Incidents
The Incidents page provides overall information about the incidents that have occurred on the network.
- Total Incidents bar chart
- Client trends time-series chart
- Incidents Table
The Network Hierarchy filter and Date and Time filter are displayed in the upper-right corner of the Content panel. These options control the elements displayed within the Content Panel. To modify these options, refer to Content Panel.
Total Incidents Bar Chart
Priority | Severity | Color |
---|---|---|
P1 | Critical | Red |
P2 | High | Dark Orange |
P3 | Medium | Orange |
P4 | Low | Yellow |
Client Trends Time-Series Chart
- Blue line: This line represents the new client associations. The client count value includes all unique clients that attempted to connect to the network, including both failed and successful connections.
- Orange line: This line represents the connected clients. The client count value indicates only successfully connected clients to the network.
- Green line: This line represents the impacted clients. The client count value includes the number of clients impacted by the incidents, and it also includes clients who were unable to connect.
Pausing your cursor at any instance on the timeline displays an information box that shows the number of new clients, impacted clients, and connected clients at that time and date. By default, the information about new clients, connected clients, and impacted clients is displayed in the graph. You can hide any of this information displayed in the graph by clicking the New Client Associations, Connected Clients, or Impacted Clients icon at the top of the graph. The information icon that is hidden is displayed in gray.
Incidents Table
Each incident is made up of a number of attributes. Above the table are search fields that allow you to refine the incident list based on your selected search criteria. Incidents that impact multiple nodes of a network hierarchy are grouped together, this group is indicated with a + icon displayed beside the incident severity. Click + icon to expand the group and view more information about other incidents that contribute to the selected incident and information about the parent incident to which the selected incident contributes.
- Severity: Displays the severity of an incident, ranging from P1 to P4 (P1 being the highest priority and P4 the lowest). The severity of an incident is determined by the type of the incident, duration of the incident, number of impacted clients, number of impacted APs, scope of the incident (example: a zone-level incident is more severe than an AP-level incident), and other factors.
- Date: Displays the date and time when the incident started.
- Duration: Displays the duration of the incident.
- Description: Displays a short description of the incident. To view the root cause, click Description attribute. The Incident Description dialog box is displayed. This dialog box displays the incident description and root cause. To view the incident details, click More Details in the Incident Description dialog box. The Incident Details page is displayed. For more information, refer to Incident Details.
- Category: Displays the type of incident such as connection, performance, or infrastructure.
- Sub-Category: Displays
the sub-category of the respective categories (connection, performance, or
infrastructure).
Table 2. Incident Details Based on Categories and Sub-Categories Category Sub-Category Incident Description Scope Connection 802.11 Authentication 802.11 Authentication failures are unusually high in <Scope> AP/AP Group/Zone/Domain/SZ Connection DHCP DHCP failures are unusually high in <Scope> AP/AP Group/Zone/Domain/SZ Connection RADIUS RADIUS failures are unusually high in <Scope> AP/AP Group/Zone/Domain/SZ Connection Association Association failures are unusually high in <Scope> AP/AP Group/Zone/Domain/SZ Connection EAP EAP failures are unusually high in <Scope> AP/AP Group/Zone/Domain/SZ Connection Time To Connect Time to connect is greater than SLA threshold defined in <Zone> Zone Infrastructure Network The controller cluster is sending data with an incorrect future timestamp. SZ Cluster Infrastructure Network The controller cluster is sending data with an incorrect past timestamp. SZ Cluster Infrastructure Service Availability High AP-SmartZone connection failures in <Scope>. AP Group/Zone Infrastructure Service Availability AP service is affected due to high number of AP reboots. AP Group/Zone Infrastructure Service Availability AP service is affected due to high number of AP reboots AP Infrastructure VLAN Mismatch VLAN mismatch found in <Scope> Switch Group Infrastructure PoE PoE power denied in <Scope> Switch Group Infrastructure PoE AP(s) operating in Low Power Mode: <Scope> AP/AP Group/Zone Infrastructure WAN Sub-optimal WAN throughput - speed mismatch between AP and peer device: <Scope> AP/AP Group/Zone Infrastructure Network The network latency between the SZ nodes is unusually high SZ Cluster Performance Coverage Clients with low RSS are unusually high in <Scope> AP Group/Zone Performance Channel Conditions - Sub-optimal channel conditions detected for 2.4 GHz in <Scope>
- Sub-optimal channel conditions detected for 5 GHz (outdoor) in <Scope>
- Sub-optimal channel conditions detected for 5 GHz (indoor) in <Scope>
AP Group Performance Load SZ controller is experiencing unusually high CPU usage. SZ Controller Performance Memory High memory utilization detected in <Scope> Switch Performance Airtime - Airtime Rx is unusually high in 2.4 GHz in <Scope>
- Airtime Rx is unusually high in 5 GHz in <Scope>
- Airtime Rx is unusually high in 6 GHz in <Scope>
Zone Performance Airtime - Airtime Tx is unusually high in 2.4 GHz in <Scope>
- Airtime Tx is unusually high in 5 GHz in <Scope>
- Airtime Tx is unusually high in 6 GHz in <Scope>
Zone Performance Airtime - Airtime Busy is unusually high in 2.4 GHz in <Scope>
- Airtime Busy is unusually high in 5 GHz in <Scope>
- Airtime Busy is unusually high in 6 GHz in <Scope>
Zone - Client Impact: Displays the percentage of clients impacted by the incident.
- Impacted Clients: Displays the number of clients impacted by the incident.
- Scope: Displays the area of the network in which the incident was detected. Pausing your cursor over the scope displays the entire path of the network node.
- Type: Displays the type of incident that occurred. You can view this by selecting the options from the drop-down menu. Options include SZ Cluster, Domain, Zone, AP Group and Access Point.
Click the Export icon () at the top right of the table to export and download the complete incident list in the csv format.
Click the Date attribute to display the Incident Details page for the associated incident. This page displays a detailed report of the specific incident, including the information provided in the Incidents table, as well as root cause analysis and recommended actions, network impact, and associated metrics. For more information, refer to Incident Details.
Mute an Incident
- In the Incidents
Table, click on the radio button to select an incident that
you want to mute.Note: You can mute only one incident at a time.
- Click Mute at the top of the Incidents Table to mute the incident. When an incident is muted, it is hidden in the Incidents Table, and notifications via email and webhook are also muted.
Alternatively, you can mute an incident from its Incident Details page (accessible by clicking the Severity or Date attribute of the incident in the table). Refer to Mute and Unmute an Incident.
View the Muted Incident in the Incidents Table
In the Incidents Table, click the column options icon () and select the Show Muted Incidents check box. The muted incidents are displayed in the Incidents Table with a gray background.
Unmute the Incident
- In the Incidents Table,
click on the radio button to select the muted incident.Note: You can unmute only one incident at a time.
- Click the Unmute icon displayed at the top of the Incidents Table to unmute the incident. When an incident is unmuted, it is visible in the Incidents Table, and notifications via email and webhook are enabled.
Alternatively, you can unmute an incident from its Incident Details page (accessible by clicking the Severity or Date attribute of the incident in the table). Refer to Mute and Unmute an Incident.