragment | Option for DF (don’t fragment) bit in IP header. | Disabled |
Echo Timeout | Time to wait for a response, in second. (1 - 5) | 1 |
TTL | Time to Live in IPv4 or hop limit in IPv6. If unspecified, a default value is set by the operating system networking stack. (1 - 255) | none |
DSCP | Differentiated Services Codepoint (DSCP) for QoS. | 0 (CS0) |
Local interface IP address to use as source for the Ping | {“Source address used to send the outbound ICMP ping. If unspecified, the agent will bind to 0.0.0.0 (IPv4) or :”=>”(IPv6) by default and the operating system will choose the appropriate local address. It is recommended to leave this empty.”} | none |
Interrogate DNS name servers, and perform DNS lookup that displays the answers that are returned from the name server(s)
Parameter | Notes | Default |
---|---|---|
Query Name | Name of the resource record that is to be looked up. | none |
Query Type | Type of query. [A, AAAA, NS, CNAME, SOA, MX, TXT, SRV] | A |
DNS Server port number | DNS name server’s port number. | 53 |
DNS Server IP Address | DNS name server’s IP address. If unspecified, the agent picks the DNS server configuration on the device. On Linux and Mac, typically this is a local resolver. On windows, a DNS server is picked from the list of configured dns servers. If fetching the configured server fails, fall back to choose 8.8.8.8. | none |
Use TCP instead of UDP | Whether to use TCP or UDP to send the DNS query. | Disabled |
Recursion not desired | Whether to skip recursion desired option to send the DNS query. | Disabled |
Note: If the DNS name server is a proxy DNS that doesn’t support IPv6, a query for type AAAA will not be answered. User may need to change the DNS server that supports IPv6 in that case
**Run multiple tests and view results it the same view. This example shows the results of running UDP, ICMP, and TCP tests in sequence.
Parameter | Notes | Default |
---|---|---|
Target | Destination Target. All Targets are listed. List may include Target that doesn’t respond to the selected protocol or options. Either a Target or Destination Address is required. | none |
Destination Address | Destination address or domain name. IP address and domain name are acceptable. Either a Target or Destination Address is required. | none |
Attempts | Number of attempts to discover unique paths. This value is ignored on Windows agent and 3 is used by default. (1 - 10) | 3 |
IP Version | v4 or v6 is acceptable. [v4, v6] | v4 |
Protocol | Available protocols used for path discovery: | - UDP for Static and macOS |
Parameter | Notes | Default |
---|---|---|
Target | Destination URL. List includes Targets that respond to the HTTP(S) protocol. Either a Target or URL is required. | none |
URL | Destination URL. A scheme (http:// or https://) is mandatory.. Either a Target or URL is required. | none |
IP Version | v4 or v6 is acceptable. [v4, v6] | v4 |
Request Method | HTTP request. [GET, POST, PUT, DELETE] | GET |
Request Headers | HTTP headers to use in the HTTP request. | none |
Request Body | Request body for POST or PUT method | none |
Authentication Method | Authentication method BASIC is supported. If it’s specified, Username and Password are required. [No Authentication, Basic Authentication] | No Authentication |
Local interface IP address to use as source for the Ping | {“Source address used to send the outbound ICMP ping. If unspecified, the agent will bind to 0.0.0.0 (IPv4) or :”=>”(IPv6) by default and the operating system will choose the appropriate local address. It is recommended to leave this empty.”} | none |
Enabling Packet Capture
Step 1: Toggle to Enable Packet Capture
Step 2: Headers Only is checked by default. Check Full Packets to capture all packets while enabled as shown in this image.
Step 3: Set the duration of packet capture - one minute to one hour.
Step 4: Click the start button to begin capturing packets.
Step 5: Download .PCAP file
In This Article