About the Cisco CLI Analyzer

The Cisco CLI Analyzer is a smart SSH client designed to help troubleshoot and check the overall health of your supported device. Features include:

  • System Diagnostics: Utilizes Cisco TAC knowledge in order to analyze the ASA and detect known problems such as system problems, configuration mistakes, and best practice violations.
  • Traceback Analyzer: Attempts to match the root cause of a crash to a known bug if the ASA has experienced a system traceback. If a match is found, the ASA version or versions in which the bug is fixed are provided.
  • Packet Tracer: Allows administrators to send simulated packets through the ASA as a test. If the packet is dropped, the ASA configuration portion or feature that could have contributed to the packet drop is identified.
  • Firewall Top Talkers: Identifies the connections that pass traffic through your ASA that have the highest bit rates.
  • Unused Policy Detector: Looks for unused configuration policies such as unused access-lists, object-groups, and objects. Some of these could also indicate misconfigurations. This tool collects the output of show run and show access-list | excl ^ |elem. The output is uploaded to Cisco for analysis. Full tool functionality is available in ASA releases 9.x and above.
  • IP Route Analysis: Provides analysis of your IPv4 routing table and reports on route instability, route summaries, subnet prefix distribution, and summary of administrative distances for all protocols.
  • Note: Analysis is limited to 100,000 routes. If this limit is exceeded, the tool will not work.

  • BGP Top Talkers: Helps determine which BGP peers have the highest rates of messages sent or received.
  • L2VPN Top Talkers: Helps determine which Layer 2 VPN point-to-point circuits and Bridge-Domains have the highest packet rates.
  • LPTS Top Talkers: Helps determine the types of traffic that are handed off from hardware to software processing and their rates.
  • IOS and IOS-XE Crashinfo Analyzer: Compares the contents of a crashinfo file with known issues in order to determine the cause of the system reset.
  • IOS and IOS-XE Zone Based Firewall Visualizer: Creates a diagram that illustrates the complex and nested zone based firewall policies on the router.
  • IOS-XR L2VPN Service Check: Runs several "show" commands in order to display the status of the L2VPN service on the L2VPN Bridge-Domain or Xconnect that you select.
  • Contextual Help and Highlighting: Provides information based on command outputs in an interactive way. Highlights enable real-time search capabilities in the console window.

Note: You must have a valid Cisco.com account in order to use the Cisco CLI Analyzer. If you do not have a valid Cisco.com account, you must register on the Cisco.com Registration page and associate a Service Contract to your Cisco.com profile.





Table of Contents