Using the ACL Drops graphs
Use the ACL Drops graphs to monitor drops due to SPP ACL rules. Note, some drops due to Global ACL rules may appear in SPPs including the default SPP.
Customize the graph with the following viewing parameters: SPP, Reporting Period (1-hr to 1-yr), Linear/Logarithmic Y-Axis.
Placing the cursor on the Monitor graph will display a tool-tip with additional information.
Before you begin:
- You must have Read permission for the Monitor menu.
- Refer to Reading Monitor graphs to understand the graphs in detail.
To display the graph:
- Go to Monitor > SPP > ACL Drops Tab > [SPP] [Aggregate/Layer 3/4/7] [Y-Axis View] [Reporting Period].
|
Statistic |
Description |
|---|---|
|
Aggregate |
|
|
Layer 3 |
An aggregation of drops due to ACL rules based on Layer 3 parameters. |
|
Layer 4 |
An aggregation of drops due to ACL rules based on Layer 4 parameters. |
|
Layer 7 |
An aggregation of drops due to ACL rules based on Layer 7 parameters. |
|
Layer 3 |
|
|
Fragmented Packet Denied Drops |
Drops due to Service ACL for UDP, TCP and/or Other Protocols Fragment. |
|
IP Reputation Denied |
Drops due to ACL rules based on IP Reputation active Subscription settings in IP Profile |
|
IP Multicast |
Drops due to ACL rules based on IP Multicast Check setting in IP Profile assigned to the SPP. |
|
IP Private Denied |
Drops due to ACL rules based on IP Private Check setting in IP Profile assigned to the SPP. |
|
Layer 4 |
|
|
Aggregate |
Aggregate Layer 4 drops due to SPP ICMP Type/Code and other ACL |
|
ACL Rule Drops |
Drops due to SPP ACL rules |
|
Layer 7 |
|
|
Aggregate |
Aggregate drops due to rules for
|
|
HTTP |
Drops due to HTTP ACL rules for:
|
|
DNS |
Drops due to DNS ACL rules for:
|
|
NTP |
NTP Reflection Deny Drops from Reflection Deny feature in an NTP Profile. |
|
DTLS |
DTLS Reflection ACL Drops from Reflection Deny feature in a DTLS Profile. |
|
QUIC |
|