Troubleshooting
Problem
Napatech monitoring tools do not function correctly after upgrade to QRadar 7.3.x
Cause
The directory and the tools that are leveraged to monitor Napatech interfaces have changed in 7.3.x installations.
Resolving The Problem
AdapterInfo, DriverLog, LinkTool, Statistics were available in QRadar 7.2.x versions, from within the /opt/napatech/bin directory. However, in QRadar 7.3.x, the new equivalent commands now reside within /opt/napatech3/bin directory.
and
In order to restart the Napatech interface, it's usually best to restart the Qflow and the Napatech3 service by using these commands:
Note: Restarting these services may result in an interruption in log collection. Please plan on a scheduled outage before running these commands.
The Difference between napatech commands for QRadar 7.2.x versions and QRadar 7.3.x versions.
Results
You can now monitor your Napatech card's interface.
Where do you find more information?
The command adapterinfo lists.
-
- Revisions of firmware running on the card.
- The number or ports on the card.
- Maximum values for payload throughput.
-
- Part Numbers.
- Serial numbers.
- Image Builds.
These commands would be used in this manor.
/opt/napatech3/bin/adapterinfo
/opt/napatech3/bin/productinfo and
/opt/napatech3/bin/monitoringIn order to restart the Napatech interface, it's usually best to restart the Qflow and the Napatech3 service by using these commands:
systemctl restart qflow
systemctl restart napatech3Note: Restarting these services may result in an interruption in log collection. Please plan on a scheduled outage before running these commands.
The Difference between napatech commands for QRadar 7.2.x versions and QRadar 7.3.x versions.
| Command | QRadar 7.2.x | QRadar 7.3.x |
| Basic hardware info | /opt/napatech/bin/AdapterInfo -adapter 0 | /opt/napatech3/bin/productinfo |
| Advanced hardware info | /opt/napatech/bin/FpgaImageStatus | /opt/napatech3/bin/adapterinfo |
| Monitoring | /opt/napatech/bin/statistics | /opt/napatech3/bin/monitoring |
Results
You can now monitor your Napatech card's interface.
Where do you find more information?
[{"Type":"SW","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwtcAAA","label":"Hardware"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.2.8;7.3.3;7.4.0;7.4.1;7.4.2"}]
Was this topic helpful?
Document Information
Modified date:
05 May 2021
UID
swg22008823