Administrator Guide for Cisco Trust Agent, Release 2.1, Without Bundled Supplicant
ctastat Diagnostic Tool
Download this chapter
ctastat Diagnostic Toolctastat Diagnostic Tool
Download the complete book
Administrator Guide for Cisco Trust Agent, Release 2.1, Without Bundled SupplicantAdministrator Guide for Cisco Trust Agent, Release 2.1, Without Bundled Supplicant (PDF - 2 MB)
 Feedback

Table Of Contents

ctastat Diagnostic Tool

Running the ctastat Utility

Running ctastat on a Linux Operating System

Running ctastat on a Mac OS X Operating System

Running ctastat on a Windows Operating System

ctastat Utility Output

General CTA Information

Session Information

Plugins Information

ctastat Utility Sample Output


ctastat Diagnostic Tool

CTA provides a utility for administrators to retrieve diagnostic information from CTA. This information includes a snapshot of the communication taking place between ACS and CTA. You can view posture information using this utility, including the last time a posture check was performed.

If you are troubleshooting an issue on a system, Cisco support (TAC) may ask you to run ctastat to retrieve information. You must be working locally on the system in order to run ctastat.

This appendix contains these sections:

Running the ctastat Utility

Running ctastat on a Linux Operating System

Running ctastat on a Mac OS X Operating System

Running ctastat on a Windows Operating System

ctastat Utility Output

General CTA Information

Session Information

Plugins Information

ctastat Utility Sample Output

Running the ctastat Utility

The ctastat utility runs using a command line interface (CLI). The utility is available for both Windows and Linux operating systems.

Running ctastat on a Linux Operating System

Step 1 Open a terminal window.

Step 2 Change the directory to the /opt/CiscoTrustAgent/sbin directory.

Step 3 At the prompt type ./ctastat and press <Enter>. ctastat displays its output in the terminal window.

Running ctastat on a Mac OS X Operating System

Step 1 Open a terminal window.

Step 2 Change the directory to the /opt/CiscoTrustAgent/sbin directory.

Step 3 At the prompt type ./ctastat and press <Enter>. ctastat displays its output in the terminal window.

Running ctastat on a Windows Operating System

Step 1 Open a command prompt window.

Step 2 Change the directory to the Program Files\CiscoSystems\CiscoTrustAgent directory.

Step 3 At the prompt type, ctastat.exe and press <Enter>. ctastat displays its output in the terminal window.

ctastat Utility Output

The output from the ctastat command provides general information about CTA, session information which describes the communication between CTA and ACS, and plugin information which summarizes the status of the posture plugins running on the system.

For an example of a ctastat output see, Example A-1 and Example A-2.

General CTA Information

The general CTA information provided in ctastat output is the local time the statistics were collected and the CTA version running on the system. Example A-1 shows that the local time ctastat run was Friday, September 16, 2005 at 15:49:06. The CTA version is 2.0.0.26.

Session Information

The session information describes the communication between CTA and ACS.Table A-1describes the fields in the Session Information area of the output.

Table A-1 Session Information fields from ctastat output 

Field name
Description

Session Number (Hex)

Session identification number

Session Type

Indicates communication using 802.1x or EAP over UDP (EoU) protocol.

IP Address

IP address and port id of Router/Switch when using EAP over UDP protocol.

Local MAC Address

MAC addresses of local network card when using 802.1x protocol.

Remote MAC Address:

MAC addresses of Router (or Switch) when using 802.1x protocol.

System Posture Token Value

Last reported posture token of overall system.

Received on

Time last system posture token was received.

Total Postures Received

Number of posture requests received.

Last SQ Response

Value of last status query response.

Plugin Vendor/Application:

Identifying number of plugin vendor and application. Value correlates with the information in the Plug-ins section of output.

Application Posture Token Value

Posture of the application

Received

The time the application posture token was received.

Posture Request last received

The last time the application posture credentials were requested.

Length of last response to posture request

Length of response to posture credential request measured in bytes.

Sent

The time the posture credentials were received.


Plugins Information

In the Plugins section of the ctastat output, the product vendor and application ID are listed. These numbers correlate with the information in the PluginVendor/Application field in the Session Information output.

ctastat Utility Sample Output

Example A-1 ctastat output for 802.1x connection between CTA and Cisco Secure ACS

CTA Statistics Reporting Tool 

Cisco Trust Agent Statistics

Current Time: Fri Sep 16 15:49:06 2005

CTA Version: 2.0.0.26


Session Information

    Session Number (Hex): 02000000

        Session Type: 802.1X

            Local MAC Address: 0050DA2C7EBD

            Remote MAC Address: 00115DBE2BFF

        System Posture Token Value: Healthy

            Received on: Fri Sep 16 15:48:14 2005

            Total Postures Received: 2

        Plugin Vendor/Application: 9/1

            Application Posture Token Value: Healthy

                Received: Fri Sep 16 15:48:14 2005

            Posture Request last received: Fri Sep 16 15:48:14 2005

                Length of last response to Posture Req: 20

                Sent: Fri Sep 16 15:48:14 2005


Plug-ins:

    Vendor: Cisco Systems

        Application ID: 1

            Status: Operational

        Application ID: 2

            Status: Operational

Example A-2 ctastat output for EAP over UDP connection between CTA and Cisco Secure ACS 

CTA Statistics Reporting Tool


Cisco Trust Agent Statistics

Current Time: Tue Sep 27 19:11:18 2005

CTA Version: 2.0.0.26


Session Information

    Session Number (Hex): 01000000

        Session Type: EOU

            IP Address: 8.8.0.1:21862

        System Posture Token Value: Healthy

            Received on: Mon Sep 26 11:42:14 2005

            Total Postures Received: 12

        Last SQ Response was "No Status Change"

        Plugin Vendor/Application: 9/1

            Application Posture Token Value: Healthy

                Received: Mon Sep 26 11:42:14 2005

            Posture Request last received: Mon Sep 26 11:42:14 2005

                Length of last response to Posture Req: 49

                Sent: Mon Sep 26 11:42:14 2005

        Plugin Vendor/Application: 9/2

            Posture Request last received: Mon Sep 26 11:42:14 2005

                Length of last response to Posture Req: 39

                Sent: Mon Sep 26 11:42:14 2005


Plug-ins:

    Vendor: Cisco Systems

        Application ID: 1

            Status: Operational

        Application ID: 2

            Status: Operational