Troubleshoot traffic simulation queries

All traffic simulation queries in AFA are based on information provided by the graphic network map. AFA enables you to use the map to view network issues and determine how to improve traffic simulation query results.

If you ran a group device query and received unexpected results, you can troubleshoot those results by providing the expected results. AFA will make a recommendation to help you make the traffic traverse correctly.

Note: The traffic simulation query troubleshooting feature is for AFA administrators only.

Note: This feature is not relevant for single device queries.

Do the following:

  1. Run the group Traffic Simulation Query. For details, see Run traffic simulation queries.

    A new window opens displaying the traffic simulation results.

    The path detected by the query appears on both the left side pane and the map. The devices appear in the same order as the path detected in the query.

  2. Click Expected a different path?.

    The Troubleshooting Query Results wizard appears.

    Note: If the query has more than one traffic line with unexpected results, you can only troubleshoot one path at a time from one of those traffic lines.

  3. If the query involves multiple traffic lines or a single traffic line with multiple sources and/or multiple destinations, select the traffic line and click Next.

    The Troubleshooting Query Results wizard appears.

  4. Select the path you wish to troubleshoot and click Next.

  5. Specify the expected path for the query. You can loptionally add new devices, change the order of the devices, and/or delete devices.

    Note: You can only add devices to the path that are currently defined in AFA.

  6. Click Find inconsistencies.

    The new route is simulated.

    If the query does not detect the expected path, the result appears displaying the identified problems and suggested solutions.

  7. Do one of the following:

    For any of the following cases:

    • Identified problem is an issue with a device
    • Root cause could not be detected
    • Too many paths were found

    Do the following:

    1. Collect the relevant logs.

    2. Open a support case on the AlgoSec portal.
    If there is a missing device
    1. Define the device in AFA.

    2. Run analysis on the device

    3. Run the query again.

Note: If the identified problem is that the traffic is not routed in the network, no troubleshooting can be performed.

Note: If there is no problem and the path is exactly as expected, no further troubleshooting is needed.

Back to top