Administering Avaya Diagnostic Server

SAL Gateway

Release 4.0
Issue 1
January 2022
© 2017-2022, Avaya Inc. documentation does not expressly identify a license type, the
All Rights Reserved. applicable license will be a Designated System License as set forth
below in the Designated System(s) License (DS) section as
Notice applicable. The applicable number of licenses and units of capacity
While reasonable efforts have been made to ensure that the for which the license is granted will be one (1), unless a different
information in this document is complete and accurate at the time of number of licenses or units of capacity is specified in the
printing, Avaya assumes no liability for any errors. Avaya reserves documentation or other materials available to You. “Software” means
the right to make changes and corrections to the information in this computer programs in object code, provided by Avaya or an Avaya
document without the obligation to notify any person or organization Channel Partner, whether as stand-alone products, pre-installed on
of such changes. hardware products, and any upgrades, updates, patches, bug fixes,
or modified versions thereto. “Designated Processor” means a single
Documentation disclaimer stand-alone computing device. “Server” means a set of Designated
“Documentation” means information published in varying mediums Processors that hosts (physically or virtually) a software application
which may include product information, operating instructions and to be accessed by multiple users. “Instance” means a single copy of
performance specifications that are generally made available to users the Software executing at a particular time: (i) on one physical
of products. Documentation does not include marketing materials. machine; or (ii) on one deployed software virtual machine (“VM”) or
Avaya shall not be responsible for any modifications, additions, or similar deployment.
deletions to the original published version of Documentation unless License types
such modifications, additions, or deletions were performed by or on
the express behalf of Avaya. End User agrees to indemnify and hold Designated System(s) License (DS). End User may install and use
harmless Avaya, Avaya's agents, servants and employees against all each copy or an Instance of the Software only: 1) on a number of
claims, lawsuits, demands and judgments arising out of, or in Designated Processors up to the number indicated in the order; or 2)
connection with, subsequent modifications, additions or deletions to up to the number of Instances of the Software as indicated in the
this documentation, to the extent made by End User. order, Documentation, or as authorized by Avaya in writing. Avaya
may require the Designated Processor(s) to be identified in the order
Link disclaimer by type, serial number, feature key, Instance, location or other
Avaya is not responsible for the contents or reliability of any linked specific designation, or to be provided by End User to Avaya through
websites referenced within this site or Documentation provided by electronic means established by Avaya specifically for this purpose.
Avaya. Avaya is not responsible for the accuracy of any information, Concurrent User License (CU). End User may install and use the
statement or content provided on these sites and does not Software on multiple Designated Processors or one or more Servers,
necessarily endorse the products, services, or information described so long as only the licensed number of Units are accessing and using
or offered within them. Avaya does not guarantee that these links will the Software at any given time. A “Unit” means the unit on which
work all the time and has no control over the availability of the linked Avaya, at its sole discretion, bases the pricing of its licenses and can
pages. be, without limitation, an agent, port or user, an e-mail or voice mail
Warranty account in the name of a person or corporate function (e.g.,
webmaster or helpdesk), or a directory entry in the administrative
Avaya provides a limited warranty on Avaya hardware and software. database utilized by the Software that permits one user to interface
Refer to your sales agreement to establish the terms of the limited with the Software. Units may be linked to a specific, identified Server
warranty. In addition, Avaya’s standard warranty language, as well as or an Instance of the Software.
information regarding support for this product while under warranty is
available to Avaya customers and other parties through the Avaya Cluster License (CL). End User may install and use each copy or an
Support website: https://support.avaya.com/helpcenter/ Instance of the Software only up to the number of Clusters as
getGenericDetails?detailId=C20091120112456651010 under the link indicated on the order with a default of one (1) Cluster if not stated.
“Warranty & Product Lifecycle” or such successor site as designated “Cluster” means a group of Servers and other resources that act as a
by Avaya. Please note that if You acquired the product(s) from an single system.
authorized Avaya Channel Partner outside of the United States and Enterprise License (EN). End User may install and use each copy or
Canada, the warranty is provided to You by said Avaya Channel an Instance of the Software only for enterprise-wide use of an
Partner and not by Avaya. unlimited number of Instances of the Software as indicated on the
Licenses order or as authorized by Avaya in writing.

THE SOFTWARE LICENSE TERMS AVAILABLE ON THE AVAYA Named User License (NU). You may: (i) install and use each copy or
WEBSITE, HTTPS://SUPPORT.AVAYA.COM/LICENSEINFO, Instance of the Software on a single Designated Processor or Server
UNDER THE LINK “AVAYA SOFTWARE LICENSE TERMS (Avaya per authorized Named User (defined below); or (ii) install and use
Products)” OR SUCH SUCCESSOR SITE AS DESIGNATED BY each copy or Instance of the Software on a Server so long as only
AVAYA, ARE APPLICABLE TO ANYONE WHO DOWNLOADS, authorized Named Users access and use the Software. “Named
USES AND/OR INSTALLS AVAYA SOFTWARE, PURCHASED User”, means a user or device that has been expressly authorized by
FROM AVAYA INC., ANY AVAYA AFFILIATE, OR AN AVAYA Avaya to access and use the Software. At Avaya’s sole discretion, a
CHANNEL PARTNER (AS APPLICABLE) UNDER A COMMERCIAL “Named User” may be, without limitation, designated by name,
AGREEMENT WITH AVAYA OR AN AVAYA CHANNEL PARTNER. corporate function (e.g., webmaster or helpdesk), an e-mail or voice
UNLESS OTHERWISE AGREED TO BY AVAYA IN WRITING, mail account in the name of a person or corporate function, or a
AVAYA DOES NOT EXTEND THIS LICENSE IF THE SOFTWARE directory entry in the administrative database utilized by the Software
WAS OBTAINED FROM ANYONE OTHER THAN AVAYA, AN AVAYA that permits one user to interface with the Software.
AFFILIATE OR AN AVAYA CHANNEL PARTNER; AVAYA Shrinkwrap License (SR). You may install and use the Software in
RESERVES THE RIGHT TO TAKE LEGAL ACTION AGAINST YOU accordance with the terms and conditions of the applicable license
AND ANYONE ELSE USING OR SELLING THE SOFTWARE agreements, such as “shrinkwrap” or “clickthrough” license
WITHOUT A LICENSE. BY INSTALLING, DOWNLOADING OR accompanying or applicable to the Software (“Shrinkwrap License”).
USING THE SOFTWARE, OR AUTHORIZING OTHERS TO DO SO,
YOU, ON BEHALF OF YOURSELF AND THE ENTITY FOR WHOM Support tools
YOU ARE INSTALLING, DOWNLOADING OR USING THE “AVAYA SUPPORT TOOLS” MEAN THOSE SUPPORT TOOLS
SOFTWARE (HEREINAFTER REFERRED TO PROVIDED TO PARTNERS OR CUSTOMERS IN CONNECTION
INTERCHANGEABLY AS “YOU” AND “END USER”), AGREE TO WITH MAINTENANCE SUPPORT OF AVAYA EQUYIPMENT (E.G.,
THESE TERMS AND CONDITIONS AND CREATE A BINDING SAL, SLA MON, AVAYA DIAGNOISTIC SERVER, ETC.) AVAYA
CONTRACT BETWEEN YOU AND AVAYA INC. OR THE SUPPORT TOOLS ARE INTENDED TO BE USED FOR LAWFUL
APPLICABLE AVAYA AFFILIATE (“AVAYA”). DIAGNOSTIC AND NETWORK INTEGRITY PURPOSES ONLY. The
Avaya grants You a license within the scope of the license types customer is responsible for understanding and complying with
described below, with the exception of Heritage Nortel Software, for applicable legal requirements with regard to its network. The Tools
which the scope of the license is detailed below. Where the order may contain diagnostic capabilities that allow Avaya, authorized
Avaya partners, and authorized customer administrators to capture
packets, run diagnostics, capture key strokes and information from (“AVC VIDEO”) AND/OR (II) DECODE AVC VIDEO THAT WAS
endpoints including contact lists, and remotely control and monitor ENCODED BY A CONSUMER ENGAGED IN A PERSONAL
end-user devices. The customer is responsible for enabling these ACTIVITY AND/OR WAS OBTAINED FROM A VIDEO PROVIDER
diagnostic capabilities, for ensuring users are aware of activities or LICENSED TO PROVIDE AVC VIDEO. NO LICENSE IS GRANTED
potential activities and for compliance with any legal requirements OR SHALL BE IMPLIED FOR ANY OTHER USE. ADDITIONAL
with respect to use of the Tools and diagnostic capabilities on its INFORMATION FOR H.264 (AVC) AND H.265 (HEVC) CODECS
network, including, without limitation, compliance with laws regarding MAY BE OBTAINED FROM MPEG LA, L.L.C. SEE HTTP://
notifications regarding capture of personal data and call recording. WWW.MPEGLA.COM.
Avaya Support Tools are provided as an entitlement of Avaya Compliance with Laws
Support Coverage (e.g., maintenance) and the entitlements are
established by Avaya. The scope of the license for each Tool is You acknowledge and agree that it is Your responsibility for
described in its License terms and/or the applicable service complying with any applicable laws and regulations, including, but not
description document. limited to laws and regulations related to call recording, data privacy,
intellectual property, trade secret, fraud, and music performance
Copyright rights, in the country or territory where the Avaya product is used.
Except where expressly stated otherwise, no use should be made of Preventing Toll Fraud
materials on this site, the Documentation, Software, Hosted Service,
or hardware provided by Avaya. All content on this site, the “Toll Fraud” is the unauthorized use of your telecommunications
documentation, Hosted Service, and the product provided by Avaya system by an unauthorized party (for example, a person who is not a
including the selection, arrangement and design of the content is corporate employee, agent, subcontractor, or is not working on your
owned either by Avaya or its licensors and is protected by copyright company's behalf). Be aware that there can be a risk of Toll Fraud
and other intellectual property laws including the sui generis rights associated with your system and that, if Toll Fraud occurs, it can
relating to the protection of databases. You may not modify, copy, result in substantial additional charges for your telecommunications
reproduce, republish, upload, post, transmit or distribute in any way services.
any content, in whole or in part, including any code and software Avaya Toll Fraud intervention
unless expressly authorized by Avaya. Unauthorized reproduction,
transmission, dissemination, storage, and or use without the express If You suspect that You are being victimized by Toll Fraud and You
written consent of Avaya can be a criminal, as well as a civil offense need technical assistance or support, call Technical Service Center
under the applicable law. Toll Fraud Intervention Hotline at +1-800-643-2353 for the United
States and Canada. For additional support telephone numbers, see
Third Party Components the Avaya Support website: https://support.avaya.com or such
“Third Party Components” mean certain software programs or successor site as designated by Avaya.
portions thereof included in the Software or Hosted Service may Security Vulnerabilities
contain software (including open source software) distributed under
third party agreements (“Third Party Components”), which contain Information about Avaya’s security support policies can be found in
terms regarding the rights to use certain portions of the Software the Security Policies and Support section of https://
(“Third Party Terms”). As required, information regarding distributed support.avaya.com/security.
Linux OS source code (for those products that have distributed Linux Suspected Avaya product security vulnerabilities are handled per the
OS source code) and identifying the copyright holders of the Third Avaya Product Security Support Flow (https://
Party Components and the Third Party Terms that apply is available support.avaya.com/css/P8/documents/100161515).
in the products, Documentation or on Avaya’s website at: https://
support.avaya.com/Copyright or such successor site as designated Downloading Documentation
by Avaya. The open source software license terms provided as Third For the most current versions of Documentation, see the Avaya
Party Terms are consistent with the license rights granted in these Support website: https://support.avaya.com, or such successor site
Software License Terms, and may contain additional rights benefiting as designated by Avaya.
You, such as modification and distribution of the open source
software. The Third Party Terms shall take precedence over these Contact Avaya Support
Software License Terms, solely with respect to the applicable Third See the Avaya Support website: https://support.avaya.com for
Party Components to the extent that these Software License Terms product or Hosted Service notices and articles, or to report a problem
impose greater restrictions on You than the applicable Third Party with your Avaya product or Hosted Service. For a list of support
Terms. telephone numbers and contact addresses, go to the Avaya Support
Service Provider website: https://support.avaya.com (or such successor site as
designated by Avaya), scroll to the bottom of the page, and select
THE FOLLOWING APPLIES TO AVAYA CHANNEL PARTNER’S Contact Avaya Support.
HOSTING OF AVAYA PRODUCTS OR SERVICES. THE PRODUCT
OR HOSTED SERVICE MAY USE THIRD PARTY COMPONENTS Trademarks
SUBJECT TO THIRD PARTY TERMS AND REQUIRE A SERVICE The trademarks, logos and service marks (“Marks”) displayed in this
PROVIDER TO BE INDEPENDENTLY LICENSED DIRECTLY FROM site, the Documentation, Hosted Service(s), and product(s) provided
THE THIRD PARTY SUPPLIER. AN AVAYA CHANNEL PARTNER’S by Avaya are the registered or unregistered Marks of Avaya, its
HOSTING OF AVAYA PRODUCTS MUST BE AUTHORIZED IN affiliates, its licensors, its suppliers, or other third parties. Users are
WRITING BY AVAYA AND IF THOSE HOSTED PRODUCTS USE not permitted to use such Marks without prior written consent from
OR EMBED CERTAIN THIRD PARTY SOFTWARE, INCLUDING Avaya or such third party which may own the Mark. Nothing
BUT NOT LIMITED TO MICROSOFT SOFTWARE OR CODECS, contained in this site, the Documentation, Hosted Service(s) and
THE AVAYA CHANNEL PARTNER IS REQUIRED TO product(s) should be construed as granting, by implication, estoppel,
INDEPENDENTLY OBTAIN ANY APPLICABLE LICENSE or otherwise, any license or right in and to the Marks without the
AGREEMENTS, AT THE AVAYA CHANNEL PARTNER’S EXPENSE, express written permission of Avaya or the applicable third party.
DIRECTLY FROM THE APPLICABLE THIRD PARTY SUPPLIER.
Avaya is a registered trademark of Avaya Inc.
WITH RESPECT TO CODECS, IF THE AVAYA CHANNEL
PARTNER IS HOSTING ANY PRODUCTS THAT USE OR EMBED All non-Avaya trademarks are the property of their respective owners.
THE H.264 CODEC OR H.265 CODEC, THE AVAYA CHANNEL Linux® is the registered trademark of Linus Torvalds in the U.S. and
PARTNER ACKNOWLEDGES AND AGREES THE AVAYA other countries.
CHANNEL PARTNER IS RESPONSIBLE FOR ANY AND ALL
RELATED FEES AND/OR ROYALTIES. THE H.264 (AVC) CODEC
IS LICENSED UNDER THE AVC PATENT PORTFOLIO LICENSE
FOR THE PERSONAL USE OF A CONSUMER OR OTHER USES
IN WHICH IT DOES NOT RECEIVE REMUNERATION TO: (I)
ENCODE VIDEO IN COMPLIANCE WITH THE AVC STANDARD
 Contents

Chapter 1: Introduction.......................................................................................................... 10
Purpose of the document....................................................................................................... 10
Change history...................................................................................................................... 10
Chapter 2: SAL Gateway overview........................................................................................ 14
SAL Gateway........................................................................................................................ 14
Capacity of a standalone SAL Gateway................................................................................... 14
Other SAL components.......................................................................................................... 15
SAL Core and Remote Servers........................................................................................ 15
Secure Tunnel Connectors............................................................................................... 15
SAL Policy Manager with SSH Proxy................................................................................ 16
Functions of SAL components................................................................................................ 16
Administrator responsibilities............................................................................................. 18
Chapter 3: SAL Gateway management through the SAL Gateway web interface............ 19
SAL Gateway web interface overview..................................................................................... 19
Capacity of the SAL Gateway web interface...................................................................... 19
Browser requirements to access the SAL Gateway web interface........................................ 20
SAL Gateway home page...................................................................................................... 20
Accessing the SAL Gateway web interface.............................................................................. 22
SAL Gateway user authentication........................................................................................... 23
Logging in with local credentials....................................................................................... 23
Logging in with a certificate.............................................................................................. 23
Logging out of the SAL Gateway user interface........................................................................ 24
Chapter 4: Administering SAL Gateway configurations..................................................... 25
SAL Gateway administration overview.................................................................................... 25
Administering SAL Gateway Solution Element ID .................................................................... 25
Automatic Solution Element ID generation overview........................................................... 25
Configuring the Solution Element ID of SAL Gateway manually .......................................... 26
Generating the Solution Element ID of SAL Gateway automatically..................................... 27
Editing the SAL Gateway identification information................................................................... 29
Gateway Configuration field descriptions........................................................................... 30
Configuring SAL Gateway with a proxy................................................................................... 31
HTTP/SOCKS Proxy Server field descriptions................................................................... 32
Uploading the proxy server certificate to SAL Gateway....................................................... 33
Reviewing SAL Core Server configuration............................................................................... 34
Core Server field descriptions........................................................................................... 34
Reviewing SAL Remote Server configuration........................................................................... 35
Remote Server field descriptions...................................................................................... 36
SAL Hosted Concentrator overview........................................................................................ 36
Avaya Hosted Configuration for BP field descriptions......................................................... 36

January 2022 Administering Avaya Diagnostic Server SAL Gateway 4

Comments on this document? infodev@avaya.com
 Contents

Configuring Avaya Hosted Configuration for Business Partners details................................ 37

SAL Gateway link ID modification..................................................................................... 38
Configuring SAL Policy Manager details ................................................................................. 39
Policy Manager field descriptions...................................................................................... 40
Configuring SMTP server details............................................................................................ 41
SMTP Configuration field descriptions............................................................................... 42
NMS server configuration....................................................................................................... 43
NMS server as a trap receiver.......................................................................................... 43
Configuring NMS............................................................................................................. 44
Network Management Systems field descriptions............................................................... 45
Editing the details of an NMS........................................................................................... 49
Adding an NMS............................................................................................................... 49
Deleting an NMS record................................................................................................... 50
Configuring the SNMP subagent............................................................................................. 50
SNMP SubAgent Configuration field descriptions............................................................... 51
Applying configuration changes.............................................................................................. 51
Chapter 5: Administering managed elements...................................................................... 53
Managed element configuration.............................................................................................. 53
Adding a managed element to SAL Gateway..................................................................... 54
Managed Element field descriptions.................................................................................. 57
Managed Element Configuration field descriptions............................................................. 59
Editing the configuration of a managed element................................................................. 62
Deleting the record of a managed element........................................................................ 63
Exporting managed element data..................................................................................... 63
Importing managed elements to SAL Gateway.................................................................. 64
Device SNMP v3 configuration............................................................................................... 67
Configuring SNMP v3 credentials of managed element...................................................... 67
Device SNMP v3 Credentials field descriptions.................................................................. 68
SNMP modes.................................................................................................................. 70
Importing and configuring devices........................................................................................... 70
Importing devices across SAL Gateway instances.............................................................. 70
Import and Configure Devices field descriptions................................................................. 72
Chapter 6: Managing inventory collection........................................................................... 76
SAL inventory collection overview........................................................................................... 76
Inventory collection process............................................................................................. 76
Role of the SAL model in inventory collection.................................................................... 77
CIM................................................................................................................................ 78
Credentials management for inventory collection..................................................................... 79
Types of credentials......................................................................................................... 79
Using Avaya-provided credentials for inventory collection................................................... 79
Using user-defined credentials......................................................................................... 81
Editing device credentials for inventory collection............................................................... 82
Inventory support field descriptions................................................................................... 82

January 2022 Administering Avaya Diagnostic Server SAL Gateway 5

Comments on this document? infodev@avaya.com
Contents

Viewing and controlling inventory collection............................................................................. 85

Enabling inventory collection from a managed device......................................................... 85
Starting the inventory service........................................................................................... 86
Stopping the inventory service.......................................................................................... 86
Viewing inventory report of a device.................................................................................. 87
Exporting an inventory report............................................................................................ 88
Collecting inventory on demand for a device...................................................................... 88
Viewing inventory log files...................................................................................................... 89
Inventory diagnostics............................................................................................................. 90
Chapter 7: Managing SAL Gateway redundancy................................................................. 91
Redundancy of SAL Gateway................................................................................................. 91
Creating redundant SAL Gateways......................................................................................... 93
Redundant Gateways field descriptions................................................................................... 94
Example: Lowest common denominator rule for redundant Gateways....................................... 95
Removing a redundancy of SAL Gateways.............................................................................. 96
Chapter 8: Managing the user and system security............................................................ 97
PKI configuration................................................................................................................... 97
PKI configuration for SAL Gateway access........................................................................ 97
Creating a role mapping................................................................................................... 98
Creating a role mapping for an organizational unit within an organization............................. 99
Updating role mappings................................................................................................. 100
Deleting role mappings.................................................................................................. 101
Managing roles for local user groups..................................................................................... 101
Role management for local users.................................................................................... 101
Mapping local user groups to roles.................................................................................. 102
Map local group names to SAL Gateway roles field descriptions....................................... 103
Editing a local role mapping........................................................................................... 103
Deleting a local role mapping......................................................................................... 104
OCSP and CRL configuration............................................................................................... 105
OCSP and CRL configuration for authentication and authorization of remote access
requests....................................................................................................................... 105
Configuring OCSP or CRL for SAL Gateway.................................................................... 105
Editing OCSP/CRL settings............................................................................................ 106
OCSP/CRL Configuration field descriptions..................................................................... 106
Chapter 9: Managing certificates on SAL Gateway........................................................... 108
Certificate authority.............................................................................................................. 108
Viewing certificates.............................................................................................................. 108
Certificate Management field descriptions............................................................................. 109
Uploading a certificate to SAL Gateway................................................................................. 109
Deleting a certificate............................................................................................................ 110
Resetting certificates to factory settings................................................................................. 110
Importing and exporting certificates to the SAL Gateway truststore through CLI........................ 111
Importing certificates...................................................................................................... 111

January 2022 Administering Avaya Diagnostic Server SAL Gateway 6

Comments on this document? infodev@avaya.com
 Contents

Exporting certificates...................................................................................................... 111

Replacing CA certificates on SAL Gateway............................................................................ 112
Confirming successful download and application of CAs......................................................... 113
Import Client Certificate field descriptions.............................................................................. 113
Importing client certificate..................................................................................................... 114
Chapter 10: Preference configuration for SAL model distribution.................................. 115
Indicating model distribution preferences............................................................................... 115
Model Distribution Preferences field descriptions.................................................................... 116
Model application indicators................................................................................................. 116
Chapter 11: Managing software updates............................................................................ 117
Automatic software update................................................................................................... 117
Setting preferences for automatic software update................................................................. 118
Applying a software update immediately................................................................................ 119
Scheduling an automatic software update to the next available time frame .............................. 120
Automatic Software Update field descriptions........................................................................ 122
Viewing details of a software update..................................................................................... 123
Chapter 12: Backing up and restoring SAL Gateway........................................................ 125
SAL Gateway backup.......................................................................................................... 125
Backing up the SAL Gateway configuration data.............................................................. 126
Scheduling a backup..................................................................................................... 127
Backup Configuration field descriptions........................................................................... 128
Viewing backup history.................................................................................................. 130
SAL Gateway restoration..................................................................................................... 131
Restoring SAL Gateway configuration data using the SAL Gateway UI.............................. 132
Restore field descriptions............................................................................................... 133
Restoring SAL Gateway configuration data using CLI....................................................... 135
Restoring data from an SFTP host server using CLI......................................................... 136
Viewing restore history................................................................................................... 137
Chapter 13: Managed Services Configuration................................................................... 138
Managed services overview................................................................................................. 138
Viewing Managed services configuration details.................................................................... 138
Managed services configuration field description.................................................................... 139
Chapter 14: SAL Gateway services management.............................................................. 140
Managing SAL Gateway services......................................................................................... 140
Gateway Service Control field descriptions............................................................................ 141
Chapter 15: Monitoring SAL Gateway status..................................................................... 144
Overview............................................................................................................................ 144
Running diagnostics............................................................................................................ 144
Viewing a diagnostics report................................................................................................. 145
Exporting a diagnostics report.............................................................................................. 145
Diagnostics Viewer field descriptions.................................................................................... 146
Viewing a configuration file................................................................................................... 147

January 2022 Administering Avaya Diagnostic Server SAL Gateway 7

Comments on this document? infodev@avaya.com
Contents

Exporting a configuration file................................................................................................ 147

Configuration Viewer field descriptions.................................................................................. 148
Device Registration Viewer field descriptions......................................................................... 148
Viewing the registered devices............................................................................................. 150
Live Remote Connections field descriptions........................................................................... 151
SAL Gateway Health check.................................................................................................. 151
Viewing the SAL Gateway status.................................................................................... 151
Checking the status of SAL Gateway.............................................................................. 152
Viewing a status report of SAL Gateway.......................................................................... 153
Exporting a status report of SAL Gateway....................................................................... 153
SAL Gateway health report............................................................................................ 154
Chapter 16: SAL Gateway logs............................................................................................ 156
SAL Gateway logging capabilities......................................................................................... 156
SAL Gateway logging.......................................................................................................... 156
Viewing logs....................................................................................................................... 158
Log Viewer field descriptions................................................................................................ 159
Downloading logs................................................................................................................ 163
Filtering logs using the basic filter options.............................................................................. 164
Filtering logs using the advanced filter options....................................................................... 165
Chapter 17: Syslog for SAL Gateway.................................................................................. 167
Syslog overview.................................................................................................................. 167
Syslogd service............................................................................................................. 167
Uses of logging............................................................................................................. 168
Syslog for SAL Gateway logging........................................................................................... 168
Syslog configuration............................................................................................................ 169
Editing the syslog configuration file for SAL Gateway............................................................. 169
Viewing syslogs................................................................................................................... 170
Chapter 18: SAL Gateway diagnostics............................................................................... 171
SAL Gateway diagnostics overview...................................................................................... 171
General concept of SAL diagnostics operation....................................................................... 171
Complete and annotated diagnostic output............................................................................ 173
Data transport component diagnostics............................................................................ 173
Heartbeat component diagnostics................................................................................... 177
Managed Services Agent Component diagnostics............................................................ 178
Configuration change component diagnostics.................................................................. 178
NmsConfig component diagnostics................................................................................. 179
ProductConfig component diagnostics............................................................................ 179
Inventory component diagnostics.................................................................................... 179
Alarming component diagnostics.................................................................................... 180
Agent management component diagnostics.................................................................... 182
CLINotification component diagnostics............................................................................ 183
LogManagement component diagnostics......................................................................... 183
LogForwarding component diagnostics........................................................................... 183

January 2022 Administering Avaya Diagnostic Server SAL Gateway 8

Comments on this document? infodev@avaya.com
 Contents

Connectivity test component diagnostics......................................................................... 183

LinuxDiagnostic component diagnostics.......................................................................... 184
Additional information that diagnostics returns................................................................. 184
Chapter 19: Decommissioning SAL Gateway.................................................................... 186
Checklist for decommissioning SAL Gateway........................................................................ 186
Chapter 20: Troubleshooting............................................................................................... 187
Troubleshooting for restore operations.................................................................................. 187
Restore operation fails with a high severity...................................................................... 187
Restore operation fails with a low severity....................................................................... 187
Restore operation is stopped abruptly............................................................................. 187
Troubleshooting for inventory operations............................................................................... 188
Inventory-related exceptions in SAL Gateway logs........................................................... 188
Troubleshooting for SAL Gateway diagnostics....................................................................... 194
Exceptions related to SAL Gateway diagnostics............................................................... 194
Chapter 21: Resources......................................................................................................... 202
Documentation.................................................................................................................... 202
Finding documents on the Avaya Support website........................................................... 203
Viewing Avaya Mentor videos............................................................................................... 203
Support.............................................................................................................................. 204
Using the Avaya InSite Knowledge Base......................................................................... 204
Appendix A: Applying a software update manually.......................................................... 206
Appendix B: SAL Gateway MIB and SNMP traps............................................................... 208
SNMP MIB for SAL Gateway................................................................................................ 208
SNMP traps that SAL Gateway generates............................................................................. 208
SNMP traps that SAL Watchdog generates........................................................................... 210
Glossary................................................................................................................................. 211

January 2022 Administering Avaya Diagnostic Server SAL Gateway 9

Comments on this document? infodev@avaya.com
Chapter 1: Introduction

Purpose of the document

This document contains information about how to administer and configure SAL Gateway for the
alarm transfer, remote access, and inventory collection facilities and how to perform periodic
maintenance tasks.
This document is intended for people who perform SAL Gateway administration tasks such as
adding managed elements to SAL Gateway, backing up and restoring data, and applying software
updates.

Change history

Issue Date Summary of changes

Release 3.0, March 2017 The first issue of the document in this release.
issue 1
Release 3.0, July 2017 Added the information that when you are forced to correct the
issue 2 SMTP details immediately after logging in, the automatic
Software Update feature is enabled automatically when you
apply the corrected SMTP configurations. See Configuring SMTP
server details on page 41.
Release 3.0, November 2017 Updated the following topics:
issue 3
• SAL Gateway UI home page
• Redundant SAL Gateway
Added the following new topics:
• Configuring Avaya Hosted Configuration for Business Partners
details
• Avaya Hosted Configuration for BP field descriptions
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 10

Comments on this document? infodev@avaya.com
 Change history

Issue Date Summary of changes

Release 3.0, May 2018 Added the following new topics:
issue 4
• Import Client Certificate field descriptions on page 113
• Importing client certificate on page 114
• Device Registration Viewer field descriptions on page 148
• Viewing the registered devices on page 150
Release 3.0, September 2018 Added Uploading the proxy server certificate to SAL Gateway on
issue 5 page 33 new topic.
Release 3.0, January 2019 Updated Generating the Solution Element ID of SAL Gateway
issue 6 automatically on page 27 and added Live Remote Connections
field descriptions on page 151.
Release 3.0, April 2019 Added the following new topics:
issue 7
• SAL Gateway link ID modification on page 38
• Modifying BP Link ID on page 39
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 11

Comments on this document? infodev@avaya.com
Introduction

Issue Date Summary of changes

Release 3.1, October 2019 Added the following new topics:
issue 1
• Managed services overview on page 138
• Viewing Managed services configuration details on page 138
• Managed services configuration field description on page 139
• Managed Services Agent Component diagnostics on page 178
Updated the following topics:
• Importing managed elements to SAL Gateway on page 64
• Import and Configure Devices field descriptions on page 72
• Importing devices across SAL Gateway instances on page 70
• SAL Gateway health report on page 154
• Adding a managed element to SAL Gateway on page 54
• SNMP SubAgent Configuration field descriptions on page 51
• Viewing backup history on page 130
• Backup Configuration field descriptions on page 128
• Core Server field descriptions on page 34
• Managed Element Configuration field descriptions on page 59
• Managed Element field descriptions on page 57
• SAL Gateway logging capabilities on page 156
• Device SNMP v3 Credentials field descriptions on page 68
• Restore field descriptions on page 133
• Restoring SAL Gateway configuration data using the SAL
Gateway UI on page 132
• Exporting managed element data on page 63
• Avaya Hosted Configuration for BP field descriptions on
page 36
• SAL Gateway home page on page 20
• SAL Gateway logging on page 156
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 12

Comments on this document? infodev@avaya.com
 Change history

Issue Date Summary of changes

Release 3.1, March 2020 Updated the following topics:
issue 2
• Editing the configuration of a managed element on page 62
• Configuring SNMP v3 credentials of managed element on
page 67
• Device SNMP v3 Credentials field descriptions on page 68
• Managed element configuration on page 53
• Importing devices across SAL Gateway instances on page 70
• Adding a managed element to SAL Gateway on page 54
• Managed Element Configuration field descriptions on page 59
• Exporting managed element data on page 63
• Import and Configure Devices field descriptions on page 72
• SMTP Configuration field descriptions on page 42
• Configuring SMTP server details on page 41
Release 3.2, October 2020 Updated the following topics:
issue 1
• Automatic software update on page 117
• Setting preferences for automatic software update on page 118
• Applying a software update immediately on page 119
• SMTP Configuration field descriptions on page 42
• Configuring SMTP server details on page 41
Added the following new topic:
• Live Remote Connections field descriptions on page 151
Release 3.3, September 2021 Updated the following topics:
issue 1
• SAL Gateway home page on page 20
• Adding a managed element to SAL Gateway on page 54
• Managed Element field descriptions on page 57
• Importing managed elements to SAL Gateway on page 64
• Managed Element Configuration field descriptions on page 59
• Exporting managed element data on page 63
• Import and Configure Devices field descriptions on page 72
• Importing devices across SAL Gateway instances on page 70

January 2022 Administering Avaya Diagnostic Server SAL Gateway 13

Comments on this document? infodev@avaya.com
Chapter 2: SAL Gateway overview

SAL Gateway
SAL Gateway centralizes remote access, alarm transfer, and access control policies for Avaya
devices across the customer network. SAL Gateway provides a secure remote access connection
between Avaya and Avaya devices on the customer network. Through SAL, Avaya Service tools
and engineers can access customer devices to resolve network and product-related issues.
The key feature of SAL is simple network integration. Instead of opening numerous inbound and
outbound ports between the customer and the service provider, SAL consolidates the entire traffic
and uses a single outbound firewall port to facilitate secure HTTPS communication. Therefore,
SAL minimizes network impact.
SAL uses CA certificate-based authentication for remote access requests. You can intelligently
establish access policies using an optional SAL Policy Manager.
For information about new features and enhancements introduced in Avaya Diagnostic Server
Release 4.0, see Deploying Avaya Diagnostic Server 4.0 or Avaya Diagnostic Server 4.0 Release
Notes.
Avaya Diagnostic Server Release 4.0 introduces Flex support for cloud based Avaya products.
Flex platform assists in uniform installation and standardizes the product packaging for all the
types of deployment.
The flex supported products are:
• Cluster Control Manager
• Common Service Platform
• Avaya Analytics

Capacity of a standalone SAL Gateway

The following table provides the capacity of a standalone SAL Gateway:

Maximum managed elements 1000

Maximum simultaneous remote connections 100

January 2022 Administering Avaya Diagnostic Server SAL Gateway 14

Comments on this document? infodev@avaya.com
 Other SAL components

Note:
SAL Gateway performs at the maximum capacity when:
• The host server of SAL Gateway meets the Avaya-recommended specifications and
requirements.
• The alarm flow, remote sessions, and network conditions are normal.
When you upgrade SAL Gateway Release 4.0 on a host with 2-GB RAM, the maximum
capacity remains the same:
• 500 managed elements
• 50 simultaneous remote sessions

Other SAL components

SAL Core and Remote Servers

In the SAL remote-access architecture, two SAL servers handle the remote access and alarm
transfer facilities from Avaya’s end. The two components that reside at Avaya Data Center are:
• SAL Remote Server: Manages remote access requests. SAL Remote Server authenticates
the requests from support personnel or services tools to access customer products for
remote servicing and places the access requests in a queue. SAL Gateway checks queue in
the server periodically for connection requests and processes the access requests according
to the policies the customer implements. This approach provides a single authentication and
access point to service the products.
• SAL Core Server: Handles alarm transfer and inventory collection from the managed devices.
SAL Core Server forwards alarms received from SAL Gateway to Avaya ticketing systems.
These servers are also known as SAL Concentrator Servers or SAL Enterprise Servers.
Note:
In Release 4.0, SAL Core and Remote Servers represent logical division of the remote access
and alarm transfer functionalities which are managed by a single application on a single
server.

Secure Tunnel Connectors

Secure Tunnel Connectors (STC) are geo-distributed components deployed on Avaya network to
speed up remote connections. STC acts as the conduit of remote access connection between the
desktop of the support personnel and SAL Gateway residing on the customer network. STC

January 2022 Administering Avaya Diagnostic Server SAL Gateway 15

Comments on this document? infodev@avaya.com
SAL Gateway overview

completes the secure and high-performance link for each remote access session created by the
service personnel to a customer product. STCs are geographically distributed to ensure minimal
network delay between the personnel and SAL Gateway. The browser of the personnel and the
remote agent for the target device are automatically directed to the nearest STC with available
capacity.
You need not administer the STC host names on SAL Gateway or the host sever.

SAL Policy Manager with SSH Proxy

Through SAL Policy Manager with SSH Proxy, you can control and monitor the remote access
sessions established through SAL to the devices on your network.
SAL Policy Manager provides a web-based application that you can use to configure remote
access policies and permissions for devices. You can set up and manage device-specific
permissions and audit the SAL Policy Manager operations. Administrators of SAL Policy Manager
can also set up user accounts, profiles, and roles to control access to the components of the SAL
Policy Manager application.
SAL Policy Manager comes with an integral component, SSH Proxy. When you implement SAL
Policy Manager with SSH Proxy, you can direct the SSH remote connections through the SSH
Proxy. In an SSH session established through SSH Proxy, you can contain the remote user to the
connected device and prevent the user from accessing another host, known as host hopping.
Through SSH Proxy, you can also log the activities during SSH sessions.

Functions of SAL components

Alarming
SAL Gateway relays alarms and heartbeats received from SAL-managed devices, also known as
managed elements, to SAL Core Server residing at the Avaya data center. These managed
elements can be Avaya devices as well as third party devices managed by SAL Gateway. SAL
Gateway can collect alarms in the form of SNMP traps or Initialization and Administration System
(INADS) alarms from managed elements. SAL Gateway sends the collected alarm information
over HTTPS to SAL Core Server.
Remote access
Through SAL, support personnel or tools can raise HTTPS requests to access managed devices
remotely. Customers have full control over all SAL-facilitated accesses to the devices on the
customer network. All connections are originally established from the network of the customer.
The customer-controlled SAL components enforce authorizations for remote access.
SAL Remote Server at the Avaya or a partner data center first receives a request from support
personnel for remote access to a managed element. SAL Remote Server authenticates the
request and places the requests in a queue. SAL Gateway communicates with SAL Remote
Server to check whether any remote access requests are present. When SAL Gateway finds a
remote access request, SAL Gateway performs the authorization. If SAL Gateway is configured to

January 2022 Administering Avaya Diagnostic Server SAL Gateway 16

Comments on this document? infodev@avaya.com
 Functions of SAL components

communicate with SAL Policy Manager, SAL Gateway checks the local policies provided by Policy
Manager. If the request meets the policy conditions, SAL Gateway establishes an end-to-end
connection for remote access from the desktop of the support personnel to the managed device.
If Secure Tunnel Connectors (STC) are present in the SAL architecture, SAL uses STC as the
channel of remote access connection between the desktop of the support personnel and the SAL
Gateway on the customer network. Secure Tunnel Connector completes the secure, high-
performance link for each session created from Avaya to a customer product.
With the latest SAL enhancements, applicable to Avaya managed services customers under
APCS offer, SAL now also provides a secure transport between customer devices and all APCS
tools.
SAL architecture
The following figure illustrates a SAL architecture-based scenario for alarm flow and secure
remote access.

Figure 1: SAL components for alarm flow and remote access

January 2022 Administering Avaya Diagnostic Server SAL Gateway 17

Comments on this document? infodev@avaya.com
SAL Gateway overview

Administrator responsibilities
As the administrator of SAL Gateway, you are responsible for:
• Administering the SAL Gateway configuration to facilitate alarm transfer and remote access
support.
• Administering managed elements on SAL Gateway.
• Managing inventory collection from managed devices.
• Managing the redundant SAL Gateways.
• Managing user and remote access security.
• Managing certificates on SAL Gateway.
• Monitoring the SAL Gateway status and logs.
• Managing software updates.
• Backing up and restoring SAL Gateway.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 18

Comments on this document? infodev@avaya.com
Chapter 3: SAL Gateway management
through the SAL Gateway web
interface

SAL Gateway web interface overview

SAL Gateway provides a web-based user interface that you can use to manage SAL Gateway
configurations and other associated devices or components. Proper configuration and continuous
monitoring of SAL Gateway is important to ensure availability of the alarm transfer and the remote
access facilities through SAL Gateway. The SAL Gateway web interface is accessible from a
personal computer that is connected to the network where SAL Gateway is installed.
Using the SAL Gateway web interface, you can:
• View the SAL Gateway configurations for communication with SAL Remote Server, SAL Core
Server, Policy Manager, HTTP Proxy Server, SMTP server, and NMS.
• Change the existing configurations.
• Administer devices managed by SAL.
• Monitor the status of SAL Gateway.
• Manage inventory collection from managed devices.
• Manage redundant SAL Gateways.
• Back up and restore configuration data.
• Manage software updates.

Capacity of the SAL Gateway web interface

The following table provides the capacity of the SAL Gateway web interface in terms of the
maximum web sessions that you can run simultaneously:
Maximum number of simultaneous sessions 50
Maximum number of simultaneous sessions for each user 25

January 2022 Administering Avaya Diagnostic Server SAL Gateway 19

Comments on this document? infodev@avaya.com
SAL Gateway management through the SAL Gateway web interface

Browser requirements to access the SAL Gateway web interface

• Internet Explorer 11

SAL Gateway home page

The following is a sample home page of the SAL Gateway web interface:

January 2022 Administering Avaya Diagnostic Server SAL Gateway 20

Comments on this document? infodev@avaya.com
 SAL Gateway home page

No. Name Description

1 Title bar Displays the following information:
• The name of the product, that is, SAL Gateway.
• The status of SAL Gateway. You can click the Health icon to
navigate to the Service Control and Status page to view the detailed
status of SAL Gateway components that manage alarming,
inventory, and remote access to devices.
For more information about the various Health icons, see the Icon
table.

• The User icon ( ) that displays a pop-up menu containing the

following:
- The user ID of the person who is logged in.
- The Help menu option .
- The Log Off menu option.

• The More icon ( ) that displays the following:

- The version number of the SAL Gateway.
- The SAL Gateway host name.
- The deployment type of SAL Gateway.
- The alarm transport for SAL Gateway.
2 Navigation menu Provides a menu to access the configuration pages of SAL Gateway
and other associated components.
3 Work area Displays the configuration page that you select in the navigation pane.
When you log on to the SAL Gateway user interface, the system
displays the Managed Element page as the default view in the work
area.

Note:
If you see the SMTP Configuration page after logging in, it means
that the configured Simple Mail Transfer Protocol (SMTP) details
are incomplete or not in the required format. The SAL Gateway
user interface restricts your access to any other pages on the
user interface. You must update the SMTP configuration with
correct details before you can navigate to other pages on the user
interface. To receive notifications about new software releases,
software download status, and software installation status, ensure
that the SMTP details are correct.

A Health icon is available in the top-right corner of the SAL Gateway UI. The different icons indicate the
cumulative status of SAL Gateway services and connectivity.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 21

Comments on this document? infodev@avaya.com
SAL Gateway management through the SAL Gateway web interface

Icon Description
The status of the SAL Gateway components is between 0-19%.

The status of the SAL Gateway components is between 20-39%.

The status of the SAL Gateway components is between 40-59%.

The status of the SAL Gateway components is between 60-89%.

The status of the SAL Gateway components is above 90%.

Note:
For more information about the components that have issues, see the SAL Gateway Service
Control and Status page.

Accessing the SAL Gateway web interface

About this task
You can access the SAL Gateway user interface directly on the local network or through SAL
Concentrator Remote Server after SAL Gateway establishes a session with Remote Server. You
might want to use the Remote Server user interface to establish a connection to the SAL Gateway
web interface because the local port changes if you already have 7443 open on your computer.
Before you begin
Ensure that you have the following:
• An installed SAL Gateway.
• An authorized user ID to log on to SAL Gateway.

Note:
Contact your system administrator for local Linux login credentials.
• A computer with a web browser and access to the network where SAL Gateway is installed.
Procedure
1. Open a web browser from the computer on your network.
2. Browse to the host name and port configured for SAL Gateway using one of the following
two methods:
• To access the SAL Gateway user interface on the local network, type the following URL:
https://[host name or IP address of SAL Gateway]:7443
• To access the SAL Gateway user interface through SAL Remote Server, type the
following URL:

January 2022 Administering Avaya Diagnostic Server SAL Gateway 22

Comments on this document? infodev@avaya.com
 SAL Gateway user authentication

https://localhost:7443/
The system displays a login screen.
3. On the login page, enter your login credentials to log on to the SAL Gateway user
interface.

SAL Gateway user authentication

Logging in with local credentials

About this task
Use this procedure to log on to the SAL Gateway user interface using the local host credentials.
Note:
Do not set up password for the SAL Gateway user account, saluser, which is used for running
the SAL Gateway services. Do not use this account to log on to the SAL Gateway user
interface.
Procedure
1. On the SAL Gateway login page, enter your user name and password.
2. Click Log on.
The SAL Gateway user interface displays the Managed Elements page as the home page.

Logging in with a certificate

About this task
Use this procedure to log on to the SAL Gateway user interface using an e-token. The e-token
provides a certificate to SAL Gateway for user authentication.
Procedure
1. Plug in your e-token to the computer from where you want to establish a connection to SAL
Gateway.
2. Enter the password for the e-token.
The SAL Gateway user interface displays the Managed Elements page as the home page.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 23

Comments on this document? infodev@avaya.com
SAL Gateway management through the SAL Gateway web interface

Logging out of the SAL Gateway user interface

Procedure
1. On the upper-right corner of the SAL Gateway user interface, click the User icon ( ).
2. On the pop-up menu, click Log Off.
Result
The system displays the following message:
You have successfully logged out.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 24

Comments on this document? infodev@avaya.com
Chapter 4: Administering SAL Gateway
configurations

SAL Gateway administration overview

The SAL Gateway configuration is the most critical configuration for providing alarm transfer and
remote access support. You must administer the SAL Gateway configurations for communication
with SAL Remote Server, SAL Core Server, Policy Manager with SSH Proxy, SMTP server, and a
proxy for Internet access. The host name, IP address, and IDs that SAL Gateway uses to identify
and communicate with these servers are vital for facilitating remote access and alarm transfer.
You can administer these configurations through the SAL Gateway user interface. You can also
use the SAL Gateway user interface to correct any information that was entered incorrectly during
the SAL Gateway installation or to reflect any changes in the server information.

Administering SAL Gateway Solution Element ID

Automatic Solution Element ID generation overview

You can use the SAL Gateway user interface to automatically generate the SAL Gateway Solution
Element ID. This facility was earlier available only in the attended mode of installation of SAL
Gateway.
During an unattended mode of installation or a virtual appliance deployment, you do not get the
interactive graphical user interface to automatically generate the SAL Gateway Solution Element
ID. In such cases, you can choose to install SAL Gateway with the default ID.
When you install SAL Gateway with the default ID, an error message is displayed on the SAL
Gateway user interface after you log on. On clicking the error message, you get the options to
configure the correct Solution Element ID. The message remains available on all pages of the SAL
Gateway user interface until you configure the correct ID.
Important:
Unless you replace the default Solution Element ID with the correct ID, the SAL Gateway
services do not start.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 25

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

Through the SAL Gateway user interface, you can configure the correct Solution Element ID using
one of the following options:
• If you have already registered SAL Gateway with Avaya and obtained the SAL Gateway IDs
from Avaya, configure the correct IDs manually.
• If you are yet to register SAL Gateway with Avaya, generate the Solution Element ID
automatically through the SAL Gateway user interface.
Related links
Configuring the Solution Element ID of SAL Gateway manually on page 26
Generating the Solution Element ID of SAL Gateway automatically on page 27

Configuring the Solution Element ID of SAL Gateway manually

About this task
If you install SAL Gateway with the default Solution element ID, you can configure the correct
Solution Element ID through the SAL Gateway user interface. If you have registered SAL Gateway
and received the SAL Gateway IDs from Avaya, use this procedure to configure the IDs manually
through the SAL Gateway user interface.
Note:
The option to generate and configure the SAL Gateway identifiers through the SAL Gateway
user interface is available only to a user with the administrator rights.
Before you begin
Register SAL Gateway with Avaya and get the Solution Element ID and the Alarm ID. You can
register SAL Gateway through Global Registration Tool (GRT).
Procedure
1. Log on to the SAL Gateway user interface as an administrator.
When SAL Gateway is installed with the default Solution Element ID, the following error
message is displayed on the SAL Gateway user interface:
SAL Gateway is configured with the default Solution Element ID:
(000)777–9999. Please configure the proper Solution Element ID. If
you have not registered the SAL Gateway with Avaya, click here to
register.
2. At the top of the page, click the error message.
The system displays the Registration Wizard window.
3. Select I have Avaya provided Solution Element ID and Product ID for SAL Gateway,
and click Next.
4. In the following fields, type the SAL Gateway IDs that you got from Avaya:
• SAL Gateway’s Solution Element ID

January 2022 Administering Avaya Diagnostic Server SAL Gateway 26

Comments on this document? infodev@avaya.com
 Administering SAL Gateway Solution Element ID

• SAL Gateway’s Product ID

5. Click Next.
6. Verify the SAL Gateway registration information displayed on the Registration Wizard
window, and click Save.
7. Click Close.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Generating the Solution Element ID of SAL Gateway automatically on page 27

Generating the Solution Element ID of SAL Gateway automatically

About this task
If you install SAL Gateway with the default Solution element ID, you can configure the correct
Solution Element ID through the SAL Gateway user interface. Use this procedure to register SAL
Gateway with Avaya and generate the SAL Gateway IDs automatically through the SAL Gateway
user interface.
Note:
The option to generate and configure the SAL Gateway identifiers through the SAL Gateway
user interface is available only to a user with the administrator rights.
Before you begin
Ensure that you have the following:
• The Avaya Sold To number that identifies the installation location of SAL Gateway.
The Sold To number is also known as the functional location (FL) number.
• The Avaya single sign-on (SSO) login that is associated with the Sold To number.
• The computer that you use to access the SAL Gateway user interface is connected to the
Internet.
• SAL Gateway is connected to the Internet.
Procedure
1. Log on to the SAL Gateway user interface as an administrator.
When SAL Gateway is installed with the default Solution Element ID, the following error
message is displayed on the SAL Gateway user interface:

January 2022 Administering Avaya Diagnostic Server SAL Gateway 27

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

SAL Gateway is configured with the default Solution Element ID:

(000)777–9999. Please configure the proper Solution Element ID. If
you have not registered the SAL Gateway with Avaya, click here to
register.
2. At the top of the page, click the error message.
The system displays the Registration Wizard window.
3. Select I do not have Avaya provided Solution Element ID and Product ID for SAL
Gateway, and click Next.
4. In the Sold To field, type the Avaya Sold To number of the location where you installed
SAL Gateway.
5. Click Next.
6. Click the Register this SAL Gateway to Avaya link.
The system displays the Avaya single sign-on (SSO) webpage in a new browser window.
7. On the SSO webpage, log in using your SSO credentials.
The system displays the Global Registration Tool (GRT) webpage with an XML response.
8. Copy the XML response from the <ART-Response> tag to </ART-Response> tag.
9. On the Registration Wizard window, paste the copied XML response in the text box.

Caution:
While copying and pasting the XML response, ensure the following:
• Do not include the additional XML tag <?xml version="1.0"
encoding="UTF-8" standalone="true"?>.
• Do not miss any XML tags or characters from the XML response.
• Do not include any additional characters to the XML response.
10. Click Next.
The Registration Wizard window displays the generated Solution Element ID and the
Product ID of SAL Gateway.
11. Click Save.
The system saves the SAL Gateway registration information.
12. Click Close.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 28

Comments on this document? infodev@avaya.com
 Editing the SAL Gateway identification information

Related links
Configuring the Solution Element ID of SAL Gateway manually on page 26

Editing the SAL Gateway identification information

About this task
Use this procedure to change the configuration and identification information of SAL Gateway.
If you installed SAL Gateway with the default Solution Element ID, for procedures to administer
the correct ID, see the Administering SAL Gateway Solution Element ID section.
Important:
Do not use the same Solution Element ID to configure two instances of SAL Gateway. Such
configurations can affect proper functioning of the SAL Gatewayservices and might produce
unexpected results.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > Gateway
Properties.
2. On the Gateway Configuration page, click Edit.
3. Make changes in the following fields as required:
• Hostname
• IP Address
• Solution Element ID
• Alarm ID

Note:
To avoid mysterious traffic accidentally being logged by firewalls, ensure that the host
name and IP address are correctly entered. A typographic error, such as avay.com,
can introduce domains that are NOT owned by Avaya.
4. To activate alarm transfer through SAL Gateway, select the Alarm Enabled check box.
5. To activate inventory collection from SAL Gateway, perform the following:
a. Select the Inventory Collection check box.
b. In the Inventory collection frequency field, enter a value to specify the inventory
collection interval.
6. Click Apply.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 29

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Gateway Configuration field descriptions on page 30

Gateway Configuration field descriptions

Name Description
Hostname The host name of SAL Gateway.
You must ensure that the host name fulfils the following
requirements:
• Starts with a letter and ends with either a letter or a digit.
• Has maximum 63 characters.
• Consists only of the characters A to Z, a to z, 0 to 9, and hyphens.
• Does not have blank spaces in between.
Also ensure that SAL Gateway is accessible with the configured host
name.
IP Address The IP address of the host where you installed SAL Gateway. SAL
Gateway takes both IPv4 and IPv6 addresses as input.
Solution Element ID A unique identifier in the format (nnn)nnn-nnnn, where n is a digit
from 0 through 9. Using this ID, Avaya Services or Avaya Partners
can uniquely identify and connect to this SAL Gateway.
You receive this ID after you register SAL Gateway with Avaya.
Alarm ID A unique 10-character ID, also called Product ID, assigned to a
device, for example, this SAL Gateway. The Product ID is included in
alarms that are sent to alarm receivers from the managed device.
Avaya uses the Alarm ID to identify the device that generated the
alarm.
You receive this ID after you register SAL Gateway with Avaya.
Alarm Enabled The check box to enable alarm transfer through SAL Gateway. You
must select this check box for SAL Gateway to send alarms to SAL
Core Server.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 30

Comments on this document? infodev@avaya.com
 Configuring SAL Gateway with a proxy

Name Description
Inventory Collection The check box to enable inventory collection for SAL Gateway. When
this check box is selected, SAL Gateway collects and sends its
inventory information to SAL Core Server at regular interval for Avaya
reference.
Inventory collection frequency The interval in hours at which SAL Gateway collects inventory data.
Inventory The status of the last inventory collection attempt from SAL Gateway.
The status can be:
• Not available: Indicates that the inventory collection option is
disabled for SAL Gateway and no inventory data is collected.
• Last inventory collection attempt failed: Indicates that the last
inventory collection attempt failed.
• A timestamp: Indicates that the last inventory collection attempt
was successful. You can click the timestamp link to view the
inventory report of SAL Gateway.

Related links
Editing the SAL Gateway identification information on page 29

Configuring SAL Gateway with a proxy

About this task
If you use a proxy for Internet access outside the firewall of the customer network, use this
procedure to configure the proxy settings for your SAL Gateway. The proxy configuration is
important to enable secure communication with outside servers, including SAL Core Server and
SAL Remote Server.
Note:
The use of the customer proxy is optional and depends on the local network configuration.
This proxy works the same way a proxy for browsing works. If you have a company proxy in
your web browser, you might require one for configuring SAL Gateway.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > HTTP/
SOCKS Proxy Server.
2. On the HTTP/SOCKS Proxy Server page, click Edit.
3. Select the Use Web Proxy check box.
4. Select one of the following according to the type of the proxy server:
• HTTP
• SOCKS 5

January 2022 Administering Avaya Diagnostic Server SAL Gateway 31

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

5. Complete the following fields:

• Host
• Port
6. (Optional) For an HTTP proxy that requires authentication, complete the following fields:
• Login
• Password
7. In the Test URL field, enter an HTTP URL that is outside the customer domain to test the
SAL Gateway connectivity through the proxy. You can retain the default URL.
8. Click Apply.
9. (Optional) Click Test to test the SAL Gateway connectivity through the proxy to the URL
specified in the Test URL field.
If SAL Gateway establishes the connection through the proxy, the system displays the
website on the default web browser.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
HTTP/SOCKS Proxy Server field descriptions on page 32
Uploading the proxy server certificate to SAL Gateway on page 33

HTTP/SOCKS Proxy Server field descriptions

This page provides you the options to view and update the proxy configuration for SAL Gateway.
The proxy configured on this page is used to secure the communication of SAL Gateway with
applications that are outside the customer network.
Name Description
Use Web Proxy The check box to enable the use of a proxy.
Proxy type The type of the proxy that is used. Options are:
• SOCKS 5
• HTTP
Host The IP address or the host name of the proxy.
Port The port number of the proxy.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 32

Comments on this document? infodev@avaya.com
 Configuring SAL Gateway with a proxy

Name Description
Login The login ID that authenticates you to the proxy. This field is required
only if you configured authentication for your proxy.

Important:
SAL Gateway on System Platform does not support
authentication of proxy.
Password The password associated with the login ID. This field is required only
if you fill the Login field.
Test URL An external HTTP URL to test the connection from SAL Gateway
through the proxy.

Related links
Configuring SAL Gateway with a proxy on page 31

Uploading the proxy server certificate to SAL Gateway

Some proxies use certificate-based authentication where the client, the web browser,
authenticates the proxy server using a PKI certificate. In such scenario SAL Gateway is the client
and needs a certificate to authenticate the proxy server.
Important:
SAL Gateway 3.x does not enforce certificate authentication of the proxy server and functions
even if the certificate is not loaded on SAL Gateway. SAL Gateway 4.0 enforces the
authentication and must have the certificate to authenticate the proxy server. If you use a
certificate-based proxy server:
• Ensure that you have the certificate ready to upload on SAL Gateway 4.0 immediately
after installation.
• Ensure that SAL Gateway 3.x has the proxy certificate before upgrading to SAL Gateway
4.0.
About this task
If you have configured a certificate-based proxy server on SAL Gateway, use this procedure to
add the server certificate of proxy server to SAL Gateway. To establish communication between
the proxy server and SAL Gateway, the server certificate chain must be present in the SAL
Gateway truststore. The server certificate chain might consist of a server certificate, intermediate
CA, and root CA.
Note that this procedure is applicable only if the configured proxy server has a server certificate
associated.
Before you begin
Export the proxy server certificate chain and copy it to the system from where you want to access
SAL Gateway.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 33

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

Procedure
1. Log on to the SAL Gateway user interface.
2. On the main menu, click Security > Certificate Management.
3. On the Certificate Management page, click Upload.
4. Click Browse to locate and select the certificate.
5. Click Upload.
The system uploads the certificate to the truststore of SAL Gateway.
6. Restart the SAL services to apply the new certificate.
Related links
Configuring SAL Gateway with a proxy on page 31

Reviewing SAL Core Server configuration

About this task
Use this procedure to review the settings for communication between SAL Gateway and the SAL
Concentrator Core Server located at Avaya Data Center. SAL Gateway communicates with the
configured SAL Core Server to transfer alarms and inventory information from the managed
devices to Avaya.
Note:
You cannot change the default settings of SAL Core Server.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > Core Server.
The system displays the Core Server page containing the details of SAL Core Server
configured on SAL Gateway.
2. (Optional) To test the connectivity to the defined SAL Core Server, click Test.
Related links
Core Server field descriptions on page 34

Core Server field descriptions

On this page, you can review information relating to SAL Core Server that is located at Avaya
Data Center. SAL Gateway uses this information specified to configure the data transport settings
for alarm transfer and inventory management through SAL Gateway.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 34

Comments on this document? infodev@avaya.com
 Reviewing SAL Remote Server configuration

Important:
SAL Gateway Release 3.0 does not support Core Server of Business Partners. You cannot
change the default values on this page.
Name Description
Platform Qualifier An alphanumeric string to establish a channel for communication
between SAL Gateway and SAL Core Server.
The default platform qualifier is Enterprise-production.
Primary Core Server The fully qualified host name of the SAL Core Server that SAL
Gateway first contacts.
The default value is secure.alarming.avaya.com, which is the
SAL Core Server located at Avaya.
Port The port number of the primary SAL Core Server.
The default port is 443, which is for the SAL Core Server at Avaya.

Button Description
Test Starts the diagnostic tests for connectivity to the defined SAL Core
Server host. The tests, however, do not validate the platform qualifier.

Related links
Reviewing SAL Core Server configuration on page 34

Reviewing SAL Remote Server configuration

About this task
Use this procedure to review the settings for communication between SAL Gateway and SAL
Remote Server. SAL Gateway uses this configuration to provide remote connectivity to support
personnel.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > Remote
Server.
2. (Optional) To test the connectivity to the configured SAL Remote Server, click Test
Primary Server.
Related links
Remote Server field descriptions on page 36

January 2022 Administering Avaya Diagnostic Server SAL Gateway 35

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

Remote Server field descriptions

On this page, you can review the details of SAL Remote Server configured on SAL Gateway. SAL
Gateway communicates with the configured SAL Remote Server to provide remote access to
Avaya products deployed at the customer site.
Important:
You cannot change the default values on this page.
Name Description
Primary Remote Server The host name or IP address of the SAL Remote Server that
requests and facilitates remote access for service personnel.
The default value is remote.sal.avaya.com.
Port The port number of SAL Remote Server.
The default value is 443.
Qualifier A string to establish a channel of communication between SAL
Gateway and SAL Remote Server.

Button Description
Test Connectivity Starts a connectivity test to the defined SAL Remote Server.

Related links
Reviewing SAL Remote Server configuration on page 35

SAL Hosted Concentrator overview

SAL Hosted Concentratorsupports the Business Partners (BP) to remotely troubleshoot the Avaya
devices deployed at the customer site. For troubleshooting, Business Partners needs to view and
receive the service alarms generated by the devices.
SAL Hosted Concentrator helps the Business Partners to view the alarms, monitor the device and
establish remote connection to the device through SAL Gateway for troubleshooting remotely.

Avaya Hosted Configuration for BP field descriptions

On this page, you can review the details of Business Partners configured on SAL Gateway. SAL
Gateway communicates with the configured Business Partners to process remote access
requests.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 36

Comments on this document? infodev@avaya.com
 SAL Hosted Concentrator overview

Important:
You cannot change the default values on this page other than the Business Partners Link Id
allotted for your authorized Avaya Partner.
Note:
After you update the BP Link ID, the BP Name is displayed as Default for 30 first seconds
before displaying the correct BP name.
If Managed Services mode is enabled for SAL Gateway, SAL Hosted Concentrator
configuration is disabled. Log on to SAL Core to disable the Managed Services mode.
Field Name Description
SAL Hosted Concentrator The check box to enable the Business Partners connection to the
Connectivity Enabled Avaya Hosted Server.
SAL Hosted Concentrator Host name of the Avaya Hosted Server for BP that can request and
Server facilitate remote access for service personnel.
Port The port number of the Avaya Hosted Server.
BP Name The Business Partners name is auto populated by the Avaya hosted
server, after verifying the Business Partners name assigned to the
Link ID. If the Link ID is invalid or not configured with SAL Gateway,
this field will be set to the default value and SAL Gateway will not be
accessible by the Business Partners.
BP Link ID The unique identifier assigned to all the authorised Avaya Partners.
Contact Avaya or your Avaya authorised Partner to obtain this Link
ID.
Remote Access Enabled This check box enables the Business Partners to gain Customer
Remote access. The field is read only.
Alarming Enabled This check box enables SAL Gateway to send alarms to Avaya
hosted Concentrator. The field is read only.

Button Description
Edit Makes the fields available for editing.
Test Connectivity Initiates a connectivity test to the defined primary SAL Remote
Server.
Apply Applies the changes made to BP configuration.

Configuring Avaya Hosted Configuration for Business Partners

details
About this task
Use this procedure to configure the SAL Hosted Concentrator details with SAL Gateway.This
configuration is to enable the authorized Business Partner to request remote connection through
SAL Gateway.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 37

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

Note:
• You can only edit the BP Link ID field and SAL Hosted Concentrator Connectivity
Enabled check box on the Avaya Hosted Configuration for Business Partners page. The
other fields are auto populated after communicating with SAL Hosted Concentrator.
• After you update the BP Link ID, the BP Name is displayed as Default for 30 first
seconds before displaying the correct BP name.
• If Managed Services mode is enabled for SAL Gateway, SAL Hosted Concentrator
configuration is disabled. Log on to SAL Core to disable the Managed Services mode.
Before you begin
Contact Avaya or your Authorized Avaya Partner to obtain the Business Partners Link ID.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > Avaya
Hosted Configuration for Business Partners.
2. On the Avaya Hosted Configuration for Business Partners page, click Edit.
3. Select the SAL Hosted Concentrator Connectivity Enabled check box.
4. In the BP Link ID field, enter the Link ID assigned to your Business Partner.
5. Click Apply.
If the Link ID is invalid or not configured with SAL Gateway, the BP Link ID field is set to
the default value. The Business Partners cannot access SAL Gateway for remote
connectivity.
6. (Optional) To verify the connection between the SAL Hosted Concentrator and SAL
Gateway, click Test Connectivity.

SAL Gateway link ID modification

SAL Hosted Concentrator disrupts its communication with SAL Gateway if the SAL Gateway SEID
is already configured with a different link ID.
SAL Hosted Concentrator prevents user from using the same SEID in more than one SAL
Gateway instance.
Example: If SAL Gateway with SEID1 is configured against BP_LinkID1, then SAL Hosted
Concentrator will not allow the same SEID1 to be configured against a different BP_LinkID2.
An error message Another gateway is already configured in the system and is
pointing to different Business Partner is displayed. An email is sent to the
administrators of BP_LinkID2 stating the reason for rejection along with troubleshooting steps to
correct or delete the existing SAL Gateway SEID before using it for a new instance.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 38

Comments on this document? infodev@avaya.com
 Configuring SAL Policy Manager details

Modifying BP Link ID
About this task
Use the following procedure to change a BP link ID for SAL Hosted Concentrator.
Before you begin
Contact Avaya or your Authorized Avaya Partner to obtain the Business Partners Link ID.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > Avaya
Hosted Configuration for Business Partners.
2. On the Avaya Hosted Configuration for Business Partners page, click Edit.
3. In the BP Link ID field, enter 2 and click Apply.
The BP Link ID field is set to default.
4. Click Edit again and enter the correct BP Link ID that you want to associate with the SAL
Gateway.
5. Click Apply.
The correct BP name is displayed against the BP Name field along with the new Link ID.
6. (Optional) To verify the connection, click Test Connectivity.

Configuring SAL Policy Manager details

About this task
Use this procedure to configure SAL Gateway to communicate with SAL Policy Manager to further
control and monitor remote access sessions on Avaya devices on your network.
Through SAL Policy Manager with SSH Proxy, you can define policies for every access request
coming from SAL Remote Server to the devices managed by SAL Gateway. For more information
about SAL Policy Manager, see Administering SAL Policy Manager with SSH Proxy and Deploying
SAL Policy Manager with SSH Proxy.
SAL Policy Manager is optional.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > Policy
Manager.
2. On the Policy Manager page, click Edit.
3. Select the Use a Policy Manager check box to enable the use of SAL Policy Manager.
4. In the Server field, type the FQDN of SAL Policy Manager.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 39

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

5. In the Port field, enter the port number that SAL Policy Manager uses for inbound traffic
from SAL Gateway.
6. (Optional) To verify the connection to the configured SAL Policy Manager, click Test.
7. Click Apply.
Next steps
Through the SAL Gateway user interface, upload the server certificate of SAL Policy Manager.
This certificate is exported from SAL Policy Manager, to the truststore of SAL Gateway. Fore more
information, see the related links.
For information about exporting the server certificate from Policy Manager, see Deploying SAL
Policy Manager with SSH Proxy.
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Policy Manager field descriptions on page 40
Uploading a certificate to SAL Gateway on page 109

Policy Manager field descriptions

The page provides you the ability to view and update the details of SAL Policy Manager. SAL
Gateway communicates with the configured SAL Policy Manager to determine the policy for every
remote access request that comes from Avaya or authorized BusinessPartner.
Name Description
Use a Policy Manager The check box to enable the use of SAL Policy Manager to determine
the policy for the remote access requests that come through SAL
Remote Server.
Server The FQDN of SAL Policy Manager.
Port The port number that SAL Policy Manager uses for inbound
communication from SAL Gateway. The default port is 8877.
This port is for the server process of SAL Policy Manager and not the
port for the SAL Policy Manager user interface. The port number is
configured at the installation time of SAL Policy Manager. If a
different port number is configured during installation, ensure to enter
that port number in place of the default port.

Button Description
Test Initiates a connectivity test to the configured SAL Policy Manager.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 40

Comments on this document? infodev@avaya.com
 Configuring SMTP server details

Button Description
Edit Makes the fields available for editing.
Apply Applies the changes made to the SAL Policy Manager configuration.

Related links
Configuring SAL Policy Manager details on page 39

Configuring SMTP server details

About this task
Use this procedure to modify the Simple Mail Transfer Protocol (SMTP) server details that SAL
Gateway uses to send email notifications. On the configured mailbox, your system administrator
receives email notifications about the download and implementation status of models, certificates,
and software updates. You also receive notifications about backup failures on the configured
mailbox.
Important:
For the Automatic Software Update feature to notify you of new software releases and the
software download and installation statuses, correct SMTP details are must. If you see the
SMTP Configuration page instead of the Managed Elements page immediately after you log
on to the SAL Gateway user interface, the configured SMTP details are incomplete or not in
the required format. You also see a message that the SMTP configuration is incomplete. The
SAL Gateway user interface restricts your access to any other pages on the user interface.
You must update the SMTP configuration with correct details before you can navigate to other
pages on the user interface. After you apply the correct SMTP details, if the Automatic
Software Update feature was disabled on SAL Gateway, the feature is enabled automatically
and a message is displayed. If required, you can disable the feature later on the Automatic
Software Upgrade page.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > SMTP
Configuration.
2. On the SMTP Configuration page, click Edit.
3. In the Host Name / IP Address field, enter the host name or the IP address of the SMTP
server.
4. In the Port field, enter the port number of the SMTP server.
5. Select an option from the Encryption Method field.

Note:
• If you select an incorrect encryption method, the configuration is interrupted and the
system displays an error.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 41

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

• If system displays an error for TLS or SSL certificates, import the certificates from
Certificate Mangement or Import Client Certificate page.
6. (Optional) If the SMTP server requires authentication, perform the following steps:
a. In the Username field, enter the user name for SMTP server authentication.
b. In the Password field, enter the password of the user who is to be authenticated.
If the SMTP server does not require authentication, leave the Username and Password
field empty.
7. In the Administrator’s Email Address field, enter the administrator email address where
you want to receive email notifications.
8. (Optional) In the Secondary Email Address field, enter a secondary email address
where you want to receive email notifications.
9. (Optional) To send a test email to the configured email addresses, click Send Test Mail.

Note:
If you do not receive the test email in the mailbox of the configured email address,
recheck the SMTP details you entered.
10. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
SMTP Configuration field descriptions on page 42

SMTP Configuration field descriptions

On this page, you can review and configure the details of a Simple Mail Transfer Protocol (SMTP)
mail server. This configuration enables email notifications to be sent to the system administrator
about download and implementation status of models, certificates, and software updates to be
sent your system administrator.
Name Description
Host Name/ IP Address The host name or the IP address of the SMTP server.
SAL Gateway takes both IPv4 and IPv6 addresses as input.
Port The port number of the SMTP server.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 42

Comments on this document? infodev@avaya.com
 NMS server configuration

Name Description
Encryption Method The method of encryption for SMTP server. The options are:
• None
• STARTTLS
• SSL/TLS
Username The name of the user to be authenticated.
The field is mandatory only when the SMTP server is configured to
authenticate users.
Password The password of the user to be authenticated.
The field is optional but mandatory when you enter a user name for
authentication.
Administrator’s Email Address The administrator email address where you want to receive email
notifications.
Secondary Email Address A secondary email address to receive email notifications. This field is
optional.

Button Description
Edit Makes the fields available for modification in an existing SMTP
Configuration,.
Send Test Mail Sends a Test mail to Administrator's email ID.
Apply Applies the changes made to the SMTP Configuration.

Related links
Configuring SMTP server details on page 41

NMS server configuration

NMS server as a trap receiver

You can configure SAL Gateway to forward SNMP traps that it receives from managed products to
the local Network Management System (NMS) servers. Customer service personnel can monitor
the traps forwarded to the NMS and service the devices accordingly. However, a customer NMS
does not forward any traps that it receives from SAL Gateway to Secure Access Concentrator
Core Server. SAL Gateway forwards the traps received from managed devices directly to Secure
Access Concentrator Core Server.
You can add more than one NMS as SNMP trap destinations.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 43

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

Note:
The iptables of SAL Gateway require modification to support SNMP get queries from the
NMS. You must open port 161. For more information about configuring the firewall to open
port 161, see Deploying Avaya Diagnostic Server and Secure Access Link Gateway Port
Matrix.

Configuring NMS
About this task
Use this procedure to specify a customer NMS as a SNMP trap destination for SAL Gateway.
When you configure an NMS, SAL Gateway sends SNMP traps and alarms to each NMS that you
configure.
You can configure to send either SNMP v2c or v3 traps to the NMSs. You cannot send v2c traps to
one and v3 traps to another NMS.
Note:
SNMP v3 is more secure than v2c. If your NMS supports v3, select v3.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > NMS
Configuration.
2. On the Network Management Systems page, select one of the following two SNMP
versions for the NMS:
• v2c
• v3
The options are available for selection only when no NMS is already added to SAL
Gateway. If an NMS is already added, you cannot change the option. The SNMP version
for the next NMSs that you want to add must be the same as the first NMS added.
3. Click Add.
4. In the Add SNMP Details window, complete the following fields:
• NMS Host Name/IP Address
• Trap Port
5. For a v2c NMS, in the Community field, enter the community string of the NMS server.
6. For a v3 NMS, complete the following additional fields:
• UserName
• Priv Protocol
• Priv Password
• Auth Protocol

January 2022 Administering Avaya Diagnostic Server SAL Gateway 44

Comments on this document? infodev@avaya.com
 NMS server configuration

• Auth Password
7. Click Apply.
The details of the newly added NMS is displayed on the Network Management Systems
page.
8. (Optional) To add multiple NMSs, click Add, and repeat Step 4 to Step 7.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Network Management Systems field descriptions on page 45

Network Management Systems field descriptions

On this page, you can configure the details of customer NMS servers as alarm destinations. SAL
Gateway sends alarms to the NMS servers specified here.
Name Description
v2c The option to indicate that NMS servers are configured to listen to
v2c traps.
SNMP v2c uses an approach based on a community string to prevent
unauthorized access, but transfers data in plain text.

Note:
After you add the first NMS, the system disables the options to
select an SNMP version. To change the SNMP version, you
must delete all entries for the existing NMS, and apply the
changes.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 45

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

Name Description
v3 The option to indicate that NMS servers are configured to listen to v3
traps.
SNMP v3 provides authorized, authenticated, and encrypted
communication.

Important:
When you add v3 NMS servers, ensure that the SNMP master
agent service, snmpd, is running so that the v3 traps can reach
the NMS locations successfully. If the service is not running
when you add v3 NMS servers, ensure that after applying the
changes, you first start the snmpd service and then restart the
SAL Agent service.

Note:
After you add the first NMS, the system disables the options to
select an SNMP version. To change the SNMP version, you
must delete all entries for the existing NMS, and apply the
changes.
NMS Host Name/IP Address The IP address or host name of the NMS server.

Caution:
Do not enter localhost or 127.0.0.1 as an NMS location. If
you add localhost as an NMS location, SAL Gateway
forwards all traps coming from managed devices to itself as a
trap destination. After receiving the forwarded traps, SAL
Gateway processes the traps and again forwards the traps to
itself. As a result of this action, the traps go into a loop.
Trap port The port number that the NMS server uses to receive to SNMP traps.

Note:
The iptables of SAL Gateway require modification to support
SNMP get queries from the NMS. You must ensure that port 161
on the Linux host is open. For more information about firewall
configuration to open port 161, see Deploying Avaya Diagnostic
Server.
Community The community string that the SNMP entity of the NMS server uses
for authentication.
This field is available only for the v2c NMS configuration.
Username The user name configured for the SNMP entity of the NMS.
This field is available only when you select v3.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 46

Comments on this document? infodev@avaya.com
 NMS server configuration

Name Description
Priv Protocol The private authentication protocol configured for the SNMP entity of
the NMS.
This field is available only when you select v3.
The supported options are:
• DES: Data Encryption Standard, a cryptographic block cipher.
• AES 128: Advanced Encryption Standard 128.
• AES 192: Advanced Encryption Standard 192.
• AES 256: Advanced Encryption Standard 256.

Note:
SAL Gateway supports HP Open View (HPOV) NMSs. This
support extends to both SNMP v2 and v3 traps. However, as
HPOV does not support AES, you must configure DES to send
SNMP v3 traps to HPOV. However, the US government NIST
organization does not recommend DES to be used for security.
If you have questions, contact your network security
administrator.
Priv Password The password configured for the private protocol that the SNMP
entity of the NMS uses.
This field is available only when you selected v3.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 47

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

Name Description
Auth Protocol The authentication protocol configured for the SNMP entity of the
NMS.
This field is available only if you select v3.
The supported options are as follows:
• MD5: The MD5 hash, also known as the checksum for a file, is a
128-bit value, something like a fingerprint of the file. This feature
can be useful both for comparing files and for their integrity control.

Note:
The US government NIST organization does not recommend
MD5 to be used. If your NMS supports other options, do not
use this option.
• SHA: Secure Hash Algorithm (SHA) is a simple program that
hashes files. SHA is useful for file integrity checking. The supported
options are:
- SHA
- SHA 224
- SHA 256
- SHA 384
- SHA 512
Auth Password The password configured for the authentication protocol that the
SNMP entity of the NMS uses.
This field is available only if you select v3.
You must follow your company policies on password strength or
contact your NMS administrator if needed.

Button Description
Add Displays the Add SNMP Details window, where you can enter the
details of the NMS that you want to add.
Delete Deletes the details of the selected NMS from SAL Gateway.
Edit Displays the details of the selected NMS in the Add SNMP Details
window for modification.

Related links
Configuring NMS on page 44
Editing the details of an NMS on page 49
Deleting an NMS record on page 50
Adding an NMS on page 49

January 2022 Administering Avaya Diagnostic Server SAL Gateway 48

Comments on this document? infodev@avaya.com
 NMS server configuration

Editing the details of an NMS

Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > NMS
Configuration.
2. On the Network Management Systems page, select the check box next to the NMS you
want to edit, and click Edit.
3. In the Add SNMP Details window, make the required changes to the details.
4. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Network Management Systems field descriptions on page 45

Adding an NMS
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > NMS
Configuration.
2. On the Network Management Systems page, click Add.
3. In the Add SNMP Details window, enter the SNMP details of the additional NMS.
4. Click Apply.
Next steps
For the configuration changes to take effect, restart the SAL Gateway services through the Apply
Configuration Changes page.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Network Management Systems field descriptions on page 45

January 2022 Administering Avaya Diagnostic Server SAL Gateway 49

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

Deleting an NMS record

About this task
Use this procedure to remove an NMS as an SNMP trap destination for SAL Gateway.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > NMS
Configuration.
2. On the Network Management Systems page, select the check box next to the NMS
configuration you want to delete.
3. Click Delete.
The system deletes the selected row from the NMS details table.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Network Management Systems field descriptions on page 45

Configuring the SNMP subagent

About this task
The SAL SNMP subagent functions with a customer-provided SNMP master agent to implement
the SNMP capability. The subagent needs the host name or IP address, and the port number of
the SNMP master agent to register itself with the master agent. It uses the Agent Extensibility
(Agent X) protocol to communicate with the master agent.
Use this procedure to configure the SNMP master agent details on SAL Gateway.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > SNMP
Subagent Configuration.
2. On the SNMP SubAgent Configuration page, click Edit.
3. In the Master Agent Host field, type the host name of the SNMP master agent with which
the SNMP subagent must connect.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 50

Comments on this document? infodev@avaya.com
 Applying configuration changes

4. In the Master Agent AgentX Port field, type the AgentX listener port number of the SNMP
master agent.
You must enter values in both fields.
5. Click Apply.

Important:
Any changes to the SNMP configuration require an SNMP subagent restart because
the SNMP subagent needs to reconnect to the SNMP master agent after every
configuration change. A restart reconnects both the SNMP agents.
Related links
SNMP SubAgent Configuration field descriptions on page 51

SNMP SubAgent Configuration field descriptions

SAL Gateway uses an SNMP subagent to implement a very small set of SNMP core functions, for
example, support for SAL-specific application Management information base (MIB) and a set of
SAL-specific traps. On this page, you can configure the SNMP Master Agent details with which the
SNMP subagent functions to implement the SNMP capability of SAL Gateway.
Name Description
Master Agent Host The host name of the SNMP master agent with which the SNMP
subagent requires to connect.
An entry for this field is mandatory.
Master Agent AgentX Port The AgentX listener port number of the SNMP master agent.
An entry for the field is mandatory.

Related links
Configuring the SNMP subagent on page 50

Applying configuration changes

About this task
You might have made changes to configurations related to SAL servers, agents, and managed
elements. To make these changes known to SAL Enterprise Servers at Avaya, you must apply the
configuration changes using the SAL Gateway user interface option. The changes that you have
made take effect only if you apply the configuration changes. When you apply the configuration
changes, the system restarts the SAL Gateway services.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 51

Comments on this document? infodev@avaya.com
Administering SAL Gateway configurations

Note:
Restarting the SAL Gateway services terminates all connections and might result in SNMP
traps being missed. To minimize disruption of services and alarms, Avaya recommends that
you apply configuration changes only after you finish all the configuration of SAL Gateway.
Procedure
1. Do one of the following:
• On the main menu of the SAL Gateway user interface, click Advanced > Apply
Configuration Changes.
• At the top of the SAL Gateway page where you currently are, click the Restart the SAL
Agent and Gateway UI services to apply configuration changes link.
2. On the Apply Configuration Changes page, click Apply.
The system restarts the SAL Gateway services and updates SAL Gateway with the new
values you configured. Some changes might require the restart of the SAL Gateway UI
service. In such cases, all open SAL Gateway web sessions are disconnected. You can log
on to the SAL Gateway web interface again after a few minutes.
If no configuration changes are found, the page displays the following message:
There are no configuration changes to be applied.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 52

Comments on this document? infodev@avaya.com
Chapter 5: Administering managed
elements

Managed element configuration

To use SAL Gateway for alarm transfer and remote connectivity between Avaya and Avaya
devices on the customer network, you must add the devices as managed elements to SAL
Gateway. After you configure devices on the SAL Gateway UI as managed elements, Avaya
support personnel can access the devices through SAL Gateway for troubleshooting purpose.
Note:
Adding a product as a managed element to SAL Gateway does not change the existing
connectivity method that Avaya has established for the product. However, a device must use
the same access method for functions such as alarm transfer and remote access. For
example, a device cannot use modem access for remote service and SAL access for
inventory.
To use SAL Gateway effectively for remote support of the managed elements, you must ensure
the following while administering a device on SAL Gateway:
• The managed elements are registered with Avaya for remote support through SAL. If not, you
can register the managed elements or update the registration records of the managed
elements through Global Registration Tool (GRT). During the technical onboarding of the
managed elements in GRT, select the access type as SAL. After the technical onboarding,
Avaya remotely connects and services the devices using SAL Gateway instead of any
previously established method, such as the modem-based access method.
See Technical Onboarding Help Document at https://support.avaya.com/registration.
• For alarm transfer through SAL Gateway, the managed element is configured to send alarms
as SNMP traps to the IP address or host name of SAL Gateway at port 162. See your
product documentation for the procedure to specify SAL Gateway as an SNMP trap
destination for your product.
Depending on the deployment environment, the maximum number of managed elements that SAL
Gateway can support differs. After you reach the maximum limit, you cannot add or import a new
managed element to SAL Gateway.
SAL Gateway is the first managed element in the list of managed elements you add to SAL
Gateway.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 53

Comments on this document? infodev@avaya.com
Administering managed elements

For the Flex supported devices, ensure you have obtained the following:
• Cluster Control Manager – FQDN
• Common Services Platform – FQDN and Cluster ID
• Avaya Analytics – FQDN, Cluster ID, and Product Instance ID
Note:
Avaya advises to add Cluster Control Manager and Common Services Platform, before adding
Avaya Analytics as a managed element.
Similarly, Avaya advises to add Cluster Control Manager before adding Common Services
Platform as a managed element.
Avaya recommends you to deploy Flex supported products over full-scale SAL Gateway
deployments only. However, SAL Gateway does not restrict you from adding the Flex supported
products over lower-scale deployments too.

Adding a managed element to SAL Gateway

About this task
Use this procedure to add an Avaya product as a managed element to SAL Gateway. SAL
Gateway provides alarm transfer and remote access support to devices that you add as managed
elements to SAL Gateway.
Note:
If you reach the maximum number of managed elements that SAL Gateway can support, you
cannot add or import a new managed element to SAL Gateway.
Note:
If Managed Services mode is enabled for SAL Gateway, the alarms from all the devices will be
diverted to Avaya Managed Services platform and will not reach SAL Core. To disable
Managed Services mode, log on to SAL Core.
Before you begin
Before adding a product as a managed element to SAL Gateway, ensure that you have the
following information:
• Solution Element ID or CI name and Product ID assigned to the product. You receive these
IDs from Avaya when you register the product with Avaya.
• IP address and host name of the product.
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > View/Search.
2. On the Managed Element page, click Add New.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 54

Comments on this document? infodev@avaya.com
 Managed element configuration

3. On the Managed Element Configuration page, in the Solution Element ID or CI Name

field, type the Solution Element ID of the device that you want to add as a managed
element. If you want to add a new third party device, type the CI name.
The format to enter the SEID is (NNN)NNN-NNNN, where N is a digit from 0 to 9.

Note:
When you register a device using GRT for support through SAL, the details of the
device become available to the SAL Gateway instances present in your network. When
you enter a Solution Element ID for which the device information is available to SAL
Gateway, SAL Gateway automatically populates additional information, such as SAL
model, product type, and product ID, in the respective fields.
4. Perform the following to select the applicable model for the product:
a. In the Model field, click the model that is applicable to the product.
If SAL Gateway automatically populates the Model and the Product fields after you
provide the Solution Element ID, the fields become read only.
The system displays the Product field in accordance with the selected model.
b. (Optional) To view the applicable products under a selected model, click Show
model applicability.
The applicable products of the selected model are displayed in a new window.
c. In the Product field, click an appropriate option from the list of supported product
versions.
5. In the Product ID field, type the product ID or the alarm ID of the device.
If SAL Gateway automatically populates this field after you provide the Solution Element
ID, the field becomes read only.

Caution:
Exercise caution when you enter the product ID of a device.
6. For non-Flex product, complete the following fields for the product that you want to add:
• Host Name
• IP Address
7. For Cluster Control Manager, enter the FQDN.
8. For Common Service Platform, complete the following fields:
• FQDN
• ClusterID
9. For Avaya Analytics, complete the following fields:
• FQDN
• ClusterID

January 2022 Administering Avaya Diagnostic Server SAL Gateway 55

Comments on this document? infodev@avaya.com
Administering managed elements

• ProductInstanceID
10. If the device is under managed services offer, select the Is this device under managed
services offer? check box.

Note:
System displays Is this device under managed services offer? check box, only if
the SAL Gateway is under managed services offer.
11. To provide Avaya the ability to connect to the managed element remotely, select the
Provide remote access to this device check box.
12. To enable alarm transfer from the managed element through SAL Gateway, select the
Transport alarms from this device check box.
If the model you select does not support alarm transfer, the Transport alarms from this
device check box is unavailable for selection.
13. To enable inventory collection from this managed element through SAL Gateway, perform
the following:
a. Select the Collect inventory for this device check box.
b. In the Inventory collection frequency field, enter the interval for inventory collection.
14. Click Add.
SAL Gateway adds the device as a managed element.
If you enabled inventory collection for the managed element, the system displays the
Inventory support page. On this page, you can add or edit the credentials to be used for
inventory collection.
Next steps
If you enabled inventory collection for the managed element, add the credentials to be used for
inventory collection on the Inventory support page.
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Managed Element Configuration field descriptions on page 59
Managed Element field descriptions on page 57
Inventory support field descriptions on page 82

January 2022 Administering Avaya Diagnostic Server SAL Gateway 56

Comments on this document? infodev@avaya.com
 Managed element configuration

Managed Element field descriptions

By default, the Managed Element page is the landing page when you log on to the SAL Gateway
UI. This page displays the details of the devices you have added to SAL Gateway as managed
elements to provide remote access, alarm transfer, and inventory services.
The page contains two sections:
• Search Managed Elements: Provides fields to filter the list of managed devices.
• Managed Elements table: Lists the managed devices added to SAL Gateway.
The SAL Agent and Managed Services Agent status is displayed on the top of the Search
Managed Elements section.
Search Managed Elements section
Name Description
Exact The option to indicate that you want to search for the devices that
match the exact values entered as the search criteria in the fields.
Contains The option to indicate that you want to search for the devices with
configuration information that contains the string that you enter in the
adjacent text box.
When you select this option, the text box beside the option becomes
available and the other search fields become read only.
Host name The host name of the managed device that you want to search.
IP Address The IP address of the managed device that you want to search.
Solution Element ID or CI Name The Solution Element ID or CI name of the managed device that you
want to search.

Note:
If SAL Gateway is not running in Managed Services mode then
the field name is displayed as Solution Element ID.
Product ID The product ID of the managed device that you want to search.
Model The model applied to the managed devices that you want to filter.
Offer The services offer for the device. The options are:
• Maintenance
• Managed
This search filter is enabled only if SAL Gateway is under managed
services offer.

Button Description
Search Retrieves managed devices that match the search criteria that you
define, and displays the details of the managed devices in a tabular
format.
Clear Search Clears the values entered as search criteria.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 57

Comments on this document? infodev@avaya.com
Administering managed elements

Managed Elements table

Name Description
All The check box to select the managed element for deletion or data
export.
Host Name The host name of the managed element.
You can click the host name link to view and edit the configuration of
the managed element.
SEID/CI Name The unique identifier assigned to the device when the device is
registered with Avaya. SAL Gateway uses the Solution Element ID
value to identify Avaya managed device and CI name to identify third
party devices to provide remote access facility.
The SEID is in the (nnn)nnn-nnnn format, where n is a digit in the
range 0 through 9. The CI name has 256 alpha numeric characters
but the system displays first 15 characters only. If you want to see
the complete CI name, hover the mouse over the displayed CI name.
ProductID The unique 10-character ID, also known as Alarm ID, assigned to
the managed device.
The Product ID is included in alarms that are sent to alarm receivers
from the managed device. The Product ID identifies the device that
generates the alarms.
The Product ID for third party devices is displayed as NA.
Model The model applied to the managed device.
A model is a collection of the remote access, alarm transfer,
inventory, and other configurations that define how SAL Gateway
provides services to a particular set of managed devices.
IP Address The IP address of a managed device.
Alarm The status of the alarm transfer facility for the device. The field
indicates whether SAL Gateway processes and transfers alarms
from the device.
Remote Access The remote access support status of the device. The field indicates
whether SAL Gateway supports remote access to the device.
FL Num The Functional Location (FL) number that identifies the location of
the registered devices.
When you select a particular functional location, the page displays
the registered devices that are available at the selected location.
Offer The services offer for the device. The options are:
• Maintenance
• Managed
This property is displayed only if the SAL Gateway is under
managed services offer.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 58

Comments on this document? infodev@avaya.com
 Managed element configuration

Button Description
Delete Deletes the record of the selected managed elements from SAL
Gateway.
Export Exports the data related to the managed elements in the comma
separated values (.csv) format to the local computer.
Import Imports device data from a .csv file and adds the devices as
managed elements to SAL Gateway.
Add new Displays the Managed Element Configuration page, where you can
enter the details of a device to add it as a managed element to SAL
Gateway.
Print Sends the details of the managed elements to a printer.

Related links
Adding a managed element to SAL Gateway on page 54
Editing the configuration of a managed element on page 62
Deleting the record of a managed element on page 63
Exporting managed element data on page 63
Importing managed elements to SAL Gateway on page 64

Managed Element Configuration field descriptions

SAL Gateway provides alarm transfer and remote access support to devices that you add as
managed elements to SAL Gateway. You can use the Managed Element Configuration page to
add and edit managed elements.
Name Description
Solution Element ID The Solution Element ID of the device in the format (NNN)NNN-
NNNN, where N is a digit from 0 through 9. You receive this ID when
you register the device with Avaya.
Using the Solution Element ID, Avaya Services or Avaya Partners
can uniquely identify and connect to the managed device remotely.
When you enter a Solution Element ID for which the device
information is available to SAL Gateway, SAL Gateway automatically
populates additional fields, such as Product ID and SAL model.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 59

Comments on this document? infodev@avaya.com
Administering managed elements

Name Description
CI Name CI Name is a 256 characters unique identifier assigned by Avaya to
a third party device that is managed by SAL Gateway. This field is
displayed only if SAL Gateway supports third party devices (APCS
offer).
The format for CI Name is: ipo-
svr.125_vapour_avonside.bt_acss_wolverhampton.btw
Where,
• ipo-svr is the type of device or model.
• 125_vapour_avonside is the device identifier or hostname.
• bt_acss_wolverhampton is the location or site name.
• btw is the short name or nickname of the company.
Model The model that is applicable to the managed device. It also includes
Flex supported models.
A model is a collection of remote access, alarm transfer, inventory,
and other configuration rules that define how SAL Gateway provides
services to a particular set of managed devices.
The Flex supported models are:
• Cluster Control Manager
• Common Services Platform
• Avaya Analytics
If SAL Gateway automatically populates the Model and the Product
fields after you provide the Solution Element ID, the fields become
read only.
Product The product version that the selected model supports.
A model can have more than one version of inventory or alarming
rules to support variations between products. If the selected model
has multiple alarm or inventory rules associated with a version, then
you must select a product version from the set of supported versions
available in the Product field.
If SAL Gateway automatically populates the Model and the Product
fields after you provide the Solution Element ID, the fields become
read only.
Product ID The unique 10-character ID, also known as Alarm ID, assigned to the
device.
The Product ID is included in alarms that are sent to alarm receivers
from the managed device. The Product ID identifies the device that
generates the alarms.
If SAL Gateway automatically populates this field after you provide
the Solution Element ID, the field is read only.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 60

Comments on this document? infodev@avaya.com
 Managed element configuration

Name Description
FQDN The Fully Quallified Domain Name for Cluster Control Manager that
identifies the host name of the device that you want to add as a
managed element. This field is displayed for Flex supported models.
ClusterID Identifier for each deployment of Flex cluster. This field is displayed
for the following Flex supported models:
• Common Services Platform
• Avaya Analytics
ProductInstanceID The identifier for an instance of the product deployed within Flex
platform.
The product may have many independent instances running in Flex
platform, the product instance ID uniquely identifies the product (and
its services).
This field is displayed for Avaya Analytics.
IP address The IP address of the device. This field is not displayed for Flex
supported models.
SAL Gateway takes both IPv4 and IPv6 addresses as input.
Host Name The host name of the device that you want to add as a managed
element. This field is not displayed for Flex supported models.
Is this device under managed The check box to select if the device is under managed services
services offer? offer. This option is available only if SAL Gateway is under managed
services offer.
Provide Remote Access to this The check box to enable remote connectivity to the managed device.
device
Transport alarms from this The check box to enable SAL Gateway to accept and forward alarms
device from this managed device to Avaya and other Network Management
Systems (NMS).
If the model you select does not support alarming, this check box is
unavailable for selection.
Collect Inventory for this device The check box to enable inventory collection from the managed
device through SAL Gateway.
When this check box is selected, SAL Gateway collects inventory
information about the managed device and sends the information to
Avaya. This feature is to aid services personnel working on tickets
who requires to review the configuration details of managed devices.
If the model you select does not support inventory collection, this
check box is unavailable for selection.
Inventory collection frequency The interval in hours at which SAL Gateway collects inventory
information about the managed device.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 61

Comments on this document? infodev@avaya.com
Administering managed elements

Name Description
Inventory The status of the last inventory collection attempt from the device.
The ready-only field indicates whether inventory information has
been collected from the device.
The status can be:
• Not available: Indicates that the inventory collection option is
disabled for the device and no inventory data is collected.
• Last inventory collection attempt failed: Indicates that the last
inventory collection attempt failed.
• A timestamp: Indicates that the last inventory collection attempt
was successful. You can click the timestamp link to view the
inventory report of the device.

Editing the configuration of a managed element

Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > View/Search.
2. On the Managed Element page, in the Search Managed Elements section, use the fields to
filter the list of managed elements.
3. From the list of managed elements, click the Host Name of the managed element that you
want to edit.
4. On the Managed Element Configuration page, click Edit.
The system displays the Managed Element Configuration page that you can edit.
5. Make the required changes to the field values.
6. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Managed Element Configuration field descriptions on page 59

January 2022 Administering Avaya Diagnostic Server SAL Gateway 62

Comments on this document? infodev@avaya.com
 Managed element configuration

Deleting the record of a managed element

Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > View/Search.
2. On the Managed Element page, select the check box next to the managed element you
want to delete.
You can use the fields in the Search Managed Elements section to filter the list of managed
elements.
3. Click Delete.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.

Exporting managed element data

About this task
You can export the managed element data configured on SAL Gateway to your local system. You
can import the exported data to a different SAL Gateway, for example, when setting up a second
SAL Gateway for redundancy.
The export functionality is supported on SAL Gateway release 2.x onwards. You can import data
exported from SAL Gateway 3.3 to SAL Gateway release 4.0.
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > View/Search.
2. On the Managed Element page, click Export.
The system exports the data related to the managed elements to a comma separated
values (.csv) file.
3. Save the .csv file to a folder on your local computer.
You can open the .csv file using Microsoft Excel.
The .csv file contains the following details about the managed elements:
• Host Name
• Solution Element ID

January 2022 Administering Avaya Diagnostic Server SAL Gateway 63

Comments on this document? infodev@avaya.com
Administering managed elements

• Model
• IP Address
• Remote Access
• Product ID
• Alarm Flag
• Last Inventory
• Inventory Collection Hours
• Attribute1
• Attribute2
• UserName
• EngineId
• Auth Protocol
• Auth Password
• Priv Protocol
• Priv Password
• Offer
• FL Number

Note:
FL Number is retrieved only for the SEIDs that are registered with Avaya and managed
by SAL Gateway.
Attribute1 and Attribute2 are ClusterID and ProductInstanceID respectively.
The following configuration details related to the managed elements are not exported to
the .csv file:
• Inventory collection enablement configuration.
• Device credentials configured for inventory collection, if any.
CI Name for third party devices is displayed in the SEID column.

Importing managed elements to SAL Gateway

About this task
You can use a comma separated values (.csv) file that contains the configuration data of managed
elements to import the managed elements to SAL Gateway.
The import functionality is supported on SAL Gateway release 2.x onwards. You can import data
exported from SAL Gateway 3.3 to SAL Gateway 4.0.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 64

Comments on this document? infodev@avaya.com
 Managed element configuration

You can export the configuration data of managed elements from one SAL Gateway instance and
import the data to another SAL Gateway instance. For example, when setting up a second SAL
Gateway for redundancy, you can import the data exported from the first SAL Gateway to the
second one. You can also import the .csv file to the same SAL Gateway to retrieve the managed
element configurations. You can import the exported .csv file data as it is or, if required, you can
modify, delete, or add entries in the file.
Note:
If SAL Gateway is under maintenance offer, then only the devices under the maintenance offer
are imported.
If SAL Gateway is under managed services offer, then the devices under both, maintenance
and managed services offer are imported.
Before you begin
Ensure the following:
• The .csv file, which contains the information of the devices you want to import, is available on
the system from where you are accessing SAL Gateway.
• The device information in the .csv file are correct and complete. SAL Gateway does not
import the devices with incomplete or incorrect information.
You can open and edit the .csv file using Microsoft Excel. The .csv file contains the following
details about the devices:
- Host Name
- Solution Element ID
- Model
- IP Address
- Remote Access
- Product ID
- Alarm Flag
- Last Inventory
- Inventory Collection Hours
- Attribute1
- Attribute2
- UserName
- EngineId
- Auth Protocol
- Auth Password
- Priv Protocol
- Priv Password
- Offer

January 2022 Administering Avaya Diagnostic Server SAL Gateway 65

Comments on this document? infodev@avaya.com
Administering managed elements

- FL Number
Import of devices using the .csv file does not import the following configuration details related to
the devices:
• Inventory collection enablement flag.
• Device credentials for inventory collection.
• The product type when the model supports more than one products and the product is not
the default product for that model.
Include the CI Name for third party devices in the SEID column.
After the import operation, you must therefore verify the configurations of the devices. Wherever
required, make the necessary changes to the mentioned configurations from the respective pages
on the user interface.
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > View/Search.
2. On the Managed Element page, click Import.
3. In the Import CSV File window, click Browse to locate and select the .csv file that you want
to import.
4. Click Upload.
The window displays the number of devices to be imported and their Solution Element IDs.
If the file contains some incorrect or incomplete device information, an error summary
report is displayed for those Solution Element IDs. SAL Gateway does not import the
devices with incomplete or incorrect information.
5. (Optional) For the Solution Element IDs with error messages, correct the information in
the .csv file and upload the file again.
6. Click Apply.
The devices that pass the validation checks are imported to SAL Gateway as managed
elements.
If the .csv file contains the Solution Element ID of SAL Gateway and its configuration
details in the file are different from the existing configuration, those changes are not
applied. To change the SAL Gateway configuration, you can navigate to the Gateway
Configuration page. If the file contains a record of any other SAL Gateway instance, then
that record is not imported.
7. Verify the configuration details of the imported managed elements, and do the following as
required:
a. (Optional) If the model associated with an imported device supports multiple
products, ensure that the correct product type is selected for that managed element.
When the model supports multiple products, the device is added to SAL Gateway with
the default product for that model. For example, if the model assigned to the device is
CM_Media_Server_<version>, this model supports more than one product. When
imported, the device is added as CM Media Server, which is the default product for

January 2022 Administering Avaya Diagnostic Server SAL Gateway 66

Comments on this document? infodev@avaya.com
 Device SNMP v3 configuration

the model. Edit the configuration of such managed devices to select the correct
product.
b. (Optional) Wherever required, make the configuration changes related to SNMP v3,
inventory collection, and device credentials for inventory collection.

Device SNMP v3 configuration

Configuring SNMP v3 credentials of managed element

About this task
For a managed element, the default configuration for sending alarm to SAL Gateway is SNMP
v2c. When a device is added to SAL Gateway, SAL Gateway configures itself as an SNMP trap
destination of the device. Use this procedure to enable a managed element to send SNMP v3
traps as alarms to SAL Gateway.
Important:
• The SNMP v3 credentials you configure on SAL Gateway must tally with the values
configured on the managed element for sending SNMP v3 traps to SAL Gateway. Also,
ensure that the user name entered for receiving v3 traps from a managed element does
not match the user name entered for receiving v3 traps from any other managed element
except when all other v3 credentials, such as Auth Protocol, Auth Password, Priv
Protocol, and Priv Password, are also the same.
• Changing the SNMP values for a device in the cluster will affect all the other devices in
that cluster too.
Before you begin
Ensure that you have the following SNMP v3 information of the managed device:
• SNMP v3 user name
• Authentication protocol and password
• Privacy protocol and password
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > SNMPv3 Device
Credentials.
2. On the Device SNMP v3 Credentials page, in the Managed Element field, click the
managed element from which you want SAL Gateway to receive SNMP v3 traps.
3. Click Edit.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 67

Comments on this document? infodev@avaya.com
Administering managed elements

4. Complete the following fields according to the SNMP mode that is configured on the
device:
• UserName
• Auth Protocol
• Auth Password
• Priv Protocol
• Priv Password
5. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Device SNMP v3 Credentials field descriptions on page 68
SNMP modes on page 70
Applying configuration changes on page 51

Device SNMP v3 Credentials field descriptions

Through this page, you can configure a managed element to send SNMP v3 traps as alarms to
SAL Gateway. For a managed element, the default configuration for sending alarm to SAL
Gateway is SNMP v2c.
Note:
If Managed Services mode is enabled for SAL Gateway, the alarms from all the devices will be
diverted to Avaya Managed Services platform and will not reach SAL Core. To disable
Managed Services mode, log on to SAL Core.
Name Description
Managed Element The managed element for which you want SAL Gateway to be a
SNMP v3 trap destination.
UserName The user name configured to send SNMPv3 traps from the managed
element.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 68

Comments on this document? infodev@avaya.com
 Device SNMP v3 configuration

Name Description
Auth Protocol The authentication protocol configured to send SNMPv3 traps from
the managed element. The following are the supported authentication
protocols:
• MD5: The MD5 hash, also known as the checksum for a file, is of
128-bit value. This feature can be useful both for comparing files
and for their integrity control.

Note:
The US government NIST organization does not recommend
MD5 to be used. If your NMS supports other options, do not
use this option.
• SHA: Secure Hash Algorithm (SHA) is useful for file integrity
checking. SAL Gateway supports:
- SHA
- SHA 224
- SHA 256
- SHA 384
- SHA 512
Auth Password The password configured for the authentication protocol that is used
to send SNMPv3 traps from the managed element.
You must follow your company policies on password strength or
contact your NMS administrator if needed.
Priv Protocol The privacy protocol configured to send SNMPv3 traps from the
managed element. The following are the supported privacy protocols:
• DES: Data Encryption Standard, a cryptographic block cipher.
• AES 128: Advanced Encryption Standard 128.
• AES 192: Advanced Encryption Standard 192.
• AES 256: Advanced Encryption Standard 256.

Note:
SAL Gateway supports HP Open View (HPOV) NMSs. This
support extends to both SNMP v2 and v3 traps. However, as
HPOV does not support AES, you must configure DES to send
SNMP v3 traps to HPOV. However, the US government NIST
organization does not recommend DES to be used for security.
If you have questions, contact your network security
administrator.
Priv Password The password configured for the privacy protocol that is used to send
SNMPv3 traps from the managed element.

The values you enter in the fields on this page decide the SNMP mode that SAL Gateway
employs for the managed element.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 69

Comments on this document? infodev@avaya.com
Administering managed elements

Related links
Configuring SNMP v3 credentials of managed element on page 67
SNMP modes on page 70

SNMP modes
The following table provides the three SNMP modes and the values you have to configure to use
the SNMP modes for the managed devices.
Mode Values entered
Mode 1: No authentication/No privacy Only user name
Mode 2: Authentication/No privacy User name and authentication protocol with password
Mode 3: Authentication/Privacy User name, authentication protocol with password, and
privacy protocol with password

Importing and configuring devices

Importing devices across SAL Gateway instances

About this task
Use this procedure to configure the assignment of registered customer devices to multiple
instances of SAL Gateway available on the customer network. Every SAL Gateway that needs to
provide remote access support to devices must have the devices added on that SAL Gateway.
Addition of devices on multiple SAL Gateway instances provides a redundant path available to
service devices for business continuity or disaster recovery concerns.
The information of the devices that are registered with Avaya for remote servicing through SAL are
available to the SAL Gateway instances on the network. From the available devices, you can
import selected devices in bulk to a particular SAL Gateway instance available on the network.
Note:
• This feature is available on those SAL Gateway instances that are registered with Avaya
and whose details are configured correctly.
• If SAL Gateway reaches the maximum number of managed elements that it can support,
you cannot import additional managed elements to that SAL Gateway instance.
• Importing Flex devices to a lower version of SAL Gateway is not supported

January 2022 Administering Avaya Diagnostic Server SAL Gateway 70

Comments on this document? infodev@avaya.com
 Importing and configuring devices

Before you begin

Check the following:
• The SAL Gateway instances are registered with Avaya and the SAL Gateway details,
including Solution Element ID and Product ID, are configured correctly.
• For third party devices, ensure that the CI Name is configured correctly.
• One or more devices are registered with Avaya for remote connectivity through SAL.
• The possibility of associations between SAL Gateway instances and devices in GRT.
• The potential for SAL flagging of devices for management.
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > Import and
Configure Devices.
The system displays the Import and Configure Devices page. The system populates the
Gateway and Functional Location fields with the SAL Gateway instances and the
functional locations (FL) available on the customer network.
2. In the Gateway field, click the address of the SAL Gateway to which you want to import
devices.
3. In the Functional Location field, click a functional location.
The page displays the registered devices that are available at the selected functional
location.
4. In the table of available devices, in the Import column, select the check boxes for the
devices that you want to import to the selected SAL Gateway.
The total number of devices selected to be imported is displayed at the end of the table.
5. Complete the following fields for the devices as required:
• Product ID
• Model
• IP Address
• Host Name
• Attribute1
• Attribute2
• Remote Access
• Transport Alarms
• Collect Inventory

January 2022 Administering Avaya Diagnostic Server SAL Gateway 71

Comments on this document? infodev@avaya.com
Administering managed elements

Note:
• If the registered device information is available with SAL Gateway, SAL Gateway
automatically populates some of the fields, such as Product ID and Model. Such
auto-populated fields become read only.
• If the device is already registered with another SAL Gateway as a managed
element, all the fields associated with the device are disabled. The device cannot be
imported and configured.
6. Click Confirm.
The system displays the Import and Configure Confirmation page for confirmation of the
action. The page displays the following:
• The information about the devices to be imported.
• The total number of devices to be imported.
If some mandatory device information, such as IP address, host name, or model, is
incorrect or incomplete, the system displays the error messages at the top of the page. You
can enter the valid information in the respective fields and try to import the devices again.
7. Click Apply Changes.
The selected devices are submitted for importing. The import operation might take several
minutes. The affected SAL Gateway is restarted.

Note:
If you submit an import request for an already added device, SAL Core Server filters
the request and ignores the duplication.
Related links
Import and Configure Devices field descriptions on page 72

Import and Configure Devices field descriptions

You can use this page to configure the assignment of registered products to various SAL Gateway
instances available on the customer network.
The page contains two sections:
• Gateway selection: Provides fields to select the SAL Gateway instance and filter the list of
registered devices.
• Devices table: Lists the registered devices on the customer network.
This feature is available on those SAL Gateway instances that are registered with Avaya and
whose details are configured correctly.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 72

Comments on this document? infodev@avaya.com
 Importing and configuring devices

Gateway selection section

Name Description
Gateway The address and Solution Element ID of the SAL Gateway to
which you want to import devices. You can select from the SAL
Gateway instances that are available on the customer network.
Functional Location The functional location (FL) number that identifies the location of
the registered devices.
When you select a particular functional location, the page displays
the registered devices that are available at the selected location.
FL Search The field that facilitates the search for a functional location.
FL Ref number The reference number associated with the selected customer FL.
FL Address The address of the selected customer FL.
FL City The city in which the selected FL locates.
FL Contact Phone The contact phone number associated with the selected FL.
Devices for this Gateway Check box to filter the managed devices that are either registered
in GRT against or onboarded to the current SAL Gateway to
which you are logged on.
For such managed devices, you can add any missing device
details, such as IP address or remote access status, in the
respective fields. However, you cannot edit the existing device
details through this page.

Devices table section

Name Description
SEID / CI Name The Solution Element ID assigned to a device when you register
the device with Avaya. The ID is a unique identifier in the format
(NNN)NNN-NNNN where N is a digit from 0 to 9. Using this ID,
Avaya Services or Avaya Partners can uniquely identify and
connect to the managed device.
CI Name is a unique identifier assigned by Avaya to a third party
device that is managed by SAL Gateway
Product ID The unique 10-character ID, also known as Alarm ID, assigned to
a device when you register the device with Avaya. The Product ID
is included in alarms that are sent to alarm receivers from the
managed device to identify the device that generated the alarm.
When you move the cursor over the Product ID of a device in the
Devices table, the system displays the product type and product
description of that device.
If the registered device information is available to SAL Gateway,
SAL Gateway automatically populates this field and makes the
field read only.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 73

Comments on this document? infodev@avaya.com
Administering managed elements

Name Description
Model The version of the model that is applicable for the device.
If the registered device information is available to SAL Gateway,
SAL Gateway automatically populates this field and makes the
field read only.
IP Address The IP address of the device.
You can edit this value.
Host Name The host name of the device.
You can edit this value.
Attribute1 The ClusterID of the Flex supported devices. This field is disabled
if the device is not a Flex supported product.
You can edit this value.

Note:
For the details of this field, hover your mouse on the field
input box.
Attribute2 The ProductInstanceID of the Flex supported devices. This field is
disabled if the device is not a Flex supported product.
You can edit this value.

Note:
For the details of this field, hover your mouse on the field
input box.
Remote Access The check box to enable remote access to the device through
SAL Gateway.
Transport Alarms The option for the alarm transfer service from the device through
SAL Gateway. The available options are:
• SNMP V2C
• SNMP V3
• No
If you select SNMP V3 for alarm transfer, the system displays the
Device SNMP v3 Credentials window for configuring the SNMP v3
credentials to be used for alarm transfer to SAL Gateway.
Collect Inventory The check box to enable inventory collection from the device.
Import The check box to indicate whether you want the device to be
imported to the selected SAL Gateway instance.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 74

Comments on this document? infodev@avaya.com
 Importing and configuring devices

Note:
• Depending on the deployment environment, the maximum number of managed elements
that a SAL Gateway instance can support differs. After you reach the maximum limit, you
cannot onboard additional managed elements to the SAL Gateway instance.
• If the device is already registered with another SAL Gateway, as a managed element, all
the fields associated with the device are disabled. The device cannot be imported and
configured.
Button Description
Reset Resets values and reverts to the original status of the devices.
Confirm Displays the Import and Configure Confirmation page with the
number of devices to be imported.

Related links
Importing devices across SAL Gateway instances on page 70

January 2022 Administering Avaya Diagnostic Server SAL Gateway 75

Comments on this document? infodev@avaya.com
Chapter 6: Managing inventory collection

SAL inventory collection overview

SAL provides inventory collection, a functionality that collects inventory information about the
supported managed device and sends the information to Secure Access Concentrator Core
Server at Avaya Data Center. Support personnel from Avaya refer to the inventory data to provide
services to the devices. The managed device provides inventory information. SAL Gateway stores
all inventory data using a Common Information Model (CIM) compliant model. You can view this
information at either Secure Access Concentrator Core Server or SAL Gateway.
Support personnel who want to review managed device configuration for reference when working
on tickets can use the inventory collection feature.The inventory of managed devices provides
product information such as the product type and version for the reference of customers and
Managed Service Providers (MSPs).
Related links
Inventory collection process on page 76
Role of the SAL model in inventory collection on page 77
CIM on page 78

Inventory collection process

SAL Gateway can collect inventory from the managed devices only if:
• The inventory service of SAL Gateway is running.
• You have enabled the inventory collection feature in the managed device from which you
want to collect inventory.
Steps in the inventory collection process
The inventory collection process consists of the following steps:
1. The inventory component of SAL Gateway initiates a connection to the managed device
from which inventory is to be collected.
2. The inventory component uses command-line interfaces to collect inventory.
3. The inventory component transfers the data collected from the managed device to SAL
Gateway.
4. SAL Gateway parses and transforms the raw inventory data into the Common Information
Model (CIM) format.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 76

Comments on this document? infodev@avaya.com
 SAL inventory collection overview

5. SAL Gateway transfers the CIM-format inventory data to SAL Core Server.
Access methods used for inventory collection
The access methods defined for inventory support through SAL include SSHv2 and Telnet.
For inventory collection that uses Telnet, you must ensure that the FTP configurations are enabled
on managed devices, such as Communication Manager, Call Management System, Intuity, and
others. Inventory collection through Telnet works only if you complete all the required FTP
configurations on the target device. Inventory collection using Telnet involves FTP file transfer for
inventory collection. If the managed device is not FTP enabled, SAL Gateway cannot collect
inventory data from the device.
SSH-enabled devices that run with SFTP do not need any additional configuration for collecting
inventory.
Use of DataSource in inventory collection
DataSource is a configuration that is required to collect inventory of a managed device. To collect
inventory from a device, SAL Gateway establishes connection to the managed device. To connect
to the managed device, SAL Gateway requires certain configuration details, including the type of
connection that needs to be established. DataSource, which is defined inside the SAL model
associated with a managed device, provides this information.
For each managed device, the type of DataSource is already defined and is configured in the SAL
model.
More than one DataSource can be supported for a managed device. In that case, you have to
configure all supported DataSources for the managed device. For some managed devices with
specific DataSource implementation, you do not need to provide any additional input for inventory
collection.
DataSource can be of the following types: syncDataSource, asyncDataSource, and
WindowsSource.
• Collection using WindowsDataSource:
Managed devices with Windows operating systems adopt this approach.
• Synchronous collection using syncDataSource:
Synchronous inventory collection maintains the connection to the managed device until
inventory collection is complete.
• Asynchronous collection using asyncDataSource:
Asynchronous inventory collection closes the connection to the managed device during the
inventory collection process.
Related links
SAL inventory collection overview on page 76

Role of the SAL model in inventory collection

SAL associates the SAL Gateway configuration of alarming rule sets and inventory mappings with
the SAL model.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 77

Comments on this document? infodev@avaya.com
Managing inventory collection

SAL model
The SAL model is a collection of the alarming configuration, inventory configuration, and SAL
Gateway component configurations that define how a SAL Gateway provides service to a
particular set of remotely managed devices. The SAL model includes the remote access model,
which is a collection of XML and configuration files that define the remote access characteristics
for a particular set of managed devices.
The model of the managed device has the following configuration files that the Inventory
component requires:
• Inventory collection script, to be downloaded to the device, if required.
• The DataSource file that has commands to be executed for inventory collection.
• The PERL parser script, required to construct CIM Inventory. SAL Gateway runs commands
or scripts on the managed device to collect inventory. The PERL parser converts the raw
inventory data to the standard CIM Inventory format.
• The Device file with instruction for the SAL Gateway tool used to obtain device connection for
the execution of the Inventory command. This command obtains the device prompt of the
device.
If you want to change the way the inventory is collected for a device, you must change the model
of the device. You must make changes to the Data Source file and to the parser.
Related links
SAL inventory collection overview on page 76

CIM
SAL Gateway uses Common Information Model (CIM) to provide a standard inventory model that
can accommodate any managed device. The CIM structure supports an evolving view of
inventory. As the kinds of managed devices that SAL Gateway supports increase, you can add
other defined elements of the full CIM model to accommodate new aspects of the inventory.SAL
Gateway uses CIM information for the following tasks:
• Display inventory reports
• Export inventory reports
• Transmit inventory information to the Secure Access Concentrator Core Server
Related links
SAL inventory collection overview on page 76

January 2022 Administering Avaya Diagnostic Server SAL Gateway 78

Comments on this document? infodev@avaya.com
 Credentials management for inventory collection

Credentials management for inventory collection

Types of credentials
SAL Gateway might require credentials to access a managed device for inventory collection. As
different kinds of devices support different access methods for inventory collection, different kinds
of credentials are available to support inventory collection.

User names and passwords

These credentials can be provided by Avaya or defined by users themselves locally to access a
device.
These credentials are combination of a user name and a password. When you provide the device
credentials on the SAL Gateway user interface, Gateway uses these credentials to collection
inventory from the device.
Related links
Using Avaya-provided credentials for inventory collection on page 79
Using user-defined credentials on page 81

ASG credentials
SAL Core Enterprise Server transports Access Security Guard (ASG) keys, which are used to
access managed devices, to SAL Gateway. After SAL Gateway receives the keys, SAL Gateway
executes instructions in the key package to place the data into the encrypted tool that resides on
SAL Gateway.
SAL Gateway extracts the credential data when SAL Gateway needs to authenticate itself to
managed devices for inventory collection.
The acquisition of the ASG credentials for a managed element with ASG protected user name
differs from a password only in two aspects:
• The system presents the ASG challenge and product ID instead of the password challenge.
• The tool for ASG keys returns an ASG response to the challenge instead of returning a
password.

Using Avaya-provided credentials for inventory collection

About this task
You can configure SAL Gateway to use the Avaya-provided credentials of a device for inventory
collection from the device.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 79

Comments on this document? infodev@avaya.com
Managing inventory collection

Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > Device
Credentials And Inventory.
2. On the Inventory support page, in the Managed Device field, click the managed device for
which you want to collect inventory.
The Managed Device field provides the list of the entire set of inventory-enabled managed
devices.
3. In the Connectivity Method field, click the connectivity method to be used for inventory
collection.
This field displays all connectivity methods supported by the selected managed device. For
some devices, you do not need to provide any additional input for inventory collection as
the device does not require any input from the user. In such cases, this field does not
display any selection option for the selected managed device.
4. Click Edit.
5. Select the Use Avaya-provided credentials check box.
The system displays the Avaya-provided login IDs of the ordinary user and the super user
of the device in the Login and SU Login fields, respectively.

Note:
Devices that are managed through SAL have different levels of security defined for
them. When a user attempts to access the device, depending on the security level
defined for a device, the system displays a message to log in as an ordinary or super
user. No standard set of permissions is available for a super user. Different devices
provide different permissions. The login information of a device is available in the
model of the device.
6. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
User names and passwords on page 79

January 2022 Administering Avaya Diagnostic Server SAL Gateway 80

Comments on this document? infodev@avaya.com
 Credentials management for inventory collection

Using user-defined credentials

About this task
SAL Gateway uses Avaya-provided credentials of a device for inventory collection. You can also
provide user-defined local credentials of a device for inventory collection.
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > Device
Credentials And Inventory.
2. On the Inventory support page, in the Managed Device field, click the managed device for
which you want to collect inventory.
The Managed Device field provides the list of the entire set of inventory-enabled managed
devices.
3. In the Connectivity Method field, click the connectivity method to be used for inventory
collection.
This field displays all connectivity methods supported by the selected managed device. For
some devices, you do not need to provide any additional input for inventory collection as
the device does not require any input from the user. In such cases, this field does not
display any selection option for the selected managed device.
4. Click Edit.
5. Clear the Use Avaya-provided credentials check box.
6. In the Login field, enter the user name to be used for inventory collection from the device.
7. Click Username/Password.
8. In the Password field, enter the password associated with the user name.
9. If the device requires a super user login, do the following:
a. In the SU Login field, enter the user name of the super user.
b. Click Username/Password.
c. In the SU Password field, enter the password of the super user.
10. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 81

Comments on this document? infodev@avaya.com
Managing inventory collection

Related links
User names and passwords on page 79

Editing device credentials for inventory collection

Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > Device
Credentials And Inventory.
2. On the Inventory support page, in the Managed Device field, click an inventory-enabled
managed element.
The system displays the model of the selected managed device in the Model field and the
credentials associated with the selected managed element.
3. In the Connectivity Method field, select connectivity method used for inventory collection.
4. Click Edit.
All the fields on the page become available for editing.
5. Make the required changes.
6. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Inventory support field descriptions on page 82

Inventory support field descriptions

Name Description
Managed Device The managed device for which inventory collection is possible.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 82

Comments on this document? infodev@avaya.com
 Credentials management for inventory collection

Name Description
Connectivity Method The connectivity method with the managed device for inventory
collection.
This field displays all connectivity methods supported by the
selected managed device. For some devices, you do not need to
provide any additional input for inventory collection as the device
does not require any input from the user. In such cases, this field
does not display any connectivity method for the managed
device.
Model The model of the selected managed device. A model is a
collection of the remote access, alarming, inventory, and other
configurations that define how SAL Gateway provides services to
a particular set of remotely managed devices.

Based on the model and the supported connectivity method, the page provides additional fields to
configure the device credentials for inventory collection.
Name Description
Use Avaya-provided credentials The check box to indicate whether to use the Avaya-provided
credentials of the device for inventory collection.
When this check box is selected, SAL Gateway uses the Avaya-
provided credentials of the device for inventory collection. To use
user-defined local credentials of the device, you must clear this
check box and enter the login details that are local to the device.
Login The user ID to be used for inventory collection from the device.
If you select the Use Avaya-provided credentials check box,
this field displays the user name that Avaya provides for the
device access. You cannot edit the Avaya-provided credentials.
If you do not select the Use Avaya-provided credentials check
box, you can enter a password-protected or an Access Security
Guard (ASG) protected user ID in this field.
Username/Password The option to indicate that the user ID in the Login field is
password protected.
This option is available only when you clear the Use Avaya-
provided credentials check box.
Password The password of the user ID.
This field is available only when you select Username/
Password.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 83

Comments on this document? infodev@avaya.com
Managing inventory collection

Name Description
ASG The option to indicate that the user ID in the Login field is ASG
protected.
This option is available only when you clear the Use Avaya-
provided credentials check box.

Note:
For products that support Enhanced Access Security
Gateway (EASG), this field is not relevant.
ASG Key The ASG key associated with the user ID.
This field is available only when you select ASG.
SU Login The user ID of the super user that is to be used for inventory
collection from the device.
If you select the Use Avaya-provided credentials check box,
this field displays the user name of the super administrator that
Avaya provides for the device access. You cannot edit the Avaya-
provided credentials.
If you do not select the Use Avaya-provided credentials check
box, you can enter a password-protected or an ASG protected
user ID in this field.
Username/Password The option to indicate that the user ID in the SU Login field is
password protected.
This option is available only when you clear the Use Avaya-
provided credentials check box.
SU Password The password of the super user ID.
This field is available only when you select Username/
Password.
ASG The option to indicate that the user ID in the SU Login field is
ASG protected.
This option is available only when you clear the Use Avaya-
provided credentials check box.

Note:
For products that support Enhanced Access Security
Gateway (EASG), this field is not relevant.
SU ASG Key The ASG key associated with the super user ID.
This field is available only when you select ASG.

Button Descriptions
Edit Enables the credential fields on the page for the selected
managed device for editing.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 84

Comments on this document? infodev@avaya.com
 Viewing and controlling inventory collection

Button Descriptions
Apply Applies changes to the credential information.
Cancel Cancels any changes and reverts to the home page.
Collect Inventory Now Initiates inventory collection so that changes to a managed
device can be viewed immediately. Using this button, you can
manually initiate an inventory collection instead of waiting for the
scheduled inventory collection process to run.

Related links
Editing device credentials for inventory collection on page 82
Enabling inventory collection from a managed device on page 85
Collecting inventory on demand for a device on page 88

Viewing and controlling inventory collection

Enabling inventory collection from a managed device

About this task
Use this procedure to enable and schedule inventory collection from a managed device that
supports inventory collection.
You can enable inventory collection from a device while adding the device as a managed element
to SAL Gateway. This procedure describes the steps to enable inventory collection from a device
that you already added as a managed element.
Note:
If the SAL model associated with the managed device does not support inventory collection,
you cannot enable inventory collection for that device.
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > View/Search.
2. On the Managed Element page, click the host name of the managed element for which you
want to enable inventory collection.
3. On the Managed Element Configuration page, click Edit.
4. Select the Collect inventory for this device check box.
5. In the Inventory collection frequency field, type the inventory collection interval in hours.
6. Click Apply.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 85

Comments on this document? infodev@avaya.com
Managing inventory collection

Next steps
On the Inventory Support page, if required, add or edit the credentials to be used for inventory
collection from the device.
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Related links
Inventory support field descriptions on page 82

Starting the inventory service

About this task
If the inventory service of SAL Gateway is not running, use this procedure to start the inventory
service. If the inventory service does not run, SAL Gateway cannot collect inventory of managed
devices.
Procedure
1. On the main menu of the SAL Gateway user interface, click Administration > Service
Control & Status.
2. On the Gateway Service Control page, in the Gateway Services section, click Start that is
next to the inventory service.
The system starts the inventory service of SAL Gateway. The inventory service checks all
managed devices and collects inventory of devices that have the inventory collection
function enabled.

Stopping the inventory service

About this task
Use this procedure to stop the inventory service.
Caution:
If you stop the inventory service, SAL Gateway stops collecting inventory of all managed
devices that SAL Gateway supports.
Procedure
1. On the main menu of the SAL Gateway user interface, click Administration > Service
Control & Status.
2. On the Gateway Service Control page, in the Gateway Services section, click Stop that is
next to the inventory service.
SAL Gateway stops inventory collection for all managed devices.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 86

Comments on this document? infodev@avaya.com
 Viewing and controlling inventory collection

Viewing inventory report of a device

About this task
Use this procedure to view the latest inventory information of a managed device through the SAL
Gateway user interface.
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > View/Search.
2. On the Managed Element page, click the host name of the managed element for which you
want to view the inventory report.
3. On the Managed Element Configuration page, in the Inventory field, click the timestamp
link.
A timestamp link in the Inventory field indicates that the last inventory collection attempt
from the device was successful. If the link is not available, then either inventory collection
is not enabled for the device or the last inventory collection attempt is unsuccessful.
The system displays the inventory report of the managed device on the Inventory Report
page.
Related links
Inventory Report field descriptions on page 87

Inventory Report field descriptions

SAL Gateway displays an inventory report in the CIM format. Even though the data element list in
an inventory report is not identical for all types of managed devices, there is a common set that is
applicable to all devices.
This common set includes the following fields:

Name Description
Solution Element identifier A unique identifier in the form (xxx)xxx-xxxx where x
is a digit from 0 to 9.
Product identifier The unique 10-digit number used to uniquely
identify a customer application.
Model name Name of the model of the managed device.
Model version Version number of the model of the managed
device.
Model patch Patch number of the model of the managed device.
Product IP address The IP address of the managed device.
System ID The Product ID of the SAL Gateway that provides
inventory service to the device.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 87

Comments on this document? infodev@avaya.com
Managing inventory collection

Name Description
SAL version The version of SAL that is used for the inventory
collection.
Collection date The date on which inventory was collected.
Inventory checksum The unique checksum of the inventory information
collected.

Note:
Additional attributes beyond the common set, including Avaya product type and OS version,
are also defined within the corresponding SAL CIM classes in the SAL CIM Model.
Related links
Viewing inventory report of a device on page 87

Exporting an inventory report

About this task
Use this procedure to export the inventory data of a managed device to the local system.
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > View/Search.
2. On the Managed Element page, click the host name of the managed element for which you
want to view the inventory report.
3. On the Managed Element Configuration page, in the Inventory field, click the timestamp
link.
4. On the Inventory Report page for the managed device, click Export, and save the XML file
to a local folder.

Collecting inventory on demand for a device

About this task
For all managed devices for which you enable inventory collection, SAL Gateway collects
inventory at scheduled intervals. However, you can collect inventory of a managed device anytime
using the SAL Gateway user interface.
Use this procedure to collect inventory of a newly added managed device or to see changes that
are administered to a managed device.
Note:
You can start an on demand inventory collection process for a device only if the following
conditions are met:
• The inventory service of SAL Gateway is running.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 88

Comments on this document? infodev@avaya.com
 Viewing inventory log files

• The SAL Agent service of SAL Gateway is running.

• Inventory collection is enabled for the selected managed device.
• You have not used the Collect Inventory Now option in the past 60 minutes to collect
inventory.
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > Device
Credentials And Inventory.
2. On the Inventory support page, in the Managed Device field, click the managed device for
which you want to collect inventory.
The Managed Device field provides the list of the entire set of inventory-enabled managed
devices.
3. Complete the fields for credentials, such as Login and SU Login, as required for
accessing the selected device.

Note:
For some connection types, you do not need to provide any additional input for
inventory collection.
4. Click Collect Inventory Now.
SAL Gateway collects inventory of the selected device.
You can view the status of the inventory collection attempt by navigating to the Managed
Element Configuration page for the selected device.
Related links
Inventory support field descriptions on page 82
Using Avaya-provided credentials for inventory collection on page 79
Using user-defined credentials on page 81

Viewing inventory log files

Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Log Viewer.
2. On the Log Viewer page, in the Categories field, click SAL Agent.
3. In the Log Files field, click SAL Agent Operational Log.
4. Click View.
The system displays the logs in a tabular format under the Tabular Result tab. Look for
inventory exceptions in the log files.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 89

Comments on this document? infodev@avaya.com
Managing inventory collection

Note:
For more information on inventory exceptions in log files, see the topic, Inventory-
related exceptions in SAL Gateway logs.
Related links
Inventory-related exceptions in SAL Gateway logs on page 188

Inventory diagnostics
To align itself with the inventory functionality, SAL Gateway provides two forms of diagnostics
output:
• A basic connectivity test that establishes a TCP socket connection to managed devices
• A more advanced test that uses the onboard credentials of the gateway to attempt a device
connection by means of the SAL inventory system.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 90

Comments on this document? infodev@avaya.com
Chapter 7: Managing SAL Gateway
redundancy

Redundancy of SAL Gateway

Through SAL Gateway redundancy, you can ensure seamless service availability for devices
managed through SAL Gateway. Redundancy of SAL Gateways means that more than one SAL
Gateway administers the same managed devices for remote access, inventory collection, and
alarm management. Each SAL Gateway that participates in redundancy functions as if that SAL
Gateway solely provides complete services to all managed devices assigned to it.
Note:
You must follow the lowest common denominator rule for assigning managed elements to the
redundant SAL Gateway instances.
Important:
Do not use the same Solution Element ID to configure two SAL Gateway instances. Such
configurations can affect proper functioning of the SAL Gateway instances and might produce
unexpected results.
Important:
The SAL Gateway instances that are configured to communicate with BP Concentrator Core
Server instead of the Concentrator Core Server at Avaya Data Center do not support the
redundancy feature.
Advantages of SAL Gateway redundancy
• High availability of remote access to managed devices for troubleshooting or maintenance.
You can configure an alternative proxy server for each redundant SAL Gateway to increase
the availability of Internet connectivity. Redundancy also increases reliability by ensuring that
the alarms from the managed devices actually reach Avaya Data Center.
• Geographic independence. SAL Gateway instances from different geographic locations can
participate in redundancy. Therefore, if one geographic location having a SAL Gateway goes
offline, another SAL Gateway can still provide access to the surviving managed devices.
• Minimum service interruption. If one SAL Gateway is offline, remote access is still possible
through the other SAL Gateway. Thus you can minimize service interruption when one SAL
Gateway is unavailable because of some configuration, upgrade, or other such maintenance
operations.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 91

Comments on this document? infodev@avaya.com
Managing SAL Gateway redundancy

Alarm transfer and inventory collection through redundant SAL Gateway

In a redundant SAL Gateway deployment, each SAL Gateway exposes interfaces to receive traps
using SNMP and log entries through the syslog protocol. Each managed element sends traps and
log entries to both SAL Gateway instances that participate in redundancy. Each SAL Gateway
thus forwards the received alarms to Concentrator Core Server at Avaya Data Center. Similarly,
each SAL Gateway attempts to collect an inventory record for the managed element and send the
record to Concentrator Core Server.
Note:
If you implement SAL Gateway redundancy, you must administer the managed devices to
send SNMP traps to each SAL Gateway that participates in redundancy.
In a redundant SAL Gateway deployment, Concentrator Core Server might receive duplicate
alarms and inventory records. Concentrator Core Server handles duplicate alarms and inventory
records as the following:
• Concentrator Core Server receives two identical alarms from the same managed element but
through different SAL Gateway instances within a defined period. Concentrator Core Server
stores the second alarm but marks the alarm as a duplicate alarm.
• Concentrator Core Server receives an inventory record of a managed element that is the
duplicate of an existing inventory record. Concentrator Core Server records an event log
without storing the inventory record.
Remote access through redundant SAL Gateways
If the redundant SAL Gateway instances are active for a managed element, either of the instances
can provide remote access to the managed element. The SAL Gateway that first receives the
request from Concentrator Remote Server establishes the tunnel for remote access. The
determination of which SAL Gateway is to be used is made without the involvement of the user.
Redundancy support across SAL Gateway versions
In SAL 1.5 and 1.8, you have to implement redundancy manually. To create redundancy, all SAL
Gateway instances that participate in redundancy must be of the same version. SAL 2.0 and later
versions support automatic redundancy. With SAL 2.x technology, only SAL Gateways connected
to the Avaya concentrator can operate as a redundant pair, but SAL Gateways connected to BP
concentrators cannot.
With SAL 3.x technology, the individual BP concentrators are replaced with the Avaya Hosted
Concentrator for BPs. SAL Gateway 3.0 connects to both the Avaya concentrator and to the
hosted concentrator for BPs by administering a BP link ID in the gateway. In this environment,
SAL Gateways can operate as a redundant pair if:
• Both SAL Gateways are release 3.0 with SP2 (3.0.2) or later.
• Both SAL Gateways are administered with the same BP link ID.
If release 2.x SAL Gateways are operating as redundant pair, but after upgrade to 3.0.2 they are
administered with different BP link IDs, the redundancy will be broken. If release 3.x SAL
Gateways are operating as redundant pair, but later they are administered with different BP link
IDs, the redundancy will be broken.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 92

Comments on this document? infodev@avaya.com
 Creating redundant SAL Gateways

Upgrade of redundant SAL Gateway

You can upgrade the redundant SAL Gateway instances one by one without affecting the
redundancy configuration. After both SAL Gateway instances are upgraded to the latest version,
the redundancy feature works as expected.
During the time frame when you upgrade one SAL Gateway, the managed device synchronization
between the two SAL Gateway instances might not happen. However, alarm transfer, remote
access, and other functionalities remain available through the second SAL Gateway that
participates in redundancy.
In an automatic software update of the redundant SAL Gateways, you do not require to perform
any extra action. However, you must ensure the followings while enabling the automatic software
update feature for the redundant SAL Gateway instances:
• The automatic software update feature is active for both SAL Gateway instances that
participate in redundancy.
• The date and time difference in running the automatic software updates on the SAL Gateway
instances is minimal. Longer time difference might impact the redundancy until both SAL
Gateway instances are upgraded to the same version.
Related links
Creating redundant SAL Gateways on page 93

Creating redundant SAL Gateways

About this task
Use this procedure to create SAL Gateway redundancy. Onboarding of a device to more than one
SAL Gateway creates redundancy. Redundancy ensures seamless service availability for the
device.
Before you begin
Ensure the following:
• All SAL Gateway instances that participate in redundancy are of the same version.
• All SAL Gateway instances that participate in redundancy must follow the lowest common
denominator principle for the number of managed elements assigned to the SAL Gateway
instances. Each redundant SAL Gateway might differ in capacity requirements, such as disk
space, memory, and CPU. Therefore, you must be cautious while configuring redundancy
and adding managed elements to the SAL Gateway instances.
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > Gateway
Redundancy Configuration.
2. On the Redundant Gateways page, in the Define Redundant Gateway Pair section, in the
Gateway field, click the SAL Gateway for which you want to create redundancy.
3. In the Redundant Gateway field, click the SAL Gateway that will act as redundant to the
first SAL Gateway.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 93

Comments on this document? infodev@avaya.com
Managing SAL Gateway redundancy

If you enter the same SAL Gateway details in both fields, you cannot proceed further.
4. Click Add.
The system adds a row to the Redundancies table to display the new redundancy
established.
5. (Optional) Repeat Step 2 to Step 4 to add more redundancy.
6. Click Next.
The system displays the Redundancy Confirmation page with the new redundancies.
7. Click Apply Changes.
The system displays the following message after the page title:
Gateway Redundant Actions successfully submitted. This operation
may take several minutes and will restart the affected gateways.
8. To revert to the original redundancy configuration, click Reset
Related links
Redundant Gateways field descriptions on page 94
Example: Lowest common denominator rule for redundant Gateways on page 95

Redundant Gateways field descriptions

The page contains the following two sections:
• Define Redundant Gateway Pair: Displays the fields where you select the SAL Gateway
instances that will participate in redundancy.
• Redundancies: Displays the existing pairs of SAL Gateway instances that participate in
redundancy. For, a selected pair of SAL Gateway instances, this section displays the list of
managed elements supported by both the instances.
Define Redundant Gateway Pair section
Name Description
Gateway The Solution Element ID and IP address of the primary SAL
Gateway for which you want to create redundancy.
Redundant Gateway The Solution Element ID and IP address of the SAL Gateway that
will be redundant.

Redundancies section
The Redundancies table displays the following details of the redundancies created:
• The Solution Element ID of the primary SAL Gateway
• The Solution Element ID of the redundant SAL Gateway
When you select a pair of redundant SAL Gateways, the page displays the list of managed
devices that the SAL Gateways support. The list contains the following device details:

January 2022 Administering Avaya Diagnostic Server SAL Gateway 94

Comments on this document? infodev@avaya.com
 Example: Lowest common denominator rule for redundant Gateways

Name Description
Device The Solution Element ID assigned to the device when you register
the device with Avaya. The ID is a unique identifier in the format
(NNN)NNN-NNNN where N is a digit from 0 to 9. Using this ID,
Avaya Services or Avaya Partners can uniquely identify and connect
to the managed device.
Product ID The unique 10-character ID, also known as Alarm ID, assigned to
the device when you register the device with Avaya. The Product ID
is included in alarms that are sent to alarm receivers from the
managed device to identify the device that generated the alarm.
IP Address The IP address of the device.

Button Description
Add Adds a row to the Redundancies table to display the new
redundancy established.
Reset Resets to the original redundancy configuration.
Next Displays the Redundancy Confirmation page where you can commit
the new redundancy.
Apply Changes Commits the addition of a redundancy instance.

Icon Name Description

Remove redundancy Submits a redundancy for
deletion.

Related links
Creating redundant SAL Gateways on page 93
Removing a redundancy of SAL Gateways on page 96

Example: Lowest common denominator rule for redundant

Gateways
Suppose, SAL Gateway 1, running with 1 MB, can support X number of managed devices and
SAL Gateway 2, running with 2 MB, can support Y (Y > X) number of managed devices.
Following the lowest common denominator rule, for SAL Gateway 1 and SAL Gateway 2 to
function as redundant gateways to each other, you have to configure Gateway 2 with less than or
equal to X numbers of managed devices.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 95

Comments on this document? infodev@avaya.com
Managing SAL Gateway redundancy

Removing a redundancy of SAL Gateways

About this task
Use this procedure to remove the redundancy between a pair of SAL Gateway instances.
Procedure
1. On the main menu of the SAL Gateway user interface, click Devices > Gateway
Redundancy Configuration.
2. On the Redundant Gateways page, in the Redundancies table, click the Remove
Redundancy icon ( ) next to the pair of SAL Gateway instances whose redundancy you
want to remove.
3. Click Next.
The system displays the Redundancy Confirmation page.
4. Click Apply Changes.
The system displays the following message after the page title:
Gateway Redundant Actions successfully submitted. This operation
may take several minutes and will restart the affected gateways.
Related links
Redundant Gateways field descriptions on page 94

January 2022 Administering Avaya Diagnostic Server SAL Gateway 96

Comments on this document? infodev@avaya.com
Chapter 8: Managing the user and system
security

PKI configuration

PKI configuration for SAL Gateway access

You can view and edit the organizations and associated units that can use a certificate-based
login to access SAL Gateway and the roles the organizations are assigned. As the system
administrator of the customer, you can configure PKI to grant roles to support personnel from
specified organizations, such as Avaya or Avaya partners, who use certificates to gain remote
access to SAL Gateway. The application denies a PKI user, who is not assigned any role, the
permission to log in to the application.
The Linux host on which SAL Gateway runs provides authentication for users of SAL Gateway.
The SAL Gateway user interface uses Linux-related groups and role mappings. Users of the SAL
Gateway user interface, authenticated with local host authentication, are mapped from a group to
a role. For example, the user group for administrator maps to the administrator role.
You can map users of the SAL Gateway UI into three different roles with the following access
permissions:
• Browse:
This role provides the read-only and access to tests and diagnostics capabilities. If you did
not assign any role to a local user, the application assigns the user the default Browse role.
• Administrator:
This role grants the user all permissions on all the pages on the SAL Gateway user interface,
except the following pages. The user has read-only permission to these pages:
- Policy Manager
- PKI Configuration
- OCSP/CRL Configuration
- Certificate Management
• Security Administrator:

January 2022 Administering Avaya Diagnostic Server SAL Gateway 97

Comments on this document? infodev@avaya.com
Managing the user and system security

This role provides the capability to access and change everything on the SAL Gateway user
interface.

PKI
Public Key Infrastructure (PKI) is an authentication scheme that uses the exchange of certificates
that are usually stored in an e-token. The certificates use asymmetric public key algorithms to
avoid sending shared secrets such as passwords over the network. A public/private certificate
authority such as VeriSign usually generates and signs certificates. Certificate authorities and
certificates have expiry dates and can be revoked.
Authentication with certificates requires verification that:
• The certificate is valid.
• The entity, such as SAL Gateway, sending the certificate possesses the private key for the
certificate.
• The certificate is signed by a trusted certificate authority.
• The certificate and the signs are not expired.
• The certificates and certificate authority are not revoked.
If you want to check a certificate for revocation, you must query an Online Certificate Status
Protocol (OCSP) service or search for the certificate in a Certificate Revocation List (CRL).

Creating a role mapping

About this task
Use this procedure to map organizations, such as Avaya or Avaya partners, which use certificates
to gain remote access to customer devices, to PKI roles that controls the access permissions to
the application.
Before you begin
Log on to the SAL Gateway user interface as a user with the security administrator privilege.
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > PKI
Configuration.
2. On the Map certificate subjects to SAL Gateway administrator roles page, click Edit.
3. Click Add Organization.
The system displays a text box for the name of the organization and a list of roles.
4. In the text box, enter the name of the organization of the support personnel, for example,
Avaya Inc.
5. From the drop-down list, select one of the following roles for the organization:
• Browse

January 2022 Administering Avaya Diagnostic Server SAL Gateway 98

Comments on this document? infodev@avaya.com
 PKI configuration

• Administrator
• Security Administrator

Note:
Select Deny if you want to deny access to an organization.
6. Click Apply.
Result
You have defined the role for the organization.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Creating a role mapping for an organizational unit within an organization on page 99

Creating a role mapping for an organizational unit within an

organization
About this task
Use this procedure to map a role to an organizational unit within an organization.
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > PKI
Configuration.
2. On the Map certificate subjects to SAL Gateway administrator roles page, click Edit.
3. Select the organization for which you have a unit for role mapping.
4. Click Add Organizational Unit that is beside the organization row.
The system displays a new row below the organization row with a text box and a drop-
down list.
5. In the text box, enter the name of the organizational unit.
6. From the drop-down list, select one of the following roles for the organizational unit:
• Browse
• Administrator

January 2022 Administering Avaya Diagnostic Server SAL Gateway 99

Comments on this document? infodev@avaya.com
Managing the user and system security

• Security Administrator
7. Click Apply.
Result
You have defined the role for the organizational unit.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Creating a role mapping on page 98

Updating role mappings

About this task
Use this procedure to update an existing role mapping for an organization or an organizational
unit.
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > PKI
Configuration.
2. On the Map certificate subjects to SAL Gateway administrator roles page, click Edit.
3. Make the required changes to update the existing role mapping of an organization.
4. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 100

Comments on this document? infodev@avaya.com
 Managing roles for local user groups

Deleting role mappings

About this task
Use this procedure to delete a role mapping to an organization and an organizational unit.
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > PKI
Configuration.
2. On the Map certificate subjects to SAL Gateway administrator roles page, click Edit.
3. Select the check boxes beside the organizations and organizational units for which you
want to delete the role mappings.
4. Click Delete Selected.
5. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.

Managing roles for local user groups

Role management for local users

A SAL Gateway user with the Security Administrator role owns the opt/avaya/SAL/gateway/
GatewayUI/config/spirit-local-user-role-mapping.xml file and can edit the file to
associate a role to a group of locally authenticated users as defined in the host OS
directories /etc/passwd and /etc/shadow.
The user with the Security Administrator role uses the Map local group names to gateway roles
page to identify and assign roles to groups of users with local host shell accounts. A local host
shell account user is one who logs in to the application using Linux credentials.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 101

Comments on this document? infodev@avaya.com
Managing the user and system security

Mapping local user groups to roles

About this task
Use this procedure to assign roles to user groups that are defined in the RHEL host.
Before you begin
Log on to the SAL Gateway user interface as a user with the security administrator privilege.
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > Local Roles
Configuration.
2. On the Map local group names to SAL Gateway roles page, click Edit.
3. Click Add.
4. In the Group Names field in the new row, click a user group name.
5. In the Roles field, select one of the following roles:
• Deny
• Browse
• Administrator
• Security Administrator
6. Click Apply.
The system assigns the selected role to the group of local users. If the editing of local role
configuration fails to associate the Security Administrator role with any group, the system
displays the following message:
No group is assigned to Security Administrator. Click 'YES' only if
you can edit the role mapping file or can log into a security
administrator role account with a certificate.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 102

Comments on this document? infodev@avaya.com
 Managing roles for local user groups

Map local group names to SAL Gateway roles field descriptions

Name Description
Check box The check box to select the role mapping of a user group for
deletion.
Group Names The user group name defined in the Linux host. The group contains
users with local host shell accounts.
Roles The role assigned to the user group, which defines the access
permissions of the users. The following are the available options:
• Deny: This role denies all access.
• Browse: This role entitles a user read-only access. Browse is the
default role for a local user if no other role is configured for the
user.
• Administrator: This role entitles a user full read and partial write
privileges. A user with this role cannot write security sensitive
information such as information relating to Policy Manager.
• Security Administrator: This role entitles a user full read and
write privileges. Users who belong to the following default groups
are assigned the Security Administrator role: root, wheel, and
salgroup.

Editing a local role mapping

Procedure
1. On the main menu of the SAL Gateway user interface, click Security > Local Roles
Configuration.
2. On the Map local group names to gateway roles page, click Edit.
3. Make the required changes to the role mappings.
4. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 103

Comments on this document? infodev@avaya.com
Managing the user and system security

Deleting a local role mapping

About this task
Use this procedure to delete a role assignment to a local user group.
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > Local Roles
Configuration.
2. On the Map local group names to gateway roles page, click Edit.
3. Select the check box beside the group for which you want to delete the local role mapping.
4. Click Delete.
The system displays a message asking for your confirmation.

Note:
The system makes the Delete button available only when you select one or more
check boxes.
5. Click OK.
The local role mapping for the group is deleted.
If you erroneously attempt to delete all groups, the system displays the following security
warning: Do you want to delete all groups? Click ‘YES’ only if you
can edit the role mapping file or can log into a security
administrator role account with a certificate.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 104

Comments on this document? infodev@avaya.com
 OCSP and CRL configuration

OCSP and CRL configuration

OCSP and CRL configuration for authentication and authorization

of remote access requests
SAL provides unique identification and strong authentication of users who want to gain access to
the customer devices or network. An administered and configured Certificate Authority issues
VeriSign certificates. A combination of certificates with e-Tokens provides strong two-factor
authentication (2FA). Using Online Certificate Status Protocol (OCSP) or Certificate Revocation
Lists (CRL), you can choose to automatically validate the certificates of the users each time a user
attempts to gain access to the customer network. This mechanism provides SAL Gateway with the
capability for service personnel identification and access logging.
You can configure SAL Gateway to verify the certificate of a user by one of the following methods:
• Validate a user VeriSign-issued certificate against an OCSP server.
• Validate a user VeriSign-issued certificate against a local CRL file.
Note:
The methods have a fallback option. If one method fails, the other method can be used.
OCSP is an Internet protocol used for obtaining the revocation status of an X.509 digital
certificate. The protocol is described in RFC 2560 and is on the Internet standards track. OCSP
was created as an alternative to CRLs, specifically addressing certain problems associated with
using CRLs in a PKI. Messages communicated by means of OCSP are encoded in ASN.1 and are
usually communicated over HTTP. The request or response nature of these messages leads to
OCSP servers being termed OCSP responders.

Configuring OCSP or CRL for SAL Gateway

About this task
Use this procedure to configure OCSP or CRL for SAL Gateway user authentication.
Before you begin
The OCSP/CRL Configuration page is for the use of security administrators who have the
privileges to configure OCSP or CRL. To configure OCSP and CRL, you must log on to the SAL
Gateway user interface as a security administrator.
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > OCSP/CRL
Configuration.
2. On the OCSP/CRL Configuration page, click Edit.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 105

Comments on this document? infodev@avaya.com
Managing the user and system security

3. To check the PKI certificate of the user for validity against OCSP and CRL, select the
Check for OCSP/CRL check box.
The default option for this validation is Off.

Important:
Before selecting this check box, ensure that the proxy server is set correctly.
4. To deny a user the access to SAL Gateway when the user certificate is invalid or not
available, select the Deny access if OCSP/CRL is not available check box.
5. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
OCSP/CRL Configuration field descriptions on page 106

Editing OCSP/CRL settings

Procedure
1. On the main menu of the SAL Gateway user interface, click Security > OCSP/CRL
Configuration.
2. Click Edit.
3. Make changes to the OCSP/CRL settings.
4. Click Apply.
Related links
OCSP/CRL Configuration field descriptions on page 106

OCSP/CRL Configuration field descriptions

Name Description
Check for OCSP/CRL The check box to indicate that SAL Gateway is to check the PKI
certificate of a user for validity against OCSP and CRL for user
authentication.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 106

Comments on this document? infodev@avaya.com
 OCSP and CRL configuration

Name Description
Deny access if OCSP/CRL is not The check box to indicate that SAL Gateway is to deny access to a
available user if the status of the user certificate is found to be old or revoked.

Related links
Configuring OCSP or CRL for SAL Gateway on page 105
Editing OCSP/CRL settings on page 106

January 2022 Administering Avaya Diagnostic Server SAL Gateway 107

Comments on this document? infodev@avaya.com
Chapter 9: Managing certificates on SAL
Gateway

Certificate authority
A certificate authority (CA) is an authority on a network that issues and manages security
credentials and public keys for message encryption. As part of a public key infrastructure (PKI), a
CA checks with a registration authority (RA) to verify information provided by the requestor of a
digital certificate. If the RA verifies the information of the requestor, the CA can issue a certificate.
Depending on the public key infrastructure implementation, the certificate includes the owner's
public key, the expiration date of the certificate, the owner's name, and other information about the
public key owner.
SAL Gateway uses CA certificates for authentication of communication with SAL Core Server,
Policy Manager with SSH Proxy, and other Avaya products.
For more information about CA definition, see http://searchsecurity.techtarget.com/definition/
certificate-authority.

Viewing certificates
About this task
Use this procedure to view the certificates available in the SAL Gateway trust store.
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > Certificate
Management.
The system displays the Certificate Management page with the list of all available
certificates.
2. To view the details of a certificate, click the name of the certificate in the Distinguished
Name column.
The system displays the Certificate Information box with the following certificate details:
issued to, issued by, expiration date, and serial number.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 108

Comments on this document? infodev@avaya.com
 Certificate Management field descriptions

Certificate Management field descriptions

The Certificate Management page provides a table listing all the Certificate Authorities available
on SAL Gateway. The page mentions the number of certificate authorities found. By default, SAL
Gateway displays 12 certificate authorities. You must not delete these default certificates.
Name Description
Select The check box to select a certificate to upload or delete.
Distinguished Name The name of the certificate.
Detail Certificate details including the expiration date and the hash
functions, MD5 and SHA, the values for which give the fingerprints
for the certificate.

Button Description
Upload Uploads a certificate to the spirit-trust.jks file.
Delete Deletes a certificate from the spirit-trust.jks file.
Reset certificates to factory Resets the certificates to the default settings.
settings

Uploading a certificate to SAL Gateway

About this task
Use this procedure to upload a certificate to the truststore of SAL Gateway through the SAL
Gateway user interface.
Before you begin
Ensure that the certificate file name uses only lower case letters.
Examples of valid certificate file names: mycertificate.cer, versigncer.pem,
entrust.crt
Examples of invalid certificate file names: Mycertificate.cer, versignCer.pem,
enTrust.crt
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > Certificate
Management.
2. On the Certificate Management page, do one of the following: .
• If the certificate is in the list of available certificates on SAL Gateway, select the check
box next to the certificate you want to upload.
• If the certificate is on the your local system from where you are accessing SAL Gateway,
click Upload, and click Browse to locate and select the certificate.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 109

Comments on this document? infodev@avaya.com
Managing certificates on SAL Gateway

3. Click Upload.
The system uploads the certificate to the spirit-trust.jks file. The system also adds
the certificate to the Privacy Enhanced Mail (PEM) file.
Next steps
Restart the SAL services to apply the new certificates.

Deleting a certificate
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > Certificate
Management.
2. Select the check box beside a certificate you want to delete.
3. Click Delete.
Result
The system deletes the certificate from the spirit-trust.jks and PEM files.
Next steps
Restart the SAL services to apply the new certificates.

Resetting certificates to factory settings

About this task
The SAL Gateway settings provide 12 default certificate authorities. If you have altered these
settings, either by uploading more certificates, or deleting certificates, you might have to reset the
certificates to the default settings.
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > Certificate
Management.
2. Click Reset certificates to factory settings.

Caution:
You must neither delete nor move the 12 default files. The Reset certificates to
factory settings button works only when all 12 default certificates authority files are
available in the certificate install directory.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 110

Comments on this document? infodev@avaya.com
 Importing and exporting certificates to the SAL Gateway truststore through CLI

If any certificate is unavailable, the system displays the following error: The current
operation failed; please see the debug log for the details of
exception.

Importing and exporting certificates to the SAL Gateway

truststore through CLI

Importing certificates
About this task
SAL Gateway users can use certificates other than those provided in the Avaya default truststore.
SAL Gateway supports adding new Certificate Authorities (CAs) to the trust keystore so that SAL
Gateway can authenticate Concentrator Servers and other products with customer-provided TLS
certificates.
You can use the keytool command in JAVA to import certificates into spirit-trust.jks in SAL
Gateway.
Procedure
1. Log on to the SAL Gateway host as root.
2. Run the following command from the command prompt:
<$JAVA_HOME>/bin/keytool -import -alias <Alias name given in the
customer certificate> -keystore spirit-trust.jks -file <Customer
Certificate file>

Note:
Provide the path of the jks file on SAL Gateway. The trust store is available at the
location that was provided while installing SAL Gateway.
Example: <$JAVA_HOME>/bin/keytool -importcert -alias SVRootCA -
keystore spirit-trust.jks -file ESDPTest.cer

Exporting certificates
About this task
If you have certificates other than the ones Avaya delivered in a trust store of your own, you can
export the certificates from your trust store and then import the certificates into the SAL Gateway
trust store, spirit-trust.jks.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 111

Comments on this document? infodev@avaya.com
Managing certificates on SAL Gateway

Before you begin

Ensure that you export the certificates as individual files.
Procedure
1. Log on to the SAL Gateway host as root.
2. Run the following command to export the certificate:<$JAVA_HOME>/bin/keytool -
export -rfc -alias <Alias name given in the customer certificate> -
keystore -file <Customer Certificate file>
Example: <$JAVA_HOME>/bin/keytool -exportcert -rfc -alias SVRootCA -
keystore spirit-trust.jks -file ESDPTest.cer
3. Use the procedure in the section Importing certificates on page 111 and import the
certificate.

Replacing CA certificates on SAL Gateway

SAL uses X.509 certificates to ensure data confidentiality and integrity while two systems
exchange data. Most Avaya products use CA certificates from VeriSign. The validity of these
certificates expires every three or four years. To prevent disruption in SAL Gateway services
owing to the expiration of certificates, users must replace the CA certificates with updated ones
before the validity of the certificates expires.
About this task
While SAL Gateway automatically downloads and installs the latest CA certificates available on
Concentrator Core Server, use this procedure to install the certificates manually.
Procedure
1. Log on to the SAL Gateway host server.
2. Start an SSH session.
3. Navigate to the installation path of your SAL Gateway:
<SAL GW INSTALL_PATH>/SpiritAgent/scripts
4. Run the following command:
sh importCertificates -packagePath <PACKAGE_ZIP_FILE_PATH>

Result
SAL Gateway refreshes CA certificates after:
• Component startup.
• Receipt of heartbeat acknowledgement from the upstream Core Server.
Next steps
From the SAL Gateway UI, restart the SAL components to apply the new certificates.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 112

Comments on this document? infodev@avaya.com
 Confirming successful download and application of CAs

Confirming successful download and application of CAs

About this task
After SAL Gateway downloads and applies a CA Certificates package, the system displays a
message on the SAL Gateway UI page that the user is browsing. You must restart the SAL
Gateway components to apply the newly uploaded certificates.
Procedure
1. Log on to the SAL Gateway user interface.
2. If you see the message, The latest CA Certificates package has been
applied to SAL Gateway, click Restart the SAL Agent, the Remote Access Agent
and the Gateway UI to apply configuration changes.
Result
If the Simple Mail Transfer Protocol (SMTP) server is configured, the customer administrator of
SAL Gateway receives an email notification with the subject line: Package installation
status: Successful! The notification summarizes the action as CA Certificate
Refresh and lists the added certificates. The notification concludes with instructions to restart the
SAL components.
If the CA Certificates package installation fails:
• The system displays a message on the SAL Gateway UI: Error in applying CA
Certificates package. Check the log file for errors. If the errors
are not resolved the SAL Gateway may not function as expected.
• The administrator receives an email notification with the subject line indicating the package
installation status as Failed!
• You can contact the vendor technical support team for further assistance. Otherwise, go to
the Avaya Support website at http://support.avaya.com to open a service request.

Import Client Certificate field descriptions

Name Description
Server The host name or IP address of the client server from where you
want to import the certificate
Port The HTTPS port number of the client for certificate import.
URL The URL of the server from where the certificate is imported. This is
a read only field.
Detail Certificate details including the expiration date and the hash
functions, MD5 and SHA, the values for which give the fingerprints
for the certificate. This is a read only field.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 113

Comments on this document? infodev@avaya.com
Managing certificates on SAL Gateway

Button Description
Connect Connects to the client server. On successful connection, page
displays the URL and certificate details.
Import Imports the certificate from the client server.
Cancel Resets all the fields.

Importing client certificate

Before you begin
Ensure that you have the client server IP address and port details.
Procedure
1. On the main menu of the SAL Gateway user interface, click Security > Import Client
Certificate.
2. On the Import Client Certificate page, enter the IP address and Port.
3. Click Connect.
The system connects to the client server and displays the URL and certificate Details.
4. Verify if the displayed certificate details are correct and can be trusted by the SAL
Gateway.
5. Click Import to import the client certificate.
6. Click Yes to complete the process.
Next steps
Restart the SAL services to apply the new certificates.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 114

Comments on this document? infodev@avaya.com
Chapter 10: Preference configuration for
SAL model distribution

The Model Distribution feature of SAL Gateway ensures that the products managed through SAL
are associated with the latest model definitions. SAL Gateway checks the SAL Enterprise server for
new and updated models. If SAL Gateway finds any new models, SAL Gateway downloads them.
SAL ensures that SAL Gateway users always have access to the latest model versions. The user
preferences that are configured on SAL Gateway determine how and when models are applied.

Indicating model distribution preferences

About this task
Use this procedure to configure the preferences for SAL model distribution. User preferences
determine when and how the latest model versions are applied.
Procedure
1. On the main menu of the SAL Gateway user interface, click Advanced > Model
Distribution Preferences.
2. On the Model Distribution Preferences page, click Edit.
3. Select one of the following two check boxes:
• Attempt to apply the latest model immediately: SAL Gateway tries to apply the latest
available models immediately after they are downloaded from the SAL Enterprise server.
• Apply the latest models every __ Day(s) at __Hours __Minutes: SAL Gateway tries
to apply the latest available models to the managed devices at the scheduled intervals.
4. (Optional) If you select the Apply the latest models every __ Day(s) at __Hours
__Minutes check box, enter the values for setting the time interval.
SAL Gateway retries applying the latest model to the managed devices at the scheduled
intervals.
5. Click Apply.
After applying a model to the managed devices, SAL Gateway notifies the customer of the
operation.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 115

Comments on this document? infodev@avaya.com
Preference configuration for SAL model distribution

Related links
Model Distribution Preferences field descriptions on page 116
Model application indicators on page 116

Model Distribution Preferences field descriptions

Name Description
Attempt to apply the latest model The check box to enable SAL Gateway to apply the latest models
immediately immediately after the models become available on SAL Core Server
for download.
Apply the latest models every The check box to enable SAL Gateway to try applying the latest
available models to the managed devices at a scheduled time
interval.
Day(s) The time interval in days.
at __Hours The specific time of the day when SAL Gateway tries to apply the
latest models.
__Minutes
You must enter the time in the hh:mm AM/PM format.

Related links
Indicating model distribution preferences on page 115

Model application indicators

When SAL Gateway applies the models successfully , the administrator receives the package
installation report in an email message with:
• The SEID and IP address of SAL Gateway
• Model name, version number, and description of the new models
If the user leaves both check boxes on the Model distribution preferences page clear and SAL
Gateway has downloaded the latest model, which cannot be applied owing to customer
preferences, the system displays a warning: The latest models could not be applied
as the application is explicitly stopped. Please check Model
Distribution Preferences for the list of downloaded models.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 116

Comments on this document? infodev@avaya.com
Chapter 11: Managing software updates

Automatic software update

Through the automatic software update feature, Avaya Diagnostic Server receives software
updates, including major, minor, and service pack releases, automatically from Avaya Data Center.
Through the feature, Avaya ensures that you are using the latest version of Avaya Diagnostic
Server and its components.
Note:
The automatic software update feature is implemented through the SAL Gateway component
of Avaya Diagnostic Server. Therefore, this feature is available on Avaya Diagnostic Server
that has both components or only SAL Gateway installed. For Avaya Diagnostic Server that
has only the SLA Mon server, automatic software update is unavailable.
You can keep the automatic software update feature in the enabled or the disabled state.
• If the feature is enabled, SAL Gateway automatically downloads the available software
updates and implements the downloaded software updates at the end of a grace period. The
software updates come with a grace period of 30 or 60 days. SAL Gateway waits for the
grace period to expire before applying the software update automatically. You can select a
particular time frame of the day when you prefer the software updates to be installed
automatically. Instead of waiting for the automatic implementation, you can also apply a
software update immediately or in the next available time frame.
• If you keep the feature disabled, SAL Gateway still downloads the latest available software
updates. However, SAL Gateway does not apply the software updates automatically. You can
apply the downloaded software updates through the SAL Gateway UI by following the
instructions available in the email notifications about the updates. Avaya recommends that
you apply the latest available updates that contain bug fixes and enhancements to ensure
smooth functioning of the Avaya Diagnostic Server components.

Note:
If the SAL user is not added to the SAL sudoers file, the auto upgrade might get
interrupted or disabled.
You receive email notifications about download status, installation status, installation reminders,
and other related events of the available software packages. The email notifications come to the
administrator mailbox that you configured at the time of installing or upgrading SAL Gateway. You
can update the administrator mailbox information through the SMTP Configuration page on the
SAL Gateway UI.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 117

Comments on this document? infodev@avaya.com
Managing software updates

Important:
During a software update, SAL remote access and other Avaya Diagnostic Server services
become unavailable. A software update might also result in alarms being missed. To minimize
disruption of services and alarms, choose a time for applying software updates when the
impact of a system downtime is the least.
Related links
Setting preferences for automatic software update on page 118
Configuring SMTP server details on page 41
Applying a software update manually on page 206

Setting preferences for automatic software update

About this task
Use this procedure to enable automatic software update and to set the time frame of the day when
you prefer the software updates to be installed automatically.
Note:
You must log in as an administrator user to view and change any settings related to automatic
software update.
Before you begin
Ensure that the SAL user is added to the sudoers file for the software update to work efficiently.
Procedure
1. On the main menu of the SAL Gateway user interface, click Advanced > Automatic
Software Update.
2. On the Automatic Software Update page, click Edit.
The fields in the Automatic Software Update Preferences section become available for
editing.
3. To enable the automatic software update feature, perform the following:
a. Select the Enable Automatic Software Update check box.
b. In the Apply latest update/upgrade between fields, select the time frame of the day
when you want the system to apply any software updates.

Tip:
A software update might result in alarms being missed and stop all remote
connections. To minimize disruption of services and alarms, choose a time frame when
the impact of a system downtime is the least.
4. To deactivate the automatic software update feature, clear the Enable Automatic
Software Update check box.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 118

Comments on this document? infodev@avaya.com
 Applying a software update immediately

5. Click Apply.
Next steps
For the configuration changes to take effect immediately, restart the SAL Gateway services
through the Apply Configuration Changes page. However, this is optional because the services
are restarted automatically at a scheduled time.
Important:
Restarting the SAL Gateway services might terminate established connections and might
result in SNMP traps being missed.
Related links
Automatic Software Update field descriptions on page 122

Applying a software update immediately

About this task
Instead of waiting for SAL Gateway to apply a software update automatically on the due date, you
can apply a downloaded software update immediately through the SAL Gateway UI.
You can apply a software update immediately regardless of whether the automatic software
update feature is activated.
Important:
During a software update, SAL remote access and other Avaya Diagnostic Server services
become unavailable. A software update might also result in alarms being missed. To minimize
disruption of services and alarms, choose a time for applying software updates when the
impact of a system downtime is the least.
Before you begin
Ensure that the SAL user is added to the sudoers file for the software update to work efficiently.
Procedure
1. On the main menu of the SAL Gateway user interface, click Advanced > Automatic
Software Update.
The system displays the Automatic Software Update page.
2. In the Automatic Software Update History section, click the Plus ( ) icons to expand the
release buckets and to view the details of the available software packages.
The system displays the download status, installation status, and other details of the
software packages in the descending order according to the release versions.
3. Click Apply beside a downloaded software package that you want to install.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 119

Comments on this document? infodev@avaya.com
Managing software updates

Note:
The Apply button is available only for successfully downloaded packages. The Apply
button is unavailable for the applied and earlier versions of software packages. The
Apply button becomes unavailable for all eligible packages if a package is already
scheduled to be applied in the next available administered time frame. The button
becomes available after the scheduled package is applied.
If the package you want to apply is not the latest, the system displays a message with the
release number of the latest available package. You can continue with the selected
package or can return to the Automatic Software Update page to select the latest package.
If an End User License Agreement (EULA) is available for the downloaded software
package, the system displays the License Agreement window. Otherwise, the system
displays the Apply Software window instead of the License Agreement window.
4. Read the EULA, and click Accept to continue with the software update.
If you decline the End User License Agreement, the system cancels the update process
and takes you back to the Automatic Software Update page.
The system displays the Apply Software window.
5. Click Apply Now.
The system stops the Avaya Diagnostic Server services and starts applying the software
update. The SAL Gateway UI service also stops during the update. After the software
update is applied, the services become available again.
Related links
Automatic Software Update field descriptions on page 122

Scheduling an automatic software update to the next

available time frame
About this task
If automatic software update is enabled, you can schedule a software update to be applied in the
next available administered time frame. The administered time frame is the preferred period of the
day you set for automatic software update.
You cannot schedule to apply a software update for later if automatic software update is disabled.
Important:
During a software update, SAL remote access and other Avaya Diagnostic Server services
become unavailable. A software update might also result in alarms being missed. To minimize
disruption of services and alarms, choose a time for applying software updates when the
impact of a system downtime is the least.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 120

Comments on this document? infodev@avaya.com
 Scheduling an automatic software update to the next available time frame

Procedure
1. On the main menu of the SAL Gateway user interface, click Advanced > Automatic
Software Update.
The system displays the Automatic Software Update page.
2. In the Automatic Software Update History section, click the Plus ( ) icons to expand the
release buckets and to view the details of the available software packages.
The system displays the download status, installation status, and other details of the
software packages in the descending order according to the release versions.
3. Click Apply beside a downloaded software package that you want to install.

Note:
The Apply button is available only for successfully downloaded packages. The Apply
button is unavailable for the applied and earlier versions of software packages. The
Apply button becomes unavailable for all eligible packages if a package is already
scheduled to be applied in the next available administered time frame. The button
becomes available after the scheduled package is applied.
If the package you want to apply is not the latest, the system displays a message with the
release number of the latest available package. You can continue with the selected
package or can return to the Automatic Software Update page to select the latest package.
If an End User License Agreement (EULA) is available for the downloaded software
package, the system displays the License Agreement window. Otherwise, the system
displays the Apply Software window instead of the License Agreement window.
4. Read the EULA, and click Accept to continue with the software update.
If you decline the End User License Agreement, the system cancels the update process
and takes you back to the Automatic Software Update page.
The system displays the Apply Software window.
5. Click Apply Later.

Note:
The Apply Later button is available only when automatic software update is enabled.
The system schedules the software update to be applied in the next available time frame
that you set as automatic update preference.
The Apply Later selection takes effect within 24 hours as defined by the time in the
"Administered time window" and it is not possible to cancel.
The Apply button for the downloaded software packages becomes unavailable until the
scheduled software update is applied. After the software update is applied, the button
becomes available again for downloaded packages.
The SAL Gateway UI displays the following messages at the top of the work area:

January 2022 Administering Avaya Diagnostic Server SAL Gateway 121

Comments on this document? infodev@avaya.com
Managing software updates

The software package is scheduled to be applied in the next

“Administered time window”. The “Apply” button for the software
packages shall be available after the package is applied.
Related links
Automatic Software Update field descriptions on page 122

Automatic Software Update field descriptions

Through the Automatic Software Update page, you can enable or disable the automatic software
update feature. When you enable automatic software update, you can set the preferred time of the
day when you want SAL Gateway to apply the software updates.
Instead of waiting for automatic software update at the due date, you can also apply the
downloaded software updates immediately through this page.
Note:
Only a user with administrator rights can view and update field values on this page. To change
any settings on this page, log in as an administrator user.
Automatic Software Update Preferences section
Name Description
Enable Automatic Software Check box to enable the automatic software update feature.
Update
Apply latest update/upgrade Drop-down lists to select the time frame of the day when you prefer
between the system to apply any software updates.
The default time frame is from 00:00 to 01:59. The time interval must
be of minimum 1 hour.

Tip:
A software update might terminate all remote connections and
result in alarms being missed. To minimize disruption of
services and alarms, select a time frame when the impact of a
system downtime is the least.

Automatic Software Update History section

The section displays the details of the available software packages that SAL Gateway
downloaded, installed, tried to download, or tried to install. The section displays the software
packages under collapsible release buckets in the descending order. These fields are read only
and cannot be modified. To enable or disable automatic software update or to apply software
updates, see the earlier sections.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 122

Comments on this document? infodev@avaya.com
 Viewing details of a software update

Name Description
Release Version The version number of the release.
When you click the version number, the system displays the
Package Detail dialog box. The dialog box displays details of the
package, including version, status, and the new features or
enhancements delivered in the software update.
Hash Value Hash value or checksum of the software package that uniquely
identifies the package.
Status The download status or installation status of the software package.
Last Action TS The date and time when SAL Gateway tried to download or apply the
package last.
Auto Apply Date The date when SAL Gateway will install the downloaded software
package.
The field displays a date only if the automatic software update
feature is active and SAL Gateway downloaded the package
successfully.
Apply Now The field displays an Apply button for the successfully downloaded
software packages.
The Apply button becomes unavailable for all eligible packages if a
package is already scheduled to be applied in the next available
administered time frame. The button becomes available after the
scheduled package is applied.

Note:
The section shows a maximum of 10 records if at least 1 of the packages from the list is
already applied. Else, the section shows all the records.
Related links
Setting preferences for automatic software update on page 118
Applying a software update immediately on page 119
Scheduling an automatic software update to the next available time frame on page 120

Viewing details of a software update

About this task
SAL Gateway downloads the latest software updates of Avaya Diagnostic Server, including major,
minor, and service pack releases, automatically from Avaya Data Center. Use this procedure to
view the details of a software update, including version, status, and the new features or
enhancements included in the software update.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 123

Comments on this document? infodev@avaya.com
Managing software updates

Procedure
1. On the main menu of the SAL Gateway user interface, click Advanced > Automatic
Software Update.
The system displays the Automatic Software Update page with the Automatic Software
Update History table. The table contains the details of the software updates that SAL
Gateway downloaded, tried to download, installed, or tried to install.
2. Click the version number of the software package for which you want to view the details.
The Package Detail dialog box displays the details of the software update, including
version number, status, and enhancements that are included in the software update. If the
update was already installed, the dialog box displays the details of the installed
components.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 124

Comments on this document? infodev@avaya.com
Chapter 12: Backing up and restoring SAL
Gateway

SAL Gateway backup

Taking regular backups of the SAL Gateway configuration information is critically important. If SAL
Gateway gets corrupted, you can restore SAL Gateway to a previous working state using the
backed up information.
Using the backup and restore capabilities of SAL Gateway, you can back up and restore SAL
Gateway configuration information more conveniently than a manual backup of each configuration
file. The backup capability provided by SAL Gateway UI also saves your time on finding files for
backup and eliminates the risk of missing any important files during backup. When you initiate a
backup, SAL Gateway backs up and combines all important configuration files and folders into a
backup archive.
Using the SAL Gateway UI, you can perform the following backup activities:
• Initiate a backup at any point of time without the need to find important files for backup.
• Schedule an automatic backup at regular intervals.
Store the backup archives on the local or an SFTP host server. SAL Gateway uses Secured
File Transfer Protocol (SFTP) to transfer the backup archives to an SFTP host server.
• View the backups executed earlier and their status.
SAL Gateway provides the following additional capabilities around backup and restore:
• If the SAL Gateway UI is not running, you can run a script from CLI to list previous local
backups.

Note:
The restore.sh script, which you can run from the CLI to restore a backed up state of
SAL Gateway, is located inside the <Gateway_Install_path>/GatewayUI/
scripts/ directory. When you run the restore.sh script, the system lists ahe local
backup points from where you can restore configuration data. After you select a
particular backup point, the script starts the restore operation. For more information
about how to restore configuration data, see Restoring SAL Gateway configuration data
using CLI on page 135.
• If a backup fails, SAL Gateway sends an email notification to the email address of the
Gateway administrator and an SNMP trap to the configured customer NMS servers. The

January 2022 Administering Avaya Diagnostic Server SAL Gateway 125

Comments on this document? infodev@avaya.com
Backing up and restoring SAL Gateway

email address is configured on the SMTP Configuration page of SAL Gateway UI. For more
information about how to configure the SMTP server and the NMS server, see Configuring
SMTP server details on page 41 and Configuring NMS on page 44.
Note:
When a backup operation is in progress, the SAL alarming and the remote access facilities
continue to be available.
Related links
Backing up the SAL Gateway configuration data on page 126
Scheduling a backup on page 127
Viewing backup history on page 130

Backing up the SAL Gateway configuration data

About this task
Use this procedure to back up configuration information of SAL Gateway through the SAL
Gateway UI.
Before you begin
Important:
Generally, the backup file size is between 11 MB to 15 MB. For a heavily loaded SAL
Gateway, the backup file size can reach up to 20 MB. Ensure that you have enough free
space at the location where you are storing the backup archive.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > Backup
Configuration.
The system displays the Backup Configuration page.
2. On the Backup Configuration page, select Backup Now to start the backup operation
immediately.
3. From the Backup Method list, select one of the following options to store the backup files:
• Local: Stores the backup archive file on the SAL Gateway host server in the/saldata/
backup/archives directory.
• SFTP: Stores the backup archive file in a specified directory on the designated SFTP
host server.
4. If you selected SFTP as the backup method, enter the host name, directory, user name,
and password for the SFTP host server.
5. Click Backup Now.
Related links
Backing up the SAL Gateway configuration data on page 126

January 2022 Administering Avaya Diagnostic Server SAL Gateway 126

Comments on this document? infodev@avaya.com
 SAL Gateway backup

Scheduling a backup on page 127

Viewing backup history on page 130
Backup Configuration field descriptions on page 128

Scheduling a backup
About this task
Use this procedure to schedule an automatic backup of SAL Gateway configuration data at regular
intervals.
Procedure
1. On the SAL Gateway user interface, click Configuration > Backup Configuration.
2. On the Backup Configuration page, select Schedule Backup.
3. Specify the following:
• Frequency
• Day
• Start Time
• Archives kept on server

Note:
Available only when the selected backup method is Local
• Backup Method
- Local: Select to store the backup archive file on the SAL Gateway host server in
the /saldata/backup/archives directory.
- SFTP: Select to store the backup archive file in a specified directory on the
designated SFTP host server.
4. If you selected SFTP as the backup method, enter the host name, directory, user name,
and password for the SFTP host server.
5. Click Schedule Backup.
Related links
Backing up the SAL Gateway configuration data on page 126
Scheduling a backup on page 127
Viewing backup history on page 130
Backup Configuration field descriptions on page 128

January 2022 Administering Avaya Diagnostic Server SAL Gateway 127

Comments on this document? infodev@avaya.com
Backing up and restoring SAL Gateway

Backup Configuration field descriptions

The Backup Configuration page has two tabs:
• Backup Configuration tab: Use this tab to take Backup of SAL Gateway data or schedule a
backup at a specified time.
• Backup History tab: Use this page to view the Backup history and location of the stored
Backup files.
Backup Configuration tab
Name Description
Backup Now The option to indicate that you want to take a backup of the SAL
Gateway configuration data immediately.
Schedule Backup The option to indicate that you want to schedule an automatic
backup of the SAL Gateway configuration data at regular intervals.
Backup Method The location to save the backup archive file. The options are:
• Local: To store the backup archive file on the Gateway host server
in the /saldata/backup/archives directory.
• SFTP: To store the backup archive file on the designated SFTP
host server.
When you select SFTP, you must enter the SFTP hostname or IP
address, directory to which the archive will be sent, and the user
name and password to log on to the SFTP host server.

Note:
If an SFTP transfer fails but the backup archive was successful,
then the copy of the archive file is saved on the local server in
the /saldata/backup/archives directory.
The following fields are available only when you select the backup method as SFTP:
SFTP Hostname/IP The hostname or IP address of the SFTP host server.
SFTP Directory The directory on the SFTP host server where the backup archive is
to be saved.
SFTP Username The user name to log on to the SFTP host server.
SFTP Password The password associated with the username to log on to the SFTP
host server.

If you select Schedule Backup, the following additional fields become available for you to
schedule an automatic backup at regular intervals:

January 2022 Administering Avaya Diagnostic Server SAL Gateway 128

Comments on this document? infodev@avaya.com
 SAL Gateway backup

Name Description
Frequency The frequency of the scheduled backup. The options are:
• Daily
• Weekly
• Monthly
Day The day of the week when the weekly data backup is run or the date
of the month when the monthly data backup is run. This field is
required if you select Weekly or Monthly as the data backup
frequency.
For a weekly data backup, select the day when the backup is to be
run.
For a monthly data backup, select the date when the backup is to be
run.
Start Time The start time for the backup operation. You must provide The time
in the HH:MM format.
For example, enter 11:30 PM as 23:30.
Archives kept on server The number of local backup archives to store on the SAL Gateway
host server. The default value is 3.
This field is available only when you select the backup method as
Local.
For SFTP backups, there is no limitation.

Button Description
Backup Now Starts the backup operation immediately.
This button is available only when you select Backup Now at the top
of the Backup Configuration page.
Schedule Backup Schedules the backup process according to the data you entered in
the fields available for scheduling.
This button is available only when you select Schedule Backup at
the top of the Backup Configuration page.
Cancel Schedule Cancels an existing backup schedule.
This button is available only when you click Edit and a backup
schedule is already in place.
Edit For an existing backup schedule, makes the fields available for
modification.
Undo Edit Cancels the changes you make on an existing backup schedule.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 129

Comments on this document? infodev@avaya.com
Backing up and restoring SAL Gateway

Backup History tab

Name Description
Archive Filename The list of all the files saved in the archive.
Backup Date (MM/DD/YY) The date and time of the backup, arranged in chronological order.
The date is in MM/DD/YY format.
Status The status of the backup.
Destination The location of the saved backup file.

Related links
Backing up the SAL Gateway configuration data on page 126
Scheduling a backup on page 127
Viewing backup history on page 130
Backing up the SAL Gateway configuration data on page 126
Scheduling a backup on page 127
Viewing backup history on page 130

Viewing backup history

About this task
Use this procedure to view the backups executed earlier and their status on the Backup History
tab. The maximum number of successful local backups displayed on the Backup History tab
depends on the value configured in the Archives kept on server field. This tab displays the five
latest successful SFTP transfers of backup archives to remote locations. The Backup History tab
also displays the last four failed backup attempts, both local and SFTP. Along with the backups
executed, the tab displays the rollback file that SAL Gateway creates before proceeding with a
restoration operation.
Procedure
1. On the SAL Gateway user interface, click Configuration > Backup Configuration.
2. On the Backup Configuration page, click the Backup History tab.
The system displays the latest backups executed with their dates and the status.
Related links
Backing up the SAL Gateway configuration data on page 126
Scheduling a backup on page 127
Viewing backup history on page 130
Backup Configuration field descriptions on page 128

January 2022 Administering Avaya Diagnostic Server SAL Gateway 130

Comments on this document? infodev@avaya.com
 SAL Gateway restoration

SAL Gateway restoration

You can restore backed up configuration information of SAL Gateway to return to a previously
working state of SAL Gateway. From a list of previously taken successful backups, you can select
any backup archive to restore that particular state of SAL Gateway. When you trigger a restore
operation, SAL Gateway restores all configuration files and folders in the selected backup archive.
Therefore, you do not require the details of important files and folder for a restore operation.
SAL Gateway provides the following capabilities around configuration data restoration:
• You can view the backup archives saved on the local server or an SFTP host server and
restore one of the archives.
• You can view the local backup archives with their creation dates and the status of the SAL
Gateway services at the time the backups were created.
• You can view the last 15 restoration attempts and their status, with the latest attempt at the
top.
• You can run a script from the command line interface (CLI) to list the backups and restore
SAL Gateway to an earlier working state.

Note:
Use the CLI for a restore operation only when the Gateway UI is not accessible. The
restore script, restore.sh, is located inside the directory
<Gateway_Install_Path>/GatewayUI/scripts/. When you run this script, the
system lists a number of backup points from where you can restore configuration data.
After you select a particular backup point then the script starts the restore operation. For
more information, see Restoring SAL Gateway configuration data using CLI on page 135.
• You can restore the backup data either on the same Gateway instance or on a different
instance of SAL Gateway.

Note:
If you restore data on a different instance, the installation path and the major and the
minor versions of the SAL Gateway instances must be identical. For example, if one SAL
Gateway version is 2.2.0.1 and the other is 2.2.0.4, data restore from one instance to
another is possible. If the SAL Gateway versions are 2.3.0.1 and 2.2.0.1, data restore
from one instance to another is not possible.

Note:
If you restore data from an earlier version to a SAL Gateway version that has some
patches applied, which introduced configuration changes, SAL Gateway retains the
configuration changes. An automated post restore operation reapplies the same
configuration changes in the patches at the end of the restore operation.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 131

Comments on this document? infodev@avaya.com
Backing up and restoring SAL Gateway

Important:
After a restore operation, you must verify and, if required, update the SAL Gateway
configuration information using the Gateway UI, especially on the following pages: Gateway
Configuration, Core Server, Remote Server, Policy Manager, Proxy Server, SNMP SubAgent
Configuration, and Certificate Management. This check is important for the proper functioning
of the SAL Gateway services, such as alarming, remote connection, and inventory collection.
Also, .
The backup process does not take a backup of the SNMP agent service related files. After a
restore operation, you must reconfigure the SNMP agent details on SAL Gateway. See
Installing and configuring Net-SNMP in Deploying Avaya Diagnostic Server.

A restore operation overwrites the existing configuration data of SAL Gateway. If you restore
data from another SAL Gateway to your SAL Gateway instance, you must update the
configuration information on the Gateway Configuration page, specially the host name, IP
address, Solution Element ID, and alarm ID of SAL Gateway, to reflect the values belonging to
your SAL Gateway.

Caution:
The SAL Gateway restore operation does not guarantee an actual serviceability status of the
devices. The operation restores whatever configurations were captured at the time of backup.
Related links
Restoring SAL Gateway configuration data using the SAL Gateway UI on page 132
Restoring SAL Gateway configuration data using CLI on page 135
Viewing restore history on page 137
Restoring data from an SFTP host server using CLI on page 136

Restoring SAL Gateway configuration data using the SAL

Gateway UI
About this task
Use this procedure to restore backed up configuration information for SAL Gateway using the SAL
Gateway UI.
Caution:
Before triggering a restore operation, note that the restore operation will take SAL Gateway to
a previous state and any configuration changes you have applied after the backup was taken
will be lost. Therefore, take extreme caution while choosing a backup archive for a restoration.
Procedure
1. On the main menu of the SAL Gateway user interface, click Configuration > Restore
Configuration.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 132

Comments on this document? infodev@avaya.com
 SAL Gateway restoration

The Restore page displays a list of previously backed up local archives of the SAL
Gateway configuration data.
2. Select one of the following two options to restore a backup archive file:
• Local: To restore from an archive file on the SAL Gateway host server. If you select this
option, the Restore page displays a list of previously backed up archives on the SAL
Gateway host server.
• SFTP: To restore from an archive file on an SFTP host server.
3. If you selected SFTP as the option, enter the SFTP hostname or IP address, directory
where the archive file is located, the user name and password to log on to the SFTP host
server, and then click Search.
4. Select an archive file from the list, and click Restore to restore from the selected archive.
Result
After a successful restoration, a link to restart SAL Gateway UI appears on the Gateway UI. Use
this link to restart the SAL Gateway UI.
Note:
If the SAL Gateway is in Managed Services mode, then openvpnAgent service will also restart
along with other services.
Important:
When you trigger a restore operation, the system stops all SAL Gateway services except the
Gateway UI service. The alarming and the remote access facilities are not available during the
restoration process. After the Gateway data is restored, all services resume their operational
state.
Note:
If a restore operation fails, the system displays an error message with the status of SAL
Gateway. Check the Gateway UI logs for details of the cause. If the restore operation failure
affected the SAL Gateway state, you must update the system to rectify the configuration to
bring SAL Gateway to a working state. For more information about troubleshooting restore
operations, see Chapter 17, Troubleshooting.
Related links
Restoring SAL Gateway configuration data using the SAL Gateway UI on page 132
Restoring SAL Gateway configuration data using CLI on page 135
Viewing restore history on page 137
Restoring data from an SFTP host server using CLI on page 136
Restore field descriptions on page 133

Restore field descriptions

You can use the Restore page to restore backed up configuration information for SAL Gateway.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 133

Comments on this document? infodev@avaya.com
Backing up and restoring SAL Gateway

Name Description
Restore From The location of the backup archive file from which you want to
restore configuration information. The options are:
• Local: To restore from an archived file on the SAL Gateway host
server. The Restore page displays a list of previously backed up
archives on the SAL Gateway server.
• SFTP: To restore from an archived file on an SFTP host server. To
log on to the SFTP host server, enter the SFTP hostname or IP
address directory where the archived file is located, and the user
name and password .
Archive Filename The file name of the backup archived files at the location you specify.
Archive Date The date on which the file was created.
Gateway Services The status of the SAL Gateway services when the backup archive
was created. You can view the status of the SAL Gateway services
for local backups only. , you cannot view the service status of
backups on an SFTP host server.

Note:
This field represents the status of the SAL Gateway services at
the time this backup was taken. This status does not reflect the
current status of the SAL Gateway services
The displayed status does not guarantee that services will be
restored to the same status after a restore operation.
Selection The field to restore configuration data from an archived file.
The following additional fields are available when you select the restore method as SFTP:
SFTP Hostname/IP The hostname or IP address of the SFTP host server.
SFTP Directory The directory on the SFTP host server where the restored archived
file is saved.
SFTP Username The user name to log on to the SFTP host server.
SFTP Password The password associated with the user name to log on to the SFTP
host server.

Button Description
Search Searches for archived files in the specified directory of the SFTP
host server.
This button is available only when you select SFTP.
Restore Starts the restore operation.
Delete Deletes a local archive file.

Important:
When you trigger a restore operation, the system stops all SAL Gateway services except the
SAL Gateway UI service. The alarming and remote access facilities are unavailable during the
restoration process.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 134

Comments on this document? infodev@avaya.com
 SAL Gateway restoration

Restore History tab

Name Description
Archive Filename The list of all files saved in the archive.
Restore Date (MM/DD/YY) The date and time when data was restored. The date is in the
MM/DD/YY format.
Status The status of the attempted restore operation.

Related links
Restoring SAL Gateway configuration data using the SAL Gateway UI on page 132
Restoring SAL Gateway configuration data using CLI on page 135
Viewing restore history on page 137
Restoring data from an SFTP host server using CLI on page 136
Restoring SAL Gateway configuration data using the SAL Gateway UI on page 132
Viewing restore history on page 137

Restoring SAL Gateway configuration data using CLI

About this task
If the SAL Gateway UI is not accessible and you are unable to start the UI even from the
command line, use the script, restore.sh, to list previously backed up local archives, and to
trigger a restore operation from CLI. The restore script, restore.sh, is located inside the
directory <Gateway_Install_path>/GatewayUI/scripts/.
Procedure
1. Using an SSH client, open a console on the Linux system that hosts SAL Gateway.
2. Use the su command to switch to saluser.
3. Change to the directory <Gateway_Install_path>/GatewayUI/scripts/
4. Run the restore.sh script:
./restore.sh
The system displays a number of local backup points from where you can restore
configuration data.

Note:
The restore script lists only local backup points. If you want to restore an archive saved
on an SFTP host server using CLI, you must perform some additional manual steps.
For more information about restoring data, see Restoring data from an SFTP host
server using CLI on page 136
5. Type the number for a particular backup, and press Enter.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 135

Comments on this document? infodev@avaya.com
Backing up and restoring SAL Gateway

Result
The script starts the restore operation.
Important:
While the restore operation is in progress, do not stop the process. Let the restore operation
complete. Stopping the operation before completion might result in corruption of the SAL
Gateway configuration files.
Related links
Restoring SAL Gateway configuration data using the SAL Gateway UI on page 132
Restoring SAL Gateway configuration data using CLI on page 135
Viewing restore history on page 137
Restoring data from an SFTP host server using CLI on page 136

Restoring data from an SFTP host server using CLI

About this task
The restore script lists only local backup points. If you want to restore a backup archive saved on
an SFTP host server using the CLI, you must perform the following manual steps before running
the restore.sh script.
Procedure
1. Copy the remote archive that you want to restore, from the SFTP location to the /
saldata/backup/archives directory of the system that hosts SAL Gateway.
2. Ensure that the ownership of the copied archive is saluser.
3. Locate the backupHistory.xml file in the /saldata/backup/archives directory.
4. Open the backupHistory.xml file in a text editor, and add the following new entries
towards the end of the file:
<backup-history-entry>
<archiveName>Archive Name</archiveName>
<date>Date</date>
<destination>local:/saldata/backup/archives</destination>
<gateway-services-status/>
<status>Success</status>
</backup-history-entry>

In the above entry, replace Archive Name with the actual archive file name. Also, retrieve
the file creation time from the file name, which is suffixed to the file name in the format
yyyy_MM_dd_HH_mm_ss. Convert the file creation time to the 12-hour date and time
format dd/MM/yy hh:mm:ss AM/PM and finally replace the Date placeholder with the file
creation time. For example, if the name of the remote archive is
backup_puvmlx140_2011_10_18_22_40_36.zip, the new entry would be as the
following:
<backup-history-entry>
<archiveName>backup_puvmlx140_2011_10_18_22_40_36.zip</archiveName>

January 2022 Administering Avaya Diagnostic Server SAL Gateway 136

Comments on this document? infodev@avaya.com
 SAL Gateway restoration

<date>18/10/11 10:40:36 PM</date>

<destination>local:/saldata/backup/archives</destination>
<gateway-services-status/>
<status>Success</status>
</backup-history-entry>

5. Save the backupHistory.xml file, and close the file.

6. Run the restore.sh script, and follow the steps in the procedure Restoring SAL
Gateway configuration data using CLI on page 135.
The system displays the list of local backup points for selection, which includes the archive
that you copied from the SFTP location.
Related links
Restoring SAL Gateway configuration data using the SAL Gateway UI on page 132
Restoring SAL Gateway configuration data using CLI on page 135
Viewing restore history on page 137
Restoring data from an SFTP host server using CLI on page 136

Viewing restore history

About this task
Use this procedure to view the last 15 restore attempts and their statuses.
Procedure
1. On the SAL Gateway user interface, click Configuration > Restore Configuration.
2. On the Restore page, click the Restore History tab.
The system displays the archive file name from which you restored configuration data, date
on which the restoration operation was done, and the status of the restoration operation.
The page also maintains the history of any delete operation.
Related links
Restoring SAL Gateway configuration data using the SAL Gateway UI on page 132
Restoring SAL Gateway configuration data using CLI on page 135
Viewing restore history on page 137
Restoring data from an SFTP host server using CLI on page 136
Restore field descriptions on page 133

January 2022 Administering Avaya Diagnostic Server SAL Gateway 137

Comments on this document? infodev@avaya.com
Chapter 13: Managed Services
Configuration

Managed services overview

Overview
Avaya has introduced enhancements to SAL 3.x to enable a secure, bi-directional communication
between customer devices and Avaya Private Cloud Service (APCS) tools.
Prior to these enhancements, it was necessary for APCS customers to set up an IPSEC-VPN
tunnel between their premises and Avaya. Now all services can be delivered over SAL, without
using the IPSEC-VPN.
The enhanced SAL solution is only applicable to Avaya managed services customers under the
APCS offer. SAL now provides secure transport between those customer devices and all APCS
tools, including the following:
• Remote monitoring and management (RMM)
• McAfee Server
• RealEyes Agent
• AppCritical
Managed Services components
• Managed Services client: The Managed Services configuration solution that resides on
customer network alongside SAL Gateway.
• Managed Services server: Server side component that is deployed in Avaya premises. This
is connected to Managed Services configuration client solution to establish a connection.

Viewing Managed services configuration details

About this task
You can view the Managed Services configuration details on this page. The details are displayed
only if SAL Gateway is running in Managed Services mode and the configuration is published to
SAL Gateway from SAL Core.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 138

Comments on this document? infodev@avaya.com
 Managed services configuration field description

Procedure
1. On the SAL Gateway user interface, click Configuration > Managed Services
Configuration.
2. Click Resync and Run to refresh the Managed Services configuration details.
System displays the following Managed Services details:
• Username
• Subnets
• Connection Type
• Destination
• Protocol
• Port

Managed services configuration field description

SAL Gateway obtains the Managed Services configuration details automatically from Avaya and
displays it on Managed Services Configuration page.
Name Description
Username The username of the client that is connected to Managed Services
server.
Subnets The subnets where the managed devices are located in the customer
datacentre.
Connection Type The type of connection through which Managed Services client and
Managed Services server are connected.
Destination IP address of the RMM agent or other end systems like McAfee.
Protocol The TCP or UDP protocol depending on the traffic.
Port The port of the RMM agent or other end systems like McAfee.

Button Description
Resync and Run The button to refresh the Managed Services configuration details.
When you click this button, the Managed services configuration on
SAL Gateway gets replaced with the corresponding file from SAL
Core.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 139

Comments on this document? infodev@avaya.com
Chapter 14: SAL Gateway services
management

Managing SAL Gateway services

About this task
Use this procedure to view the status of a service, stop a service, or test a service that SAL
Gateway manages. You can also view the connectivity status of SAL Gateway to different SAL
servers and components.
Procedure
1. On the main menu of the SAL Gateway user interface, click Administration > Service
Control & Status.
The system displays the Gateway Service Control page. The page displays the SAL
Gateway services and the status of the services.
2. Perform the following as required:
• Click Stop to stop a service.
• Click Start to start a service that is stopped.
• Click Test to send a test alarm to SAL Core Server.

Note:
You cannot start or stop the SAL Agent and the SAL Watchdog services. As the
administrator, you can control all other services.
3. If you have not configured the SAL Gateway connectivity to a server, such as proxy server
or SAL Policy Manager, click Configure to go to the relevant page to configure the server
details.
4. If the system displays the status of the SAL Gateway connectivity to a server as
Connectivity Failed, click Re-Configure to go to the relevant page to modify the
server configuration details.
Related links
Gateway Service Control field descriptions on page 141

January 2022 Administering Avaya Diagnostic Server SAL Gateway 140

Comments on this document? infodev@avaya.com
 Gateway Service Control field descriptions

Gateway Service Control field descriptions

On this page, you can view the status of a service, stop a service, start a service, or test a service
that SAL Gateway manages. This page has two sections:
• Gateway Services: Displays the SAL Gateway services and processes and their status.
• Gateway Connectivity: Displays the connectivity status of SAL Gateway to other SAL
components.
Gateway Services section
Name Description
SAL Agent The SAL Agent service provides the interfaces required to manage a
product on a customer network.
Alarming Through the secure enhanced alarming feature you can forward
alarms from Avaya devices to NMS, Avaya, or a certified partner to
monitor the alarm activities .
Inventory SAL Gateway collects inventory information about the supported
managed device and sends the information to SAL Core Server.
Remote Access SAL Gateway provides a device remote access facility to service
personnel for managed devices.
SAL SNMP Sub-agent This SAL Gateway component uses SNMP to manage SAL Gateway.
Package Distribution This service applies models to managed elements and certificates to
SAL Gateway. SAL models define the management interfaces that
are supported in the product, whether the product requires remote
access through SAL, and whether the product supports other
features of SAL Gateway. These models are updated periodically to
stay current with the latest product changes.
SAL Managed Services Agent The SAL Agent service provides secure transport between customer
devices and all APCS tools.
SAL Watchdog SAL Watchdog process routinely tests the operational state of all SAL
Gateway components and restarts the components in case of any
abnormal shutdowns. SAL Watchdog runs as a cron job every 5
minutes.

Icon Name Description

Service Running Indicates that the service is
running.
the system displays a Stop
button beside the status.
Service Not Running Indicates that the service is
stopped.
the system displays a Start
button beside the status.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 141

Comments on this document? infodev@avaya.com
SAL Gateway services management

Gateway Connectivity section

Name Description
Primary Core Server SAL Gateway components communicate with SAL Core Server for
alarm transfer and inventory management.
Primary Remote Server The server handles remote access requests and updates models and
configuration.
SAL Hosted Concentrator The Avaya hosted server for Business Partners handles the
connection from SAL Gateway to provide remote access to Business
Partners .
HTTP Proxy Server SAL Gateway communicates with other servers through this proxy
server
This field is unavailable if you configured SOCKS for the proxy.
SOCKS Proxy Server SAL Gateway communicates with other servers through this proxy
server If a SOCKS proxy server is configured.
This field remains unavailable if you configured HTTP for the proxy.
Policy Manager If you have SAL Policy Manager configured, SAL Gateway controls
remote access to managed devices based on policies from SAL
Policy Manager.

The following icons indicate the connectivity of SAL Gateway to various servers in the table:
Icon Name Action that can be Description
performed
Connectivity verified — Indicates that SAL
Gateway could establish
connection with the
server.
Connectivity failed Re-configure the server Indicates that an error
information occurred while
establishing connection
with the server.
You can click Re-
Configure to edit the
server information.
Not configured Configure the server Indicates that the server
information details are not configured
for SAL Gateway.
You can click Configure
to configure the server
information for SAL
Gateway.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 142

Comments on this document? infodev@avaya.com
 Gateway Service Control field descriptions

Button Description
Check Health for the Gateway Starts the status check of the SAL Gateway services and connectivity
to SAL servers and generates the status report.
Test Sends a test alarm to SAL Core Server to test the alarm transfer
service.
Start Starts a stopped service.
Stop Stops a running service.
Configure Displays the relevant page for the configuration of the server.
This link is available beside a server when the server details are not
configured in SAL Gateway.
Re-Configure Displays the relevant page for the configuration of the server.
This link is available beside a server when SAL Gateway cannot
establish a connection with the server.

A Health icon is available in the top–right corner of the SAL Gateway UI. The different icons
indicate the cumulative status of SAL Gateway services and connectivity.
Icon Description
The status of the SAL Gateway components is between 0-19%.

The status of the SAL Gateway components is between 20-39%.

The status of the SAL Gateway components is between 40-59%.

The status of the SAL Gateway components is between 60-89%.

The status of the SAL Gateway components is above 90%.

Note:
For more information about the components that have issues, see the SAL Gateway Service
Control and Status page.
Related links
Managing SAL Gateway services on page 140

January 2022 Administering Avaya Diagnostic Server SAL Gateway 143

Comments on this document? infodev@avaya.com
Chapter 15: Monitoring SAL Gateway status

Overview
Monitoring the operational status of SAL Gateway is important to ensure proper functioning of SAL
Gateway. To monitor the SAL Gateway status, you can view SAL Gateway diagnostics,
configuration files, and status reports.
Customers or support personnel might want to diagnose SAL Gateway to determine the
operational status of the SAL Gateway components:
• When SAL Gateway fails to function as expected.
• Before the start of a support action.
• After a support action is complete.

Running diagnostics
About this task
Use this procedure to run a diagnostics to check the status of the SAL Gateway components.
Note:
SAL Gateway runs only one diagnostics at a time. If a user runs a diagnostics on SAL
Gateway, no other user can simultaneously run another diagnostics on that SAL Gateway.
Before you begin
The SAL Agent service must be in the running status.
Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Diagnostics
Viewer.
2. On the Diagnostics Viewer page, click Run Diagnostics.
Result
The system runs diagnostics and displays the message Diagnostics is running.
SAL Gateway at this point runs through a list of SAL Gateway components, and invokes each to
run diagnostics. The system displays the collective output of all of these diagnostic tests as a
diagnostics report.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 144

Comments on this document? infodev@avaya.com
 Viewing a diagnostics report

Note:
While a diagnostics runs, you can navigate elsewhere on the SAL Gateway user interface.
Next steps
View the diagnostic report generated to check the status of the SAL Gateway components.
Related links
Diagnostics Viewer field descriptions on page 146

Viewing a diagnostics report

About this task
Use this procedure to view a SAL Gateway diagnostic report to check the status of the SAL
Gateway components.
Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Diagnostics
Viewer.
2. On the Diagnostics Viewer page, select a diagnostics report from the list.
3. Click Show Report.
Result
The system displays the report with the diagnostics information tabulated under the following
column headers:
• Component
• Step
• Stage
• Status
• Description
Related links
Diagnostics Viewer field descriptions on page 146

Exporting a diagnostics report

About this task
As a support personnel or administrator, you might want to export a diagnostics report on SAL
Gateway for reference. Use this procedure to export a diagnostics report to a local system.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 145

Comments on this document? infodev@avaya.com
Monitoring SAL Gateway status

Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Diagnostics
Viewer.
2. On the Diagnostics Viewer page, If required, run a diagnostics.
3. From the diagnostics report list, select a report and click Export.
The system displays the File Download box with the message: Do you want to open
or save this file?
4. Perform one of the following:
• Click Open to view the file.
• Click Save to save the file to a location to which you can browse.
Related links
Diagnostics Viewer field descriptions on page 146

Diagnostics Viewer field descriptions

You can use the Diagnostics Viewer page to view diagnostic information about SAL Gateway and
the operating environment of SAL Gateway.
Name Description
Drop-down list The list of diagnostics reports generated earlier.
You can select one of the available reports to view or export.

Button Description
Show Report Displays a selected diagnostic report.
You can copy the diagnostic text into an email message or a note-
taking application.
Run Diagnostics Runs diagnostics and displays the report on the page. SAL Gateway
saves the report as a .rpt file, which becomes available in the drop-
down list for later viewing.
Export Exports the diagnostic report to the local system as a .rpt file.

Related links
Running diagnostics on page 144
Viewing a diagnostics report on page 145
Exporting a diagnostics report on page 145

January 2022 Administering Avaya Diagnostic Server SAL Gateway 146

Comments on this document? infodev@avaya.com
 Viewing a configuration file

Viewing a configuration file

About this task
Use this procedure to view configurations using the SAL Gateway user interface.
When SAL Gateway does not function as expected, you can view the SAL Gateway configuration
files to check for configuration issues, if any.
This verification helps:
• Customers to handle the issue, if possible.
• Support personnel to understand issues better if support is required.
Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Gateway
Configuration Files.
2. On the Configuration Viewer page, in the Select Configuration File field, click a
configuration file.
3. Click Display.
The system displays the selected XML file.
Related links
Configuration Viewer field descriptions on page 148

Exporting a configuration file

About this task
You might want to extract the configuration files to a local system to check for configuration issues
in SAL Gateway.
Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Gateway
Configuration Files.
2. On the Configuration Viewer page, in the Select Configuration File field, select a
configuration file.
3. Click Export.
The system displays the File Download box with the message: Do you want to open
or save this file?
4. Perform one of the following:
• Click Open to view the file.
• Click Save to save the file at a location to which you can browse.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 147

Comments on this document? infodev@avaya.com
Monitoring SAL Gateway status

Related links
Configuration Viewer field descriptions on page 148

Configuration Viewer field descriptions

On this page, you can view the SAL Gateway configuration files to check for configuration issues,
if any.
Name Description
Select Configuration File The drop-down list of configuration files, which includes the following
configuration files:
• spirit-gcm-config.xml: Contains configuration details related
to backup, restore, and SMTP..
• SPIRITAgent_1_0_supportedproducts.xml: Contains
configuration details of SAL-supported products.
• SPIRITAgent_1_0_DataTransportConfig.xml: Contains
configuration details for data transport.
• SPIRITAgent_1_0_RemoteAccessComponentConfig.xml:
Contains configuration details related to backup, restore, and
SMTP.

Button Description
Display Displays the selected XML configuration file.
Export Exports the selected XML configuration file to the local system.

Related links
Exporting a configuration file on page 147
Viewing a configuration file on page 147

Device Registration Viewer field descriptions

You can use the Device Registration Viewer page to view the status of all the registration requests
submitted to SAL Gateway using the various search criteria available.
This page has two section:
• Search filter section: Includes the search criteria to search the registered device.
• Search result section: Views the list of devices that matches the provided search criteria. You
can also view the device details.
The Search filter section includes the following search criteria:

January 2022 Administering Avaya Diagnostic Server SAL Gateway 148

Comments on this document? infodev@avaya.com
 Device Registration Viewer field descriptions

Note:
If you search without giving any inputs in the search criteria, all the registration requests made
to this SAL Gateway are displayed.
Name Description
Batch Request ID The request ID assigned to your device registration request.
SEID The unique identifier assigned to the device when the device is
registered with Avaya
Product IP Address The IP address of the device that you want to search.
Status The status of the device registration request. It can be:
• All
• REQUEST_ACCEPTED
• SUBMITTED_TO_AVAYA
• COMPLETED
SSO User The Single Sign On credentials used for registering the product.
Result The result of device registration request. It can be:
• All
• SUCCESS
• ERROR
Start Date (MM/DD/YYYY) The date when the device registration request was initiated in
MM/DD/YYYY format.
End Date (MM/DD/YYYY) The date when the device registration request was completed or
declined, in MM/DD/YYYY format.
Product Type The type of product or device for which the registration request was
originated.

Button Description
Search Initiates the search for devices that matches the search criteria.

Note:
If you click Search without giving any inputs in the search
criteria, a list of all the registration requests made to SAL
Gateway is displayed.
Clear Search Erases all the data from the search fields..
Refresh Updates the search result to include the latest registered device.

The search results are displayed in the search result section. The Details link in the search results
includes the following additional information:
Name Description
Request ID The request ID assigned to your device registration request.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 149

Comments on this document? infodev@avaya.com
Monitoring SAL Gateway status

Name Description
Alarm ID A 10-digit numeric field where the first two digits indicate the product
family and the remaining numbers are a sequential assignment
created the registration tool.
Client The client associated with the product or device.
Nick Name Product name assigned to the device
Sold To/FL Functional location number that identifies the installation location of
SAL Gateway.
Result Sub Type Displays system messages after the registration process is
completed, either successfully or with an error.
Description Additional information about device registration. In case the device
registration has failed, this field gives the description of the error.
Updated Timestamp The date and time when the status of device registration request was
last updated.

Viewing the registered devices

Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Device
Registration Viewer.
2. Enter values in one or more of the following fields to search for registered devices:
• Batch Request ID
• SEID
• Product IP Address
• Status
• SSO User
• Result
• Start Date (MM/DD/YYYY)
• End Date (MM/DD/YYYY)
• Product Type
3. Click Search
A list of registered devices that matches the selected search criteria is displayed.
4. (Optional) Click Refresh to update the displayed registered device list.
5. (Optional) Click the Details link form the search results to view the following additional
information of the device:
• Request ID

January 2022 Administering Avaya Diagnostic Server SAL Gateway 150

Comments on this document? infodev@avaya.com
 Live Remote Connections field descriptions

• Alarm ID
• Client
• Nick Name
• Sold To/FL
• Result Sub Type
• Description
• Updated Timestamp

Live Remote Connections field descriptions

You can use the Live Remote Connections page to view the status of all the active remote
sessions established by the SAL Gateway.
Name Description
User Name The User name of the device that is used to establish the remote
connection.
Connection Details The following details of the live remote connection are displayed:
• Session ID
• Connection Type
• State
• Device SEID or CI Name
Device Details The following device details are displayed:
• Gateway SEID
• Device SEID or CI Name

Button Description
Refresh Updates the list of live remote connections to include or remove the
latest active session.

SAL Gateway Health check

Viewing the SAL Gateway status

About this task
You can view the SAL Gateway status from any pages on the SAL Gateway user interface.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 151

Comments on this document? infodev@avaya.com
Monitoring SAL Gateway status

Procedure
Click the Gateway Status icon that is available on the upper right corner of the user interface just
before the User icon ( ).
The system displays the Gateway Service Control page.
Related links
Gateway Service Control field descriptions on page 141

Checking the status of SAL Gateway

About this task
You can trigger a status check of SAL Gateway in two ways:
• Manually from the SAL Gateway user interface.
• Automatically after a SAL Gateway restart.
Use this procedure to manually trigger the status check of SAL Gateway from the SAL Gateway
user interface.
Note:
Ensure that you commit all configuration changes before triggering a status check. If any
configuration changes are not yet applied, the status report might be incorrect.
Procedure
1. On the main menu of the SAL Gateway user interface, click Administration > Service
Control & Status.
2. On the Gateway Service Control page, click Check Health for the Gateway.
Result
The system displays a progress bar that indicates the extent of the status check in progress.
When the check is complete, the system displays the following message: The SAL Gateway
Health check is completed [time specified]. The report is available in
Health Reports page.
Next steps
View the generated status report in the Health Reports page.
Related links
Viewing a status report of SAL Gateway on page 153

January 2022 Administering Avaya Diagnostic Server SAL Gateway 152

Comments on this document? infodev@avaya.com
 SAL Gateway Health check

Viewing a status report of SAL Gateway

Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Health
Reports.
2. On the Health Reports page, in the Select Health Report field, select a report.
3. Click Display.
The system displays the selected report.
Related links
SAL Gateway health report on page 154

Exporting a status report of SAL Gateway

Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Health
Reports.
2. On the Health Reports page, in the Select Health Report field, select a report.
3. Click Export.
The system displays the File download window with the message: Do you want to
open or save this file?
4. Perform one of the following:
• Click Open to view the report.
• Click Save to save the file at a location you can browse.
Result
The system exports the report to the location you select.
Note:
If there is no status message to be displayed for a service or server, the locally saved report
displays the value as null. This null value is not an error condition, but just the absence of
any error message.
Related links
SAL Gateway health report on page 154

January 2022 Administering Avaya Diagnostic Server SAL Gateway 153

Comments on this document? infodev@avaya.com
Monitoring SAL Gateway status

SAL Gateway health report

You can use the Health Reports page to view the reports of the status checks run on SAL
Gateway.
Name Description
Select Health Report The list of status check reports generated.
You can select one of the available reports to view or export.

Button Description
Display Displays a selected status report.
Export Exports the status report to the local system as a .rpt file.

The SAL Gateway status report tabulates health status information under the following three
heads:
Name Description
Service/Server Name The name of the SAL services and servers whose operational status
the report provides.
The report displays the status information about the following SAL
services:
• SAL Agent
• Alarming
• Inventory
• Remote Access
• SAL SNMP Sub Agent
• Package Distribution
• SAL Watchdog
• SAL Managed Service Agent
The report displays the connectivity status information of the
following servers:
• Primary Core Server
• Primary Remote Server
• HTTP Proxy Server
• Policy Manager
• SAL Hosted Concentrator for BPs
Status The icons that indicates the operational status of a service and
connectivity status of a server.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 154

Comments on this document? infodev@avaya.com
 SAL Gateway Health check

Name Description
Status Message If the process to determine status fails, the reasons for the failure.
For example: IP Address of the host [secavaya.com]
could not be determined.
If the status indicates that the server is not configured, the system
displays the message: The server details are not
configured for SAL Gateway.

Note:
If there is no status message to be displayed for a service or
server, the locally saved report displays the value as null. This
null value is not an error condition, but just the absence of any
error message.

Icon Name Description

Service running For a service, indicates that the service is
running.
Or
For a server, indicates that SAL Gateway could
Connectivity verified
establish connection with the server.
Service not running For a service, indicates that the service is
stopped.
Or
For a server, indicates that an error occurred
Connection failed
while establishing connection with the server.
Not configured Indicates that the server details are not
configured for SAL Gateway communication.

Related links
Viewing a status report of SAL Gateway on page 153
Exporting a status report of SAL Gateway on page 153

January 2022 Administering Avaya Diagnostic Server SAL Gateway 155

Comments on this document? infodev@avaya.com
Chapter 16: SAL Gateway logs

SAL Gateway logging capabilities

SAL logging capabilities are useful to an Avaya technician or service personnel to remotely
troubleshoot SAL Gateway. Virtually, SAL Gateway logs all types of events. Using the SAL
Gateway logs, a user can determine the cause of an outage, track intermittent problems, or
analyze performance data.
The SAL Gateway UI provides the following capabilities for logs:
• View logs as wrapped lines in a tabular format or in the raw format.
• Filter the SAL Gateway logs by defining filter criteria.
• Export log files or filtered log data to the local system in the raw or CSV format to view and
analyze the logs offline.
Related links
Filtering logs using the advanced filter options on page 165
Viewing logs on page 158
Downloading logs on page 163
Filtering logs using the basic filter options on page 164

SAL Gateway logging

SAL Gateway consists of different components, each of which has its own logging mechanism. In
addition to syslog logging for SAL Gateway, all SAL components generate file-based logs using
the log4j framework for application related logging and follow common guidelines for layout and
format. The log4j framework uses a log4j.xml configuration file to configure various parameters
for logging.
For more information about syslog, see Syslog for SAL Gateway logging on page 168.
The following table contains a list of all log4j configuration files for different SAL Gateway
components.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 156

Comments on this document? infodev@avaya.com
 SAL Gateway logging

SAL component Log4j xml file

Gateway UI $INSTALL_PATH/GatewayUI/config/log4j.xml
SAL Agent $INSTALL_PATH/SpiritAgent/log4j.xml
SAL Watchdog $INSTALL_PATH/SALWatchdog/config/log4j.xml
Keystore Utility $INSTALL_PATH/KeystoreUtility/config/log4j.xml
SNMP SubAgent $INSTALL_PATH/SNMPSubAgent/config/log4j.xml
Managed services $INSTALL_PATH/SpiritAgent/config/logback.xml

The following table contains a list of all application logging files for different SAL Gateway
components.
SAL component Log files
Gateway web interface $INSTALL_PATH/GatewayUI/logging/gw-ui.log
$INSTALL_PATH/GatewayUI/logging/spirit-agent-
debug.log
$INSTALL_PATH/GatewayUI/logging/gcm-sec.log
$INSTALL_PATH/GatewayUI/logging/gcm-op.log
$INSTALL_PATH/GatewayUI/logging/gcm-debug.log
$INSTALL_PATH/GatewayUI/logging/gcm-audit.log
$INSTALL_PATH/GatewayUI/logging/ca-refresh-
diagnose.log
SAL Agent $INSTALL_PATH/SpiritAgent/logging/
spiritAgentAudit.log
$INSTALL_PATH/SpiritAgent/logging/
spiritAgentOperational.log
$INSTALL_PATH/SpiritAgent/logging/
spiritAgentSecurity.log
$INSTALL_PATH/SpiritAgent/logging/spirit.log

Remote access:
$INSTALL_PATH/SpiritAgent/logging/sal-ra-debug.log
Package deployment:
$INSTALL_PATH/SpiritAgent/logging/sal-pd-debug.log
Device data management:
$INSTALL_PATH/SpiritAgent/logging/sal-dd-debug.log
SAL Watchdog $INSTALL_PATH/SALWatchdog/logging/
SALWatchdogOperational.log
$INSTALL_PATH/SALWatchdog/logging/
SALWatchdogDebug.log
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 157

Comments on this document? infodev@avaya.com
SAL Gateway logs

SAL component Log files

Keystore utility $INSTALL_PATH/KeystoreUtility/logging/KUAudit.log
$INSTALL_PATH/KeystoreUtility/logging/KUDebug.log
$INSTALL_PATH/KeystoreUtility/logging/
KUOperational.log
$INSTALL_PATH/KeystoreUtility/logging/
KUSecurity.log
SNMP subagent $INSTALL_PATH/SNMPSubAgent/logging/SnmpAudit.log
$INSTALL_PATH/SNMPSubAgent/logging/SnmpDebug.log
$INSTALL_PATH/SNMPSubAgent/logging/
SnmpOperational.log
$INSTALL_PATH/SNMPSubAgent/logging/
SnmpSecurity.log
Managed services Open /var/log/openvpn and then $INSTALL_PATH/
SpiritAgent/logging/sal-ovpn-debug.log

Viewing logs
About this task
You can use the SAL Gateway UI to view the SAL Gateway logs. You can view logs to determine
the cause of an outage, track intermittent problems, or analyze performance data.
Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Log Viewer.
2. On the Log Viewer page, in the Categories field, select a log category.
The Log Files list displays the name of the available log files under the selected category.
3. In the Log Files field, select one or more log files.
To select multiple files, pressing Ctrl, click the files you want to view.
4. Click View.
The system displays the logs in a tabular format under the Tabular Result tab.
5. Click the Raw Result tab to view the logs in the raw format.
Related links
Log Viewer field descriptions on page 159

January 2022 Administering Avaya Diagnostic Server SAL Gateway 158

Comments on this document? infodev@avaya.com
 Log Viewer field descriptions

Log Viewer field descriptions

The page provides access to all activity logs of SAL Gateway components, such as SAL Gateway
UI, SAL Agent, SAL Watchdog, Remote Access Agent, and syslogs, and other logs generated by
SAL Gateway. You can use this page to view, filter, and download logs stored in SAL Gateway.
Log information section
Name Description
Categories Categories of the SAL Gateway log files.
You can select one of the following available log categories:
• All: To view all log files stored in SAL Gateway.
• KeyStore: To view log files corresponding to keystore activities.
• Remote access: To view the log files for remote access activities.
• SAL Agent: To view the log files for the SAL Agent activities.
• SAL UI: To view the log files for the SAL Gateway UI activities.
• SAL Watchdog: To view the log files for the SAL Watchdog
activities.
• SNMP SubAgent: To view the log files for the SNMP subagent
activities.
• Syslogs: To view syslogs.
• SAL PIR: To view the log files for SAL PIR activities.
Log Files Log files available under a selected log category. You can select one
or more log files from the list to view, filter, or download.

Filter section
Name Description
Select Filter The link to display the options and fields to set up the filter criteria.
Remove Filters The link to clear any filter criteria you have selected and hide the
filter section.
Basic The option to display the fields to specify one basic criteria to filter
the log data from the selected log files.
Advanced The option to display the fields and buttons to set up a filter
expression that can be a combination of two or more filter criteria
joined by the AND or OR operator.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 159

Comments on this document? infodev@avaya.com
SAL Gateway logs

Name Description
Criteria The filter criteria against which the log data are matched and filtered.
Some available options include:
• Text
• Date
• Host Name
• Process Name
• Process ID
The options in the drop-down list vary according to the availability of
the criteria fields in the selected log files. If you select multiple log
files, the drop-down list displays only those criteria that are common
to all the selected log files.
Operations The operator to join a selected criterion from the Criteria field to the
Value(s) field.
Based on the selected criterion, you can select one of the following
operators:
• Equals
• Contains
• Between
Examples:
Host Name Equals puvmlx.avaya.com
Text Contains puvmlx
Date Between 31-01-11 & 12-12-11
Value (s) The value of the selected criterion. The value is matched against the
data in the selected log files to filter the data.
If you select the filter criterion as Date, the system displays two fields
to enter a date range.
If you select the filter criterion as Log Level, the system displays a
drop-down list from which you can select a log level.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 160

Comments on this document? infodev@avaya.com
 Log Viewer field descriptions

Name Description
Filter Expression A combination of two or more filter criteria joined by the AND or the
OR operators. The system filters the log files to obtain only those log
data that satisfy the criteria in the filter expression. The system
evaluates a filter expression as a Boolean expression and the AND
operator takes precedence over the OR operator.
This field becomes available only when you select the Advanced
option.
Example filter expressions:
Host Name Equals puvmlx.avaya.com
And
Date Between 31-01-11 & 12-12-11
Host Name Equals puvmlx.avaya.com
Or
Text Contains puvmlx

The following buttons are available only when you select the Advanced option:
Button Description
Add Adds the filter criterion you define using the Criteria, Operations,
and Value (s) fields to the Filter Expression field.
You can add more than one criterion joined by the AND or the OR
operators to form a filter expression.
And Joins two filter criteria using the AND operator. The system extracts
only those log data that satisfy both the criteria that are joined by the
AND operator.
After you Add a criterion to the Filter Expression field, you can click
And to be able to define and add the next filter criterion.
Example filter expression joined by the AND operator:
Host Name Equals puvmlx.avaya.com
And
Date Between 31-01-11 & 12-12-11
Or Joins two filter criteria using the OR operator. The system extracts
only those log data that satisfy any one of the two criteria that are
joined by the OR operator.
Example filter expression joined by the OR operator:
Host Name Equals puvmlx.avaya.com
Or
Text Contains puvmlx
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 161

Comments on this document? infodev@avaya.com
SAL Gateway logs

Button Description
Group Groups two or more filter criteria together in the filter expression to
change the priority of the criteria during the evaluation of the filter
expression. You can select the criteria you want to group from the
Filter Expression field, and then click Group to group the criteria
together. The Filter Expression filed displays the grouped criteria
within simple brackets.
Example:
Host Name Equals puvmlx.avaya.com
Or
(
Date Between 31-01-11 & 12-12-11
And
Text Contains puvmlx
)
Ungroup Removes a grouping of criteria in a filter expression. To remove the
grouping, you can select the grouped criteria along with the closed
brackets that mark the grouping, and then click Ungroup. The
brackets that mark the grouping are removed.
Clear All Clears all filter criteria you have added to the Filter Expression
field.
Edit Enables you to modify a filter criterion selected from the Filter
Expression field.
When you select a particular filter criterion from the Filter
Expression field and click Edit, the system displays the parameters
for the criterion in the Criteria, Operations, and Value (s) fields. You
can modify the values in the fields, and then click Update to update
the Filter Expression field with the modified criterion.
Update Updates the filter expression with the modifications you have made
on a filter criterion that was already in the Filter Expression field.

The page displays the following additional buttons:

Button Description
View Displays the data of the selected log files in the Result section as
wrapped lines in a tabular format.
You can view the log data in the raw format by clicking the Raw
Result tab.
Filter Filters the selected log files according to the filter criteria you define
and displays the filtered log data in the Result section under the
Tabular Result tab as wrapped lines in a tabular format.
You can view the log data in the raw format by clicking the Raw
Result tab.
Download > Raw Downloads a ZIP file that contains the selected or filtered log files in
the raw format.
Download > CSV Downloads a ZIP file that contains the selected or filtered log files in
the CSV format.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 162

Comments on this document? infodev@avaya.com
 Downloading logs

Related links
Viewing logs on page 158
Downloading logs on page 163
Filtering logs using the basic filter options on page 164
Filtering logs using the advanced filter options on page 165

Downloading logs
About this task
You can download log files or filtered log data to the local system in the raw or CSV format to view
and analyze the logs offline. The downloaded log files are contained in a ZIP file.
Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Log Viewer.
2. On the Log Viewer page, in the Categories field, select a log category.
The Log Files list displays the name of the available log files under the selected category.
3. In the Log Files field, select one or more log files.
To select multiple files, pressing Ctrl, click the files you want to view.
4. If you want to download a subset of the selected log, click Select Filter, and specify the
filter criteria.
For more information about how to set the filter criteria, see the topics on filtering logs.
5. Perform one of the following:
• To download logs in the CSV format, click Download > CSV.
• To download logs in the raw format, click Download > Raw.
The system displays the File download dialog box.
6. Perform one of the following:
• To open the ZIP file that contains the log files, click Open.
• To save the ZIP file that contains the log files to a local directory, click Save.
Related links
Log Viewer field descriptions on page 159
Filtering logs using the basic filter options on page 164
Filtering logs using the advanced filter options on page 165

January 2022 Administering Avaya Diagnostic Server SAL Gateway 163

Comments on this document? infodev@avaya.com
SAL Gateway logs

Filtering logs using the basic filter options

About this task
Using the basic filter option, you can specify one filter criterion based on which the system filters
the logs.
Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Log Viewer.
2. On the Log Viewer page, in the Categories field, select a log category.
The Log Files list displays the name of the available log files under the selected category.
3. In the Log Files field, select one or more log files.
To select multiple files, pressing Ctrl, click the files you want to view.
4. Click Select Filter.
The page displays the options and fields to set up filter criteria. The default filter option is
Basic.
5. Perform the following to define a filter criterion:
a. In the Criteria field, select a filter criterion against which the log data are to be
matched and filtered.
The options in the drop-down list vary according to the availability of the criteria fields
in the selected log files. If you select multiple log files, the drop-down list displays only
those criteria that are common to all the selected log files.
b. In the Operations field, select an operator to join the selected criterion to a value.
c. In the Value (s) field, enter the value of the selected criterion. If you select the filter
criterion as Date, enter a data range in the two Value (s) fields. If you select the filter
criterion as Log Level, select a log level from the drop-down list.
The system matches the entered value against the data in the selected log files to
filter the log data.
6. Click Filter.
The system filters the selected log files according to the filter criteria you have set up and
displays the filtered log data under the Tabular Result tab as wrapped lines in a tabular
format.
7. To download the filtered log data to the local system, click Download > CSV or
Download > Raw.
Related links
Log Viewer field descriptions on page 159
Downloading logs on page 163

January 2022 Administering Avaya Diagnostic Server SAL Gateway 164

Comments on this document? infodev@avaya.com
 Filtering logs using the advanced filter options

Filtering logs using the advanced filter options

About this task
Using the advanced filter options, you can set up a filter expression that can be a combination of
two or more filter criteria joined by the AND or the OR operators. The system filters the log files to
obtain only those log data that satisfy the criteria in the filter expression. The system evaluates a
filter expression as a Boolean expression and the AND operator takes precedence over the OR
operator.
Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Log Viewer.
2. On the Log Viewer page, in the Categories field, select a log category.
The Log Files list displays the name of the available log files under the selected category.
3. In the Log Files field, select one or more log files.
To select multiple files, pressing Ctrl, click the files you want to view.
4. Click Select Filter.
The page displays the options and fields to set up filter criteria. The default filter option is
Basic.
5. Select Advanced.
The page displays additional fields and buttons to set up the advanced filter criteria.
6. Perform the following to define a filter criterion:
a. In the Criteria field, select a filter criterion against which the log data are to be
matched and filtered.
The options in the drop-down list vary according to the availability of the criteria fields
in the selected log files. If you select multiple log files, the drop-down list displays only
those criteria that are common to all the selected log files.
b. In the Operations field, select an operator to join the selected criterion to a value.
c. In the Value (s) field, enter the value of the selected criterion. If you select the filter
criterion as Date, enter a data range in the two Value (s) fields. If you select the filter
criterion as Log Level, select a log level from the drop-down list.
The system matches the entered value against the data in the selected log files to
filter the log data.
7. Click Add.
In the Filter Expression field, the new filter criterion is added in the following format:
<criterion> <operator> <value>
Example: Process ID Equals 1640

January 2022 Administering Avaya Diagnostic Server SAL Gateway 165

Comments on this document? infodev@avaya.com
SAL Gateway logs

8. To join another filter criterion with the existing criterion in the Filter Expression field, do
one of the following:
• To join two criteria by the AND operator, click And, and repeat Step 6 to Step 7.
• To join two criteria by the OR operator, click Or, and repeat Step 6 to Step 7.
You can repeat Step 8 to add more criteria to the filter expression.
9. To group two or more filter criteria together, from the Filter Expression field, select the
criteria you want to group, and click Group.
10. To remove a grouping of criteria in a filter expression, select the grouped criteria along with
the closed brackets that mark the grouping, and click Ungroup.
11. To modify a criterion definition in the Filter Expression field, perform the following:
a. Select the criterion in the Filter Expression field, and click Edit.
The system displays the parameters of the criteria in the Criteria, Operations, and
Value (s) fields.
b. Modify the values in the fields, and click Update.
The Filter Expression field displays the modified criterion definition.
12. Click Filter.
The system filters the selected log files according to the filter criterion you have set up and
displays the filtered log data under the Tabular Result tab as wrapped lines in a tabular
format.
13. To download the filtered log data to the local system, click Download > CSV or
Download > Raw.
Related links
Log Viewer field descriptions on page 159
Downloading logs on page 163

January 2022 Administering Avaya Diagnostic Server SAL Gateway 166

Comments on this document? infodev@avaya.com
Chapter 17: Syslog for SAL Gateway

Syslog overview
Syslog is the standard for forwarding log messages to event message collectors on an IP network.
Syslog encompasses the protocol for sending and collecting log messages. Event message
collectors are also known as syslog servers.
Syslog is a client-server protocol. The syslog sender sends small (less than 1KB) textual
messages to the syslog receiver. The syslog receiver is commonly called syslogd, syslog daemon,
or syslog server. Syslog is typically used for computer system management and security auditing.
Logging through syslog is a way of sending system information to a common collection site by
means of either UDP, or TCP/IP, or both. Product support personnel can analyze this information
to:
• Pinpoint system failures
• Pinpoint security breaches
• Analyze specific system events
Related links
Syslogd service on page 167
Uses of logging on page 168

Syslogd service
The syslogd service is a system service that co-ordinates the syslog activity of the host. Syslog
activity includes receiving, categorizing, and logging external log messages.SAL Gateway can
read the syslogd logs and process the logs with the event processor to provide alarming
capabilities for managed devices. Red Hat Enterprise Linux uses sysklogd as its syslogd
equivalent.
The ability to log events proves useful in several areas.
Related links
Syslog overview on page 167

January 2022 Administering Avaya Diagnostic Server SAL Gateway 167

Comments on this document? infodev@avaya.com
Syslog for SAL Gateway

Uses of logging
Logging can be used to:
• Benchmark new applications so that faults are more easily detected in the future.
• Troubleshoot existing applications.
The log messages help service personnel understand how the system is operating or if something
is wrong.
The syslog application is designed to take messages from multiple applications or devices, and
write the messages to a single location. Logging can be local or remote. You can set up most
systems to log messages to the system itself (local), or to log messages to a syslog server
residing at a different location (remote).
Related links
Syslog overview on page 167

Syslog for SAL Gateway logging

SAL Gateway uses syslog as the standard log management tool. SAL Gateway is set up as a
remote syslog host because remotely managed systems that support syslog are configured to
send their syslog records to the SAL Gateway syslog. The SAL Gateway syslog processes the log
messages for alarm events.
Syslog reserves facilities Local0 through Local7 for log messages received from remote servers
and network devices. SAL Gateway components generate log messages that use the syslog
facility codes reserved for local applications in the following manner.
• Operational log messages use facility LOCAL5. LOCAL5 is configured in the syslog.conf
configuration file to reach /var/log/SALLogs messages.
• Audit and security log messages use facility LOCAL4. LOCAL4 is configured in the
syslog.conf configuration file to reach/$SPIRITHOME/log/audit.
• Remote access logs use facility LOCAL0. LOCAL0 is configured in the syslog.conf
configuration file to reach /var/log/SALLogs/remoteAccess.log.
Using the syslog facility codes, you can route log records to files or storage locations that can be
treated separately as required.
Note:
As you can define LOCAL syslog facility codes, you might require to change the facility codes
if you are already using any of the three listed codes for some other purposes or applications.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 168

Comments on this document? infodev@avaya.com
 Syslog configuration

Syslog configuration
On RHEL 7.x and 8.x, you can configure the /etc/rsyslog.conf file to add the necessary
syslog rules to relocate the SAL-related logs.
Each rule consists of three fields: facility, priority and action.
• Facility identifies the subsystem that generated the log entry used and is one of the following:
Local0, Local4, or Local5.
• Priority defines the severity of the log entry to be written as:
Debug info notice warning err crit alert emerg
• Action specifies the destination log file or server for the log entry.
The SAL Gateway UI reads this file to determine the location of the log files that syslog creates.
SAL Gateway writes logs in two locations:
• The log files specific to the SAL Gateway components.
• Syslog: Syslogs makes it possible to have logs stored externally for any duration that the
customer wants.

Editing the syslog configuration file for SAL Gateway

About this task
To use syslog to store log messages from SAL Gateway, you must update the /etc/
rsyslog.conf file. During the installation, you can allow the installer to make the required
changes in the syslog configuration file automatically. If the installer did not enable syslog during
installation, use this procedure to configure syslog to store log message in the appropriate files.
Use this procedure to enable SAL Gateway to use syslog locally.
Procedure
1. Log on to the SAL Gateway host as the root user.
2. Open the /etc/rsyslog.d/salsyslog.conf file in a text editor.

Note:
Create a new file, if an existing file is not available.
3. Verify whether the file contains the following entries:
local4.* /var/log/SALLogs/audit.log
local5.* /var/log/SALLogs/messages.log

4. If the file does not contain the mentioned lines, add the lines to the file.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 169

Comments on this document? infodev@avaya.com
Syslog for SAL Gateway

5. To enable SAL Gateway syslog on the local server, open the /etc/rsyslog.conf file. Ensure
that the following lines are present in the file and are uncommented, that is, no pound (#)
sign remains at the start of the lines:
$ModLoad imudp
$UDPServerRun 514
$IncludeConfig /etc/rsyslog.d/*.conf

Note:
If any of these lines are missing, add the lines and update the file.
6. Save and close the file.
7. Restart the rsyslog service using the appropriate command from the following:
• On an RHEL 7.x and 8.x system:
systemctl restart rsyslog

Viewing syslogs
About this task
SAL logging capabilities are extremely useful to service personnel. Virtually anything that happens
on a SAL Gateway at any given time is, or can be, logged. This facility provides a user materials to
determine the cause of an outage, track intermittent problems, or simply analyze performance
data.
Procedure
1. On the main menu of the SAL Gateway user interface, click Diagnostics > Log Viewer.
2. On the Log Viewer page, in the Categories field, click Syslogs.
The Log Files list displays the name of the available syslog files.
3. In the Log Files field, select one or more syslog files.
To select multiple files, pressing Ctrl, click the files you want to view.
4. Click View.
The system displays the logs in a tabular format under the Tabular Result tab.
5. Click the Raw Result tab to view the logs in the raw format.
6. (Optional) To export logs, select the log files, and click Download > Raw or Download >
CSV.
Related links
Log Viewer field descriptions on page 159

January 2022 Administering Avaya Diagnostic Server SAL Gateway 170

Comments on this document? infodev@avaya.com
Chapter 18: SAL Gateway diagnostics

SAL Gateway diagnostics overview

SAL diagnostics are intended for the use of SAL users and service personnel. SAL Watchdog, a
SAL Gateway component also uses SAL diagnostics to ensure that all SAL Gateway components
operate as required.
SAL Gateway provides a diagnostics functionality to diagnose and verify SAL Gateway
communications to all other servers. With this diagnostic functionality, support personnel can
provide remote assistance conveniently. Using the diagnostics functionality, you can verify
communication with the following:
• SAL Core and Remote Server
• SAL Policy Manager with SSH Proxy
• Managed devices
• Components within the customer network
Note:
The diagnostics functionality of SAL Gateway only determines whether the network path to the
device is available, and whether the specified port is open on the target device.
The following are the benefits of the diagnostic functionality:
• You can use the diagnostics data to troubleshoot issues by yourselves.
• You can verify that the installations are trouble-free.
• Support personnel can use the diagnostics data to analyze issues and provide remote
assistance.

General concept of SAL diagnostics operation

SAL diagnostics consists of a series of tests within SAL Gateway. These tests determine whether
the gateway is operating properly, and provide detailed status information about the internal
components.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 171

Comments on this document? infodev@avaya.com
SAL Gateway diagnostics

Each test has the following identifiers:

• Component being tested
• Subsystem within that component
• TestName of the test
The results of a test include:
• A Status code that can be one of the following:
- OK: The results of the diagnostic test indicate there are no problems.
- NEEDS_REPAIR: The results of the diagnostic test indicate a condition that might be
resolved by the diagnostic system without needing a restart.
- NEEDS_RESTART: The results of the diagnostic test indicate a condition that requires a
restart for resolution.

Note:
The only corrective action needed is to restart SAL Gateway.
- NEEDS_ATTENTION: The results of the diagnostic test indicate a condition that might
need the attention of a support personnel.
The following situations might require corrective action.
- A configuration for SAL Gateway to collect inventory for a device that still awaits
installation: SAL Gateway must pause until the device becomes available.
Diagnostics cannot decipher your intent regarding the missing device.
- SAL Gateway cannot parse a configuration that contains a typographical error. This means
that a component is not functioning as expected. Diagnostics cannot correct this condition
by itself.
• A Description of the results of the test.
Multiple lines of descriptive text might exist in the description.
You should rarely see the Status values of NEEDS_REPAIR and NEEDS_RESTART.
Even if you see these status values, you do not require to take immediate action because the
Watchdog process automatically follows a planned series of corrective actions.
The Watchdog process retries these corrective actions up to six times at five-minute intervals.
Note:
If the system continues to display these status codes after 30 minutes, you must report the
fault to Avaya.
Status values of NEEDS_ATTENTION might be more common during routine operations of
SAL Gateway. However, you must be certain that you understand the cause of these
conditions and only leave such conditions unattended if you expect the conditions to correct
themselves in due course, for example, when a configured device is eventually deployed.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 172

Comments on this document? infodev@avaya.com
 Complete and annotated diagnostic output

Complete and annotated diagnostic output

Data transport component diagnostics

The following table provides the diagnostic output descriptions of the data transport component of
SAL Gateway:
Sub-System Test Status Description Interpretation
Statistics Check OK No messages delivered to This result indicates that no
upstream upstream enterprise messages are successfully
sending delivered to an enterprise
system after starting the
agent.
If this was not the case,
other descriptive text would
be available to indicate the
last delivery time.
Statistics Check NEEDS_ATTE Last delivery failure to This indicates a failure of
upstream NTION upstream enterprise the last attempt to send a
sending message ID 454 (- message upstream. The
>AgentHeartbeat@Avaya.co status message contains the
m., Enterprise-production): time and details of the
2009-05-13 14:45:51 UTC failure.
+1000
If the last attempt to deliver
a message succeeds, the
output indicates success.
Statistics Check NEEDS_ATTE Delivery failures to upstream This statistical output
upstream NTION enterprise within last 24 indicates the rate or day of
sending hours: 874 failed deliveries on a rolling
24–hour period.
Statistics Check OK No messages received from This particular result
upstream upstream enterprise indicates that no messages
receiving have been received from an
enterprise system since the
agent was started.
If this was not the case, then
other descriptive text would
be available to indicate the
last received time.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 173

Comments on this document? infodev@avaya.com
SAL Gateway diagnostics

Sub-System Test Status Description Interpretation

Statistics Check local OK No messages delivered This indicates that no
delivery locally messages have been
successfully delivered
locally between components
running in the agent, since
the agent was started.
This could be because of
errors.
Statistics Check delivery NEEDS_ATTE Last delivery failure This indicates a failure of
failure NTION message ID 454 (- the last attempt to deliver a
>AgentHeartbeat@Avaya.co message locally between
m., Enterprise-production): components running in the
2009-05-13 14:45:51 UTC agent, and the time and the
+1000 details of that failure.
If the last attempt to deliver
a message succeeds, the
output indicates success.
Statistics Check delivery NEEDS_ATTE Delivery failures within last This is statistical output,
failure NTION 24 hours: 437 indicating the rate/day of
failed local deliveries on a
rolling 24-hour period.
Statistics Check delivery NEEDS_ATTE Last delivery timeout Some messages to be
timeouts NTION message ID 558 (- delivered between SAL
>AgentHeartbeat@Avaya.co components are sent with
m., Enterprise-production): timeouts that trigger if the
2009-05-13 14:32:31 UTC messages are not delivered
+1000 in time. This message
indicates the last such
timeout that occurred.
Statistics Check delivery NEEDS_ATTE Delivery timeouts within last This is statistical output,
timeouts NTION 24 hours: 4 indicating the rate or day of
timed out message
deliveries in a rolling 24-
hour period.
Statistics Check OK No messages with invalid SAL messages are sent to
message destinations SAL component
destination destinations.
If you ever see reports of
messages with invalid
destinations, the reports
probably indicate a
programming or
configuration error that
should be reported to
Avaya.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 174

Comments on this document? infodev@avaya.com
 Complete and annotated diagnostic output

Sub-System Test Status Description Interpretation

Statistics Check OK No messages discarded Some messages indicate
discarded that timeout might be
messages eligible to be discarded,
depending on their priority
and the available disk space
for message queuing.
The sample description
shown indicates that no
messages have been
discarded.
Statistics Check disk OK Disk quota not exceeded The sample description
quota shown indicates the disk
quota has not been
exceeded since the agent
started.
If the message queue on the
disk exceeds its configured
size limit, an output here
indicates when this last
occurred.
If the quota is exceeded,
then some messages will be
discarded based on priority.
Persistence Load OK TransportComponent loaded A failure here indicates a
properties: persistent properties file: hardware problem, most
persisted_ids. persisted_ids.properties likely with the disk.
properties
Persistence Store OK TransportComponent stored A failure here indicates a
properties: persistent properties file: hardware problem, most
persisted_ids. persisted_ids.properties likely with the disk.
properties
Persistence Load OK TransportComponent loaded A failure here indicates a
properties: persistent properties file: hardware problem, most
pending_acks. pending_acks.properties likely with the disk.
properties
Persistence Store OK TransportComponent stored A failure here indicates a
properties: persistent properties file: hardware problem, most
pending_acks. pending_acks.properties likely with the disk.
properties
Persistence Load OK TransportComponent loaded A failure here indicates a
properties: persistent properties file: hardware problem, most
connection_st connection_status.propertie likely with the disk.
atus.propertie s
s
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 175

Comments on this document? infodev@avaya.com
SAL Gateway diagnostics

Sub-System Test Status Description Interpretation

Persistence Store OK TransportComponent stored A failure here indicates that
properties: persistent properties file: a hardware problem might
connection_st connection_status.propertie be present, most likely with
atus.propertie s the disk.
s
Persistence Load OK TransportComponent loaded A failure here indicates that
messages persistent message ID 543: a hardware problem might
0000000000000543.xml: be present, most likely with
SPIRITAgentMessageTrans the disk.
port@localhost-
>AgentHeartbeat@Avaya.co
m., Enterprise-production
Persistence Store OK TransportComponent stored A failure here indicates that
messages non-persistent message ID a hardware problem might
559: be present, most likely with
0000000000000559.xml: the disk.
SPIRITAgentMessageTrans
port@localhost-
>AgentHeartbeat@Avaya.co
m., Enterprise-production
Persistence Delete OK TransportComponent A failure here indicates that
message deleted non-persistent a hardware problem might
message ID 558: be present, most likely with
0000000000000558.xml the disk.
Persistence Check thread OK Cleanup thread is running This status message
status indicates that the thread that
sends timeout notifications
and discards timeout
notifications is operational.
Delivery:Agent Check thread OK Thread for Each component has a
ConfigUpdate status 'AgentConfigUpdate@localh thread.
@localhost ost' is running
This message indicates that
a thread to deliver
messages to a particular
component is operational.
Delivery:Agent Check local OK Delivery for This message indicates that
ConfigUpdate delivery status 'AgentConfigUpdate@localh a thread to deliver
@localhost ost' is working messages to a particular
component is in process,
and SAL Gateway
successfully sent the last
message to the component.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 176

Comments on this document? infodev@avaya.com
 Complete and annotated diagnostic output

Sub-System Test Status Description Interpretation

Connection:@ Check thread OK Thread for '@Avaya.com., A thread is present for every
Avaya.com., status Enterprise-production' is enterprise destination. This
Enterprise- running row is repeated for each of
production the destinations.
The message indicates that
a running thread is present
for the delivery of messages
upstream.
Connection:@ Check local NEEDS_ATTE Delivery for '@Avaya.com., A thread is present for every
Avaya.com., delivery status NTION Enterprise-production' enterprise destination. This
Enterprise- message ID 454 failed: row is repeated for each of
production java.net.ConnectException: the destinations.
Connection refused
The message indicates
whether the thread is
working.
In this case, the thread
failed because its
connections to the
enterprise were refused.
Connection:@ Check local OK Delivery for '@avaya.com., This messages indicates
Avaya.com., delivery status Enterprise-production' that there was a delay
Enterprise- delaying before handling before SAL Gateway
production next message attempted to send the next
message because delivery
of the previous message
failed.
Connection:@ Checking OK Agent tethered to Enterprise This message indicates that
Avaya.com., connection platform 'Avaya.com., the agent is configured to
Enterprise- status Enterprise-production' exchange messages with
production the enterprise. You can
configure agents to stop
exchanging messages.

Heartbeat component diagnostics

Sub-System Test Status Description Interpretation
StartedStopped Started/ OK Running This status message
Stopped indicates that the heartbeat
Status processing is enabled.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 177

Comments on this document? infodev@avaya.com
SAL Gateway diagnostics

Sub-System Test Status Description Interpretation

HeartbeatTimin HeartbeatSent OK Last heartbeat sent at This status message
gs Info 2009-05-13 14:33:32 UTC indicates that the heartbeat
+1000 is being processed
successfully and displays
the time of the last
heartbeat.
If heartbeats failed to get
sent, the status would be
NEEDS_ATTENTION and the
description says Last
heartbeat failed.
The diagnostics message
also gives a description of
the exception-to- connection
details.

Managed Services Agent Component diagnostics

Sub-System Test Status Description Interpretation
RMM Server RMM OK RMM Server is reachable Running
Connectivity
Check
IP Forwarding IP Forwarding OK IP Forwarding Rule is Running
Status enabled
Managed Managed OK Running Running
Services Client Services
Client Status
IPTable IPTable Status OK IPTable Service is running Running
Services

Configuration change component diagnostics

Sub-System Test Status Description Interpretation
StartedStopped Started/ OK Running _
Stopped
Status

January 2022 Administering Avaya Diagnostic Server SAL Gateway 178

Comments on this document? infodev@avaya.com
 Complete and annotated diagnostic output

NmsConfig component diagnostics

Sub-System Test Status Description Interpretation
StartedStopped Started/ OK Running
Stopped
Status

ProductConfig component diagnostics

The following table provides the diagnostic output descriptions of the ProductConfig component of
SAL Gateway:
Sub-System Test Status Description Interpretation
StartedStopped Started/ OK Running Running
Stopped
Status

Inventory component diagnostics

The following table provides the diagnostic output descriptions of the inventory component of SAL
Gateway:
Sub-System Test Status Description Interpretation
StartedStopped Started/ OK Running Running
Stopped
Status
Connection to Connectivity OK Pass Socket test succeeded
TCP ports Success/
Failure
Connection via Connectivity OK Pass ProductCLI test completed
Product-CLI Success/ successfully
Failure
Connection via Connectivity OK Fail ProductCLI connection to
Product-CLI Success/ the device could not be
Failure established because
authentication failed.
Connection via Connectivity OK Fail ProductCLI connection to
Product-CLI Success/ the device could not be
Failure established because there
was no route to the host.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 179

Comments on this document? infodev@avaya.com
SAL Gateway diagnostics

Sub-System Test Status Description Interpretation

Connection via Connectivity OK Fail ProductCLI connection to
Product-CLI Success/ the device could not be
Failure established because there
was no defined datasource.

Alarming component diagnostics

The following table provides the diagnostic output descriptions of the Alarming component of SAL
Gateway:
Sub-System Test Status Description Interpretation
StartedStopped Started/ OK Running This component tells you
Stopped whether the Alarming
Status component is On or Off. If
the component is Off, you
see the description as: Not
Running.

StartedStopped CollectionMan OK Collection Manager thread This thread manages all the
agerThread operational alarm listeners. The thread
could be stopped if the
alarming component is
stopped. The description will
then be: Collection
Manager thread
stopped.
StartedStopped CollectionMan OK CollectionManager has been This component is the class
ager created that owns and starts the
manager thread mentioned
earlier. This component
could be non-existent if the
alarming component is
stopped. The description will
then be: Collection
Manager not created.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 180

Comments on this document? infodev@avaya.com
 Complete and annotated diagnostic output

Sub-System Test Status Description Interpretation

StartedStopped CollectionMan OK Started at: 2009-05-13 This is the component which
ager 13:29:31 UTC+1000 tells you when the Alarming
component started and
displays the time when the
Alarming component was
started. If the alarming
component is stopped, the
description will have the
time when the component
was stopped, for example,
Stopped at:
2009-05-12 12:56:09
UTC+1000.
StartedStopped AlarmSource: OK Started. This component tells you
SnmpAlarmSo whether the SnmpAlarm is
urce enabled or disabled - this
gets set in the
SPIRITAgent_1_0_Alarm
ingConfig_orig.xml. If
the value is set to True, then
the SNMPAlarmSource will
be shown in the diagnostics
and will indicate Started. If
the value is False, then the
SnmpAlarmSource
component should not figure
in the diagnostics printout.
StartedStopped AlarmSource: OK Listener thread running. This means that the SNMP
SnmpAlarmSo Alarm Listener is listening.
urce See description in the cell
above.
StartedStopped AlarmSource: OK Started. This component is also
IpInadsAlarmS enabled/disabled in the
ource SPIRITAgent_1_0_Alarm
ingConfig_orig.xml file
StartedStopped AlarmSource: OK Listener thread running. This thread shows whether
IpInadsAlarmS the component is listening
ource for IP or IPINADS.
StartedStopped AlarmSource: OK Started. This is similar to the earlier
IpInadsAlarmS StartedStopped component,
ource except that this component
shows whether the IPINADS
CMS Alarming component is
enabled/started.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 181

Comments on this document? infodev@avaya.com
SAL Gateway diagnostics

Sub-System Test Status Description Interpretation

StartedStopped AlarmSource: OK Listener thread running. This is the listener thread for
IpInadsAlarmS the IpInadsAlarmSource
ource CMS component.
AlarmEventTim EventProcess OK No Events No alarm event was sent to
ings orAlarmHandl the Enterprise. If an alarm
er event was sent, this
message would have the
date and time.
AlarmEventTim EventProcess OK No Events No log event was sent to the
ings orLogAlarmHa Enterprise. If a log event
ndler was sent, this message
would have the date and
time.
AlarmEventTim EventProcess OK No Events No NMS event was sent to
ings orNmsHandler the Enterprise. If an NMS
event was sent, this
message would have the
date and time.
AlarmEventTim SnmpAlarmPr OK No Alarms SNMP alarm listener has
ings ocessor not received any alarm. If
the listener had, then this
message would show the
date and time.
AlarmEventTim IpInadsAlarmP OK No Alarms IP or IINADS alarm listener
ings rocessor has not received any alarm.
If the listener had, then this
message would show the
last date and time.

Agent management component diagnostics

The following table provides the diagnostic output descriptions of the agent management
component of SAL Gateway:
Sub-System Test Status Description Interpretation
StartedStopped Started/ OK Running This status message
Stopped indicates that a component
Status is running.
StartedStopped Started/ OK Started at: 2009-05-13 The start time of the Agent
Stopped 13:29:31 UTC+1000 Management component.
Status

January 2022 Administering Avaya Diagnostic Server SAL Gateway 182

Comments on this document? infodev@avaya.com
 Complete and annotated diagnostic output

CLINotification component diagnostics

The following table provides the diagnostic output descriptions of the CLINotification (Command
Line Notification) component of SAL Gateway:
Sub-System Test Status Description Interpretation
StartedStopped Started/ OK Running The Command Line
Stopped Notification component is
Status operational.

LogManagement component diagnostics

The following table provides the diagnostic output descriptions of the log management
(LogManagement) component of SAL Gateway:
Sub-System Test Status Description Interpretation
StartedStopped Started/ OK Running The log management
Stopped component is operational.
Status

LogForwarding component diagnostics

The following table provides the diagnostic output descriptions of the log forwarding
(LogForwarding) component of SAL Gateway:
Sub-System Test Status Description Interpretation
StartedStopped Started/ OK Running The log forwarding
Stopped component is operational.
Status

Connectivity test component diagnostics

The following table provides the diagnostic output descriptions of the connectivity test component
of SAL Gateway:

January 2022 Administering Avaya Diagnostic Server SAL Gateway 183

Comments on this document? infodev@avaya.com
SAL Gateway diagnostics

Sub-System Test Status Description Interpretation

ConnectivityTe Initialization OK Connectivity Test The Connectivity Test
sterSelfTest Status Component Initialised OK. component is operational.
Using Port Test Provider
Classes:
com.avaya.spirit.gw.diagnost
ics.RemoteAccessConnectiv
ityPortProvider,
com.avaya.spirit.agent.diagn
ostics.InventoryPortProvider,

LinuxDiagnostic component diagnostics

The following table provides the diagnostic output descriptions of the data transport component of
SAL Gateway:
Sub-System Test Status Description Interpretation
Operating Operating OK Linux version 2.6.18-8.el5 This test just provides a
System System (brewbuilder@ls20- basic set of version
bc2-14.build.redhat.com) information that will allow
(gcc version 4.1.1 20070105 Avaya service personal to
(Red Hat 4.1.1-52)) #1 SMP determine whether the
Fri Jan 26 14:15:21 EST agent is running in a
2007 Red Hat Enterprise compatible operating
Linux Server Release 5 environment.
(Tikanga) java -version
1.5.0_14
Java(TM) 2 Runtime
Environment, Standard
Edition (build 1.5.0_14-b03)
Java HotSpot(TM) Client
VM (build 1.5.0_14-b03,
mixed mode, sharing)

Additional information that diagnostics returns

The complete result of a full diagnostics request also returns some additional information related
to the operating system environment. You can view the following information on the SAL Gateway
Web interface:
• SPIRIT versions
• Environment variables
• Uptime
• Installed RPMs

January 2022 Administering Avaya Diagnostic Server SAL Gateway 184

Comments on this document? infodev@avaya.com
 Complete and annotated diagnostic output

• Loaded Kernel modules

• CPU
• CPU history
• Current memory
• Swap history
• Drivers
• Devices
• Network configuration
• Network routes
• Network connections
• Firewall rules
• Runlevel
• Service runlevels
• Services
• Disk usage
• Mounted filesystems
• Running processes
Note:
Additionally, you can run the bin/os-diagnostics.pl script from the CLI of your SAL
Gateway host to obtain the mentioned diagnostics information related to the OS environment.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 185

Comments on this document? infodev@avaya.com
Chapter 19: Decommissioning SAL
Gateway

Checklist for decommissioning SAL Gateway

When you decommission a SAL Gateway instance, you must follow a proper process. Incomplete
or incorrect steps to stop SAL Gateway might result in Missed Heartbeat (MHB) alarms being
generated by Concentrator Core Server.
Important:
Decommissioning of SAL Gateway affects the servicing of Avaya products that were managed
by SAL Gateway. For any enquiry, contact Avaya Support.
Use the following checklist to decommission SAL Gateway:
No. Task Description

1 Stop all services on SAL Gateway. Log on to the SAL Gateway host as the root
user, and stop the following services:
• spiritAgent
• gatewayUI
For example, run the following command to
stop the spiritAgent service:
service spiritAgent stop
Run the following command to check the
status of the services and ensure that the
services are not running:
service <servicename> status
2 Uninstall SAL Gateway. See Deploying Avaya Diagnostic Server.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 186

Comments on this document? infodev@avaya.com
Chapter 20: Troubleshooting

Troubleshooting for restore operations

Restore operation fails with a high severity

The restore operation fails, and the SAL Gateway UI displays the following message:
The restore operation failed. SAL-GW configuration may be corrupted.
Please check the SAL-GW UI log for details in the View Logs or from the
console. Please first fix the problem then to roll backward, please
select the rollback file Or to roll forward select the same restore
point and re-initiate the restore operation again.
The message indicates that the severity of the restore failure is high. The chances are high that
the SAL Gateway configuration files are corrupted due to the failure. The SAL Gateway state
might be affected, and the SAL Gateway services might not function properly.

Restore operation fails with a low severity

The restore operation fails and the SAL Gateway UI displays the following error message:
The restore operation could not proceed. (Do not worry! The system is
not affected). Please check the SAL-GW UI log for details in the View
Logs or from the console.
The message indicates that the severity of the restore failure is low. The failure does not affect the
SAL Gateway configuration. SAL Gateway remains in the original state before the restore
operation.

Restore operation is stopped abruptly

The SAL Gateway UI displays the following message:
Previous restore operation was aborted abruptly. It is highly advisable
to initiate the restore process again and let it complete.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 187

Comments on this document? infodev@avaya.com
Troubleshooting

The message indicates that the system or a user might have stopped the restore operation
abruptly before the operation is complete. The restore operation might also be accidentally
stopped when someone stops the gatewayUI JVM from the backend.
The impact of this event on the SAL Gateway depends on the stage at which the restore operation
is stopped. If the restore operation was in an advanced stage when the operation was stopped,
some SAL Gateway configuration files might get overwritten.

Troubleshooting for inventory operations

Inventory-related exceptions in SAL Gateway logs

You can use the SAL Gateway logs to investigate and troubleshoot inventory collection issues. All
logs for the inventory collection process display the event code O_AG-IN, where O represents
operational logs, AG represents SAL Gateway, and IN represents inventory.
The following table presents the inventory-related exceptions that the log files are likely to display.

Exception Severity Probable cause Resolution

Exception while verifying Non Fatal • A possibility is that the • Verify whether the
redundant Gateways product for which the redundancy needs to be
information such as exception is displayed checked for inventory.
permissions and location does not have the /tmp
• Otherwise, correct the
of redundancy inventory directory where the
model to turn redundancy
information files. redundant inventory
off.
information file is kept.
• Provide the read/write
• The SAL log-in user
permission to the SAL log-
does not have the read
in user.
and write permission.
• Analyze the exception trace
in the debug log against this
event code if the problem
persists despite the earlier
resolution.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 188

Comments on this document? infodev@avaya.com
 Troubleshooting for inventory operations

Exception Severity Probable cause Resolution

Exception while updating Non Fatal • A possibility is that the • Verify whether the
redundant gateways product for which the redundancy needs to be
information exception is displayed checked for inventory.
does not have the /tmp
• Correct the model to turn
directory where
redundancy off.
redundant inventory
information file is kept. • Provide the read/write
permission to the SAL log-
• Or the SAL log-in user
in user.
does not have the read/
write permission. • Analyze the exception trace
in the debug log against this
event code if the problem
persists despite the earlier
resolution.
Exception while Fatal This exception is a general See earlier logs to get the
processing collected exception during inventory exact cause of the exception.
inventory processing.
Exception while delivering Fatal • Enterprise-SAL Gateway • Check whether the
the inventory to the connectivity might be Enterprise Server
Enterprise down. parameters are properly
configured in
• SAL Gateway may not
DataTransportConfig
be properly configured to
file.
communicate to the
Enterprise or site server. • Check whether the SAL
Gateway configuration
parameters are properly
configured in the
BaseAgentConfig file.
• Check whether the network
connectivity of the host
machines where the
Enterprise server and SAL
Gateway are running. The
host machines should be
reachable by means of the
DNS names of the hosts.
• Analyze the exception trace
in the debug log against this
event code, if the problem
persists despite the earlier
resolution.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 189

Comments on this document? infodev@avaya.com
Troubleshooting

Exception Severity Probable cause Resolution

Exception while storing Fatal • Local inventory storage The storage location can be
inventory locally location is unavailable. found in the
InventoryConfig file.
• The write permission is
unavailable for the SAL • Configure the inventory
user. storage location in the
InventoryConfig file.
• Provide the write
permission to SAL user for
that inventory storage
location path.
• Analyze the exception trace
in the debug log against this
event code, if the problem
persists despite the earlier
resolution.
Exception while collecting Fatal • The product for which • Check whether the SAL
inventory by means of the exception is Gateway residing on the
SNMP displayed might not device is functioning
support SNMP. properly.
• The OID specified to • Verify whether the SNMP
query is incorrect. Agent residing on the
product is capable of
responding through SNMP
queries.
• For OID related issues:
Check whether the
inventory data source is
configured properly on
models. You cannot do this
configuration using the SAL
Gateway UI. Support
personnel must do this
manually.
• Analyze the exception trace
in the debug log against this
event code, if the problem
persists despite the earlier
resolution.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 190

Comments on this document? infodev@avaya.com
 Troubleshooting for inventory operations

Exception Severity Probable cause Resolution

Exception while deleting Non fatal The output file of the This is probably a permission
temporary file from remote inventory command is issue.
device deleted from the product
• Check for the file
after inventory is collected.
permission. Give the file the
write permission by running
the chmod command.
• Analyze the exception trace
in the debug log against this
event code, if the earlier
suggested resolution
proves ineffective.
Exception in establishing Fatal SAL Gateway cannot • Check network connectivity
connection from the connect to the product to and the credentials to
remote device collect inventory. access the product.
• Analyze the exception trace
in the debug log against this
event code if the problem
persists despite the
resolution suggested
earlier.
Failed to register inventory Fatal The error is related to data • Restarting the SAL
collection request handler transport component. Gateway should resolve the
issue.
• Analyze the exception trace
in the debug log against this
event code if the problem
persists despite the
resolution suggested
earlier.
Failed to de-register Non fatal The error is related to data • Restarting the SAL
inventory collection transport component. Gateway should resolve the
request handler issue.
• Analyze the exception trace
in the debug log against this
event code if the problem
persists despite the
resolution suggested
earlier.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 191

Comments on this document? infodev@avaya.com
Troubleshooting

Exception Severity Probable cause Resolution

Initialization failed for local Fatal • LocalLevelMapping. • Verify whether the
level mappings cer file in the inventory LocalLevelMapping.ce
home directory is invalid r file is available in the
or corrupted owing to GATEWAY_HOME_DIR/
manual intervention. inventorydirectory.

Note: • This file cannot be

recovered after the file is
This file should not corrupted. In that case,
be edited manually. support personnel are
• If you want to edit this requested to delete the
file, you must take a existing
LocalLevelMapping.ce
backup of the file.
r file and manually
configure the local
mappings by means of the
SAL Gateway UI.
Failed to Initialize Fatal Inventory scheduler task • Check the status of the SAL
scheduler task start failed. Gateway service.
• Restarting the service
should resolve the issue.
• Analyze the exception trace
in the debug log against this
event code if the problem
persists despite the
resolution suggested
earlier.
Inventory module stop Non fatal Non fatal
failed
Failed to stop scheduler Non fatal Non fatal
task
Restarting inventory Fatal Inventory scheduler task Restart SAL Gateway if the
module failed start failed. problem persists and then
check the log for more
details.
Restarting scheduler task Fatal Inventory scheduler task Restarting SAL Gateway
failed start failed. should resolve the issue.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 192

Comments on this document? infodev@avaya.com
 Troubleshooting for inventory operations

Exception Severity Probable cause Resolution

Exception while running Fatal Inventory scheduler task • Check the status of SAL
scheduler task start failed. Gateway service.
• Restart SAL Gateway if the
problem persists and then
check the log for more
details.
• Check the log file for more
exceptions.
Exception while sending Fatal Data Transport error. • Check the status of SAL
the inventory request to Gateway service.
the inventory module
• Restart SAL Gateway if the
problem persists and then
check the log for more
details.
• Check the log file for more
exceptions.
Exception while initializing Fatal • Check the status of SAL
inventory collection thread Gateway service.
• Restart SAL Gateway if the
problem persists and then
check the log for more
details.
• Check the log file for more
exceptions.
Inventory processing Fatal General exception. • Check the status of SAL
failed Gateway service.
• Check log file for more
exceptions.
Exception during file Non fatal After the inventory • Check the availability and
transfer. collection command from access control of the
the data source is command output file.
Retry will be attempted.
executed, the output file of
• Provide read and write
the command is
permissions to the output
downloaded to the
file by executing the chmod
gateway.
command. This exception is
This exception indicates non- fatal as the system
that the collected output retries the file transfer after
file could not be retrieved. an exception.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 193

Comments on this document? infodev@avaya.com
Troubleshooting

Exception Severity Probable cause Resolution

Exception while deleting Non fatal The output file of the • Check for the availability of
temporary file from the inventory command is the command output file
remote device using the deleted from product after and the access control.
rm command inventory is collected. This
• Provide the write
is probably a permission
permission to the output file
issue. The exception is not
by executing the chmod
a fatal one.
command.

Related links
Viewing inventory log files on page 89

Troubleshooting for SAL Gateway diagnostics

Exceptions related to SAL Gateway diagnostics

The following table provides the list of exceptions that might occur in the diagnostics test reports
for SAL Gateway. Along with the exception descriptions, the table contains the resolutions or
actions to be taken in case of such exceptions.
Test Exception Probable reason Resolution
Data Transport component diagnostics
Check upstream sending Failure to send This might be owing to Check the following:
messages upstream to network faults or
• SAL Data Transport
the SAL Core server incorrect configuration.
configuration, URL,
over the HTTPS
and proxy settings.
connection.
• Tethered State
• If these network
configurations seem
correct, check if your
network is active by
using a browser to
remotely access other
Avaya servers.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 194

Comments on this document? infodev@avaya.com
 Troubleshooting for SAL Gateway diagnostics

Test Exception Probable reason Resolution

Check upstream Failure to receive Not receiving messages Check the following:
receiving messages from the from the upstream SAL
• SAL Data Transport
upstream SAL Core Core server over its
configuration, URL,
server over its HTTPS HTTPS connection for
and proxy settings.
connection. some time is common. If
you expect that • Tethered State
configuration changes or
• If these network
other similar messages
configurations seem
should have been
correct, check if your
received and this
network is active by
diagnostics has not
using a browser to
changed, then check for
remotely access other
network faults or
Avaya servers.
incorrect configuration.
Check local delivery Failure to deliver This exception indicates You must contact your
messages between local a serious failure of the Avaya support team for
components within SAL SAL Gateway software. assistance.
Gateway in other than a
freshly installed system.
Check delivery failure Failure to deliver This exception indicates You must contact your
messages between local a serious failure of the Avaya support team for
components within SAL SAL Gateway software. assistance.
Gateway in other than a
freshly installed system.
Check delivery timeouts The “Upstream Sending” In the event of this Take corrective actions
diagnostic indicates that exception, you probably as appropriate.
messages are being need to assess whether
sent and yet these the network between
Check Delivery Timeout SAL Gateway and the
diagnostics indicate upstream SAL Core
messages are being server at Avaya is
timed out. having intermittent faults
or is possibly just very
slow.
Check message Messages with invalid If you ever see reports of Contact your Avaya
destination destinations. messages with invalid support team.
destinations, the
messages probably
indicate a programming
or configuration error.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 195

Comments on this document? infodev@avaya.com
Troubleshooting

Test Exception Probable reason Resolution

Check discarded Exception relating to If messages are being Check whether unusual
messages messages being discarded owing to disk rates of alarms are
discarded. space limitations, the reported or whether the
issue might be because network connection is
the rate of messages to faulty, slow, wrongly
be delivered upstream is configured, or
greater than the network deliberately untethered.
bandwidth that has been
accessible recently.
Check disk quota Disk quota has been If the disk quota has Check whether unusual
exceeded. been exceeded, then rates of alarms are
messages will be reported or whether the
discarded. network connection is
faulty, slow, or wrongly
configured.
Persistence Exceptions related to All of the Persistence • Check if the disk is full.
Persistence. problems relate to a If so, cleanup to create
failure to write data to more free space or
disk. The disk is most buy a larger disk.
likely either full or faulty.
• If the disk free space is
ok and the problem
persists, perform
hardware system
diagnostics using local
O/S utilities to
determine the fault.
Check thread status Thread is not running. In all of these 'Check • Re-run the diagnostics
Thread Status' after about 1 to 2
diagnostic results, if the minutes. If the problem
diagnostic report persists, contact your
indicates that the thread Avaya service
is not running, the representative.
diagnostics and
• If this fault occurs
watchdog systems will
regularly, even if the
automatically attempt to
system corrects the
restart the thread.
problem automatically,
contact your Avaya
service representative.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 196

Comments on this document? infodev@avaya.com
 Troubleshooting for SAL Gateway diagnostics

Test Exception Probable reason Resolution

Check local delivery Exception relating to All 'Check local delivery • If the failure coincided
status local delivery status. status' diagnostics are with a Check Thread
similar to the 'Status/ Status diagnostic
Check Local Delivery' failure, follow the
diagnostics, except that action advice for that
if this test indicates a exception.
problem, the problem
• If not, contact your
definitively lies with the
Avaya Service
component that is
representative.
supposed to read the
message. This might
coincide with a Check
Thread Status diagnostic
failure.
Checking connection ‘Tethered’ state different The ‘tethered’ state is If the diagnostics
status from the expected one. configuration controlled. indicates a state different
from what you expect,
then use the
configuration in the
command line to change
that.
HeartBeat component diagnostics
Heartbeat Timings HeartBeat messages are If the diagnostics • Check the diagnostics
information not being sent. indicates that HeartBeat for the upstream
messages are not being connection or delivery
sent, the issue might be failures first, and take
because of the upstream actions described for
connection or delivery such exceptions.
failures.
• If the previous actions
do not work, visit http://
support.avaya.com to
create a service
request.
Configuration Change component diagnostics
Started Stopped status Unexpected Started or All 'StartedStopped' If components are
Stopped status. diagnostics are about stopped unexpectedly,
components in SAL you can start the
Gateway. Components stopped components
might be deliberately set using the command line
into a stopped or started configuration utility.
state.
Inventory component diagnostics
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 197

Comments on this document? infodev@avaya.com
Troubleshooting

Test Exception Probable reason Resolution

Connection to TCP ports Failure to connect to This test failure means The corrective action is
TCP ports. that no TCP-level access to fix the network fault or
to the device is possible fix the configured device
from SAL Gateway. You IP and port information.
could confirm this
access issue using a
PING utility or some
other similar utility.
Connection through Failure of ProductCLI to ProductCLI connection The Avaya support
Product-CLI connect to the device. to the device could not personnel need to
be established because correct the registration of
the authentication failed. the device so that the
inventory collection
process is able to use
the correct credentials to
access the device.
Connection through Product-CLI failed to ProductCLI connection The Avaya support
Product-CLI connect to the device to the device could not personnel need to
be established because correct the registration of
there was no route to the the device so that the
host. inventory collection
process is able to use
the correct credentials to
access the device.
Connection through ProductCLI fails to ProductCLI connection Check for any firewall
Product-CLI connect to the device. to the device could not issue between SAL
be established because Gateway and the device.
there was no route to the
host. If this fails and the
'Connection To TCP
Ports' test does not, then
probably a firewall issue
exists between SAL
Gateway and the device
that needs correcting.
Alarm component diagnostics
Started/Stopped Status Exception relating to The Started/Stopped You have the choice to
Started/Stopped Status. state is set as a matter decide whether you want
of configuration in the the Alarm component
command line utility. functionality to be active.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 198

Comments on this document? infodev@avaya.com
 Troubleshooting for SAL Gateway diagnostics

Test Exception Probable reason Resolution

CollectionManagerThrea CollectionManagerThrea If the Started/Stopped The Alarm component
d d is not operational. Status for the Alarm should auto-restart.
component is Running, However, if the condition
but persists, contact your
CollectionManagerThrea Avaya Service
d is not operational, this representative.
indicates a fault.
CollectionManager CollectionManager is not If the Started/Stopped The Alarm component
operational. Status for the Alarm should auto-restart.
component is Running, However, if the condition
but CollectionManager is persists, contact your
not operational, this Avaya Service
indicates a fault. representative.
AlarmSource: SnmpAlarmSource not — If SnmpAlarmSource is
SnmpAlarmSource started. not started and you want
to start this component,
then change the setting
in
SPIRITAgent_1_0_Al
armingConfig.xml
and restart the Alarm
component using the
command line utility.
AlarmSource: AlarmSource:SnmpAlar If the Auto-restart of the
SnmpAlarmSource mSource is not “Listener AlarmSource:SnmpAlar component should most
thread running.” mSource status is likely auto-correct the
Started and is not problem.
Listener thread
If the problem persists,
running, this indicates
contact your Avaya
a fault.
Services representative.
AlarmSource: IpInadsAlarmSource is — If IpInadsAlarmSource is
IpInadsAlarmSource not started. not started and you want
to start the component,
then change the setting
in
SPIRITAgent_1_0_Al
armingConfig.xml
and restart the Alarm
component using the
command line utility.
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 199

Comments on this document? infodev@avaya.com
Troubleshooting

Test Exception Probable reason Resolution

AlarmEventTimings Error related to These diagnostics are No action is required.
AlarmEventTimings informational only. These exception
messages have value in
tracking down problems
with alarms from devices
that are not appearing in
management systems
where you expect the
alarms to appear.
Agent Mgmt component diagnostics
StartedStopped AgentMgmt component If the AgentMgmt If such a fault is more
is not started. component is not than transient during
started, then nothing startup and shutdown of
else can be because SAL Gateway, then
AgentMgmt is the contact your Avaya
component that starts all Services representative.
of the others.
CLINotification component diagnostics
StartedStopped CLINotification The CLINotification If the CLINotification
component unavailable. component should component is not
always be available. available, the component
might be auto-restarted
shortly.
If the problem persists,
contact your Avaya
Services representative.
LogManagement component diagnostics
StartedStopped LogManagement The LogManagement If the LogManagement
component unavailable. component should component is not
always be available. available, the component
might be auto-restarted
shortly.
If the problem persists,
contact your Avaya
Services representative.
LogForwarding component diagnostics
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 200

Comments on this document? infodev@avaya.com
 Troubleshooting for SAL Gateway diagnostics

Test Exception Probable reason Resolution

StartedStopped LogForwarding The LogForwarding If the LogForwarding
unavailable. component should component is not
always be available. available, the component
might be auto-restarted
shortly.
If the problem persists,
contact your Avaya
Services representative.
ConnectivityTest component diagnostics
Initialization Status ConnectivityTest The ConnectivityTest If the ConnectivityTest
component unavailable. component should component is not
always be available. available, the component
might be auto-restarted
shortly.
If the problem persists,
contact your Avaya
Services representative.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 201

Comments on this document? infodev@avaya.com
Chapter 21: Resources

Documentation
The following table lists the documents related to Avaya Diagnostic Server. Download the
documents from the Avaya Support website at http://support.avaya.com.
Title Description Audience
Implementation
Deploying Avaya Diagnostic Server Describes the implementation requirements Sales engineers,
and procedures to deploy the Avaya solution architects,
Diagnostic Server software. implementation
engineers, and
customers
Deploying SAL Policy Manager with Describes the implementation requirements Solution architects,
SSH Proxy and procedures to deploy the SAL Policy implementation
Manager with SSH Proxy software. engineers, support
personnel, and
customers
Administration
Administering Avaya Diagnostic Provides information about configuring and Solution architects,
Server with SLA Mon™ administering Avaya Diagnostic Server for implementation
the remote diagnostics of Avaya endpoints engineers, support
and network condition monitoring through personnel, and
the SLA Mon server. customers
Administering SAL Policy Manager Provides information about configuring, Solution architects,
with SSH Proxy administering, and using SAL Policy implementation
Manager with SSH Proxy to control and engineers, support
monitor remote sessions to Avaya products personnel, and
at the customer site. customers
Other
Avaya Diagnostic Server Additional Provides information on the additional Implementation
Security Configuration Guidance measures that you can take on the Avaya engineers, support
Diagnostic Server host to meet customer personnel, and
security requirements and policies. customers
Table continues…

January 2022 Administering Avaya Diagnostic Server SAL Gateway 202

Comments on this document? infodev@avaya.com
 Viewing Avaya Mentor videos

Title Description Audience

Avaya Diagnostic Server Port Matrix Provides information on the ports and Implementation
sockets that Avaya Diagnostic Server engineers, support
components use. You can use this personnel, and
information to configure your firewall customers
according to your requirements and
policies.

Related links
Finding documents on the Avaya Support website on page 203

Finding documents on the Avaya Support website

Procedure
1. Go to https://support.avaya.com.
2. At the top of the screen, type your username and password and click Login.
3. Click Support by Product > Documents.
4. In Enter your Product Here, type the product name and then select the product from the
list.
5. In Choose Release, select an appropriate release number.
6. In the Content Type filter, click a document type, or click Select All to see a list of all
available documents.
For example, for user guides, click User Guides in the Content Type filter. The list
displays the documents only from the selected category.
7. Click Enter.
Related links
Documentation on page 202

Viewing Avaya Mentor videos

Avaya Mentor videos provide technical content on how to install, configure, and troubleshoot
Avaya products.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 203

Comments on this document? infodev@avaya.com
Resources

About this task

Videos are available on the Avaya Support website, listed under the video document type, and on
the Avaya-run channel on YouTube.
• To find videos on the Avaya Support website, go to https://support.avaya.com/ and do one of
the following:
- In Search, type Avaya Mentor Videos, click Clear All and select Video in the Content
Type.
- In Search, type the product name. On the Search Results page, click Clear All and select
Video in the Content Type.
The Video content type is displayed only when videos are available for that product.
In the right pane, the page displays a list of available videos.
• To find the Avaya Mentor videos on YouTube, go to www.youtube.com/AvayaMentor and do
one of the following:
- Enter a key word or key words in the Search Channel to search for a specific product or
topic.
- Scroll down Playlists, and click a topic name to see the list of videos available for the topic.
For example, Contact Centers.

Note:
Videos are not available for all products.

Support
Go to the Avaya Support website at https://support.avaya.com for the most up-to-date
documentation, product notices, and knowledge articles. You can also search for release notes,
downloads, and resolutions to issues. Use the online service request system to create a service
request. Chat with live agents to get answers to questions, or request an agent to connect you to a
support team if an issue requires additional expertise.
Related links
Using the Avaya InSite Knowledge Base on page 204

Using the Avaya InSite Knowledge Base

The Avaya InSite Knowledge Base is a web-based search engine that provides:
• Up-to-date troubleshooting procedures and technical tips
• Information about service packs
• Access to customer and technical documentation

January 2022 Administering Avaya Diagnostic Server SAL Gateway 204

Comments on this document? infodev@avaya.com
 Support

• Information about training and certification programs

• Links to other pertinent information
If you are an authorized Avaya Partner or a current Avaya customer with a support contract, you
can access the Knowledge Base without extra cost. You must have a login account and a valid
Sold-To number.
Use the Avaya InSite Knowledge Base for any potential solutions to problems.
1. Go to http://www.avaya.com/support.
2. Log on to the Avaya website with a valid Avaya user ID and password.
The system displays the Avaya Support page.
3. Click Support by Product > Product Specific Support.
4. In Enter Product Name, enter the product, and press Enter.
5. Select the product from the list, and select a release.
6. Click the Technical Solutions tab to see articles.
7. Select relevant articles.
Related links
Support on page 204

January 2022 Administering Avaya Diagnostic Server SAL Gateway 205

Comments on this document? infodev@avaya.com
Appendix A: Applying a software update
manually

About this task

From Avaya Diagnostic Server 2.0 onwards, SAL Gateway downloads the latest software updates of
Avaya Diagnostic Server, including major, minor, and service pack releases, automatically from
Avaya Data Center. If you activate the Automatic Software Update feature in SAL Gateway, SAL
Gateway installs the software updates automatically after a grace period. If you do not activate the
Automatic Software Update feature, you must apply the software updates manually through the SAL
Gateway web interface or by running the installer script from the CLI.
This procedure provides the generic steps to apply a software update by manually running the
installer script from the CLI.
Important:
This procedure contains generic steps to install a software update by manually running the
installer script. For the exact installation steps, see the email notification you received about the
software update.
Procedure
1. Log on to the Avaya Diagnostic Server host as the root user.
2. Go to the folder path where the software update of Avaya Diagnostic Server was
downloaded.
For the folder path where the software update was downloaded, see the email notification
you receive about the download status of the software update.
3. Extract the downloaded software package.
You can use the following command to extract the files in the package:
tar —xvf <filename>
The extracted folder contains the install.sh script and other related files.
4. Change the permissions of the files in the software package to executable.
For example, you can run the following command to give executable permissions to the
install.sh file:
find . -name "*.sh" -exec chmod a+x {} \;

January 2022 Administering Avaya Diagnostic Server SAL Gateway 206

Comments on this document? infodev@avaya.com
 5. Run the install.sh script using one of the following two methods to install the software
update:
• To run the installer in the unattended mode:
./install.sh –unattended
• To run the installer in the attended mode:
./install.sh –attended

January 2022 Administering Avaya Diagnostic Server SAL Gateway 207

Comments on this document? infodev@avaya.com
Appendix B: SAL Gateway MIB and SNMP
traps

SNMP MIB for SAL Gateway

SAL Gateway defines its own application-specific MIB. This MIB contains the definition of
managed objects that SAL Gateway provides to a network management tool, such as NMS or
NMC. The MIB also defines the traps SAL Gateway sends.
You can find the SAL Gateway MIB file at the following location:
<SAL_Gateway_Install_Dir>/SNMPSubAgent/config
For example, if you installed SAL Gateway at the default path, /opt/avaya/SAL/gateway, the
MIB file location is /opt/avaya/SAL/gateway/SNMPSubAgent/config.

SNMP traps that SAL Gateway generates

The SAL Gateway software can produce SNMP. These traps represent events that are possible
within the SAL Gateway itself. If you have traps sent to an NMS, you can use the list of SNMP
traps to plan how the NMS responds to events.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 208

Comments on this document? infodev@avaya.com
 SNMP traps that SAL Gateway generates

SAL Gateway can generate the following traps. All traps use the INADS MIB. SAL Gateway sends
these traps to the configured NMSs.
• SAL Gateway received an alarm from a product that is not registered in the configuration file
for supported products.
- o xxxxxxxxxx 10/09:28,EOF,ACT|ALARMING,UNKNOWN-
DEVICE,n,WRN,$ipaddr is not a supported device;
• EventProcessorAlarmHandler received a message that had no body.
- o xxxxxxxxxx 10/09:31,EOF,ACT|
ALARMING,ALMFAILED,n,MAJ,EventProcessorAlarmHandler Received
Message Containing No Body.
• A trap decoding exception occurred in the EventProcessorAlarmHandler.
- o xxxxxxxxxx 10/09:31,EOF,ACT|ALARMING,ALMFAILED,n,MAJ,
EventProcessorAlarmHandler encountered an SnmpDecodingException.
• A trap encoding exception occurred in the EventProcessorAlarmHandler.
- o xxxxxxxxxx 10/09:31,EOF,ACT|ALARMING,ALMFAILED,n,MAJ,
EventProcessorAlarmHandler encountered an SnmpEncodingException.
• AFM variables could not be added to a trap.
- o xxxxxxxxxx 10/09:31,EOF,ACT|ALARMING,ALMFAILED,n,MAJ, Could not
add AFM varbinds to alarm. Alarm not delivered to Enterprise.
• EventProcessorNmsHandler received a message that had no body.
- o 10/09:31,EOF,ACT|
ALARMING,ALMFAILED,n,MAJ,EventProcessorNmsHandler Received Message
Containing No Body.
• A trap decoding exception occurred in the EventProcessorNmsHandler.
- o xxxxxxxxxx 10/09:31,EOF,ACT|ALARMING,ALMFAILED,n,MAJ,
EventProcessorNmsHandler encountered an SnmpDecodingException.
• The SAL Gateway CLI changed the configuration.
- o xxxxxxxxxx 10/09:49,EOF,ACT|SPIRIT,CONFIG-CHANGE,n,WRN,CLI
changed configuration.
• Heartbeat failed.
- o xxxxxxxxxx 10/09:53,EOF,ACT|SPIRIT,HB-FAILED,n,MAJ,$message from
exception.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 209

Comments on this document? infodev@avaya.com
SAL Gateway MIB and SNMP traps

SNMP traps that SAL Watchdog generates

• Restarting application
INFO message from SAL Watchdog | Watchdog: Attempting
$applicationName restart.
• Excessive restart threshhold exceeded
SEVERE message from SAL Watchdog | Watchdog: Excessive restart
threshold exceeded for $applicationName - checking paused.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 210

Comments on this document? infodev@avaya.com
Glossary

AgentX Agent Extensibility Protocol

Alarm An Avaya-specific XML message wrapper around a trap.

Alarm ID A 10-digit numeric field where the first two digits indicate the product
family and the remaining numbers are a sequential assignment created
by ART. For example, 1012345678. The Product ID and Alarm ID are
exactly the same number.

Authentication The process of proving the identity of a particular user.

Authorization The process of permitting a user to access a particular resource.

Avaya Aura® A key component of Avaya Aura®. It delivers rich voice and video
Communication capabilities and provides a resilient, distributed network for media
Manager gateways and analog, digital, and IP-based communication devices. It
includes advanced mobility features, built-in conference calling, contact
center applications and E911 capabilities.

Avaya Diagnostic Avaya Diagnostic Server is an Avaya application suite to provide secure
Server remote access and advanced diagnostics services on the customer
network.
The terms Avaya Diagnostic Server and Diagnostic Server are used
interchangeably.

Call Management An application that enables customers to monitor and manage

System telemarketing centers by generating reports on the status of agents,
splits, trunks, trunk groups, vectors, and VDNs. Call Management System
(CMS) enables customers to partially administer the Automatic Call
Distribution (ACD) feature.

Command Line A text-based interface for configuring, monitoring, or operating an

Interface element. Command Line Interface (CLI) is often supported over RS-232,
telnet, or SSH transport.

Credential ASG key, password, or SNMP community string.

Credential Package Package containing ASG keys and Passwords from Avaya back-office.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 211

Comments on this document? infodev@avaya.com
Glossary

Demilitarized Zone In computer networking, DMZ is a firewall configuration for securing local
(DMZ) area networks (LANs).

Domain Name A hierarchical distributed naming system for computers, services, or any
System (DNS) resource connected to the Internet or a private network. A DNS resolves
queries for domain names into IP addresses for the purpose of locating
computer services and devices worldwide.

eToken A USB-based FIPS-140 certified smart card which stores a user’s

certificates and corresponding private keys. The private keys of the X.509
certificates on the eToken are usually protected by a pass phrase.

Graphical User A type of user interface which allows people to interact with a computer
Interface (GUI) and computer-controlled devices, which employ graphical icons, visual
indicator or special graphical elements along with text or labels to
represent the information and actions available to a user.

Internet Engineering A technical working body of the Internet Activities Board. Internet
Task Force Engineering Task Force (IETF) develops new TCP/IP standards for the
Internet.

Lightweight A data store used to store user information such as name, location,
Directory Access password, group permissions, and pseudo permissions.
Protocol

Managed Element A managed element is a host, device, or software that is managed

through some interface.

Product ID A 10-digit numeric field where the first two digits indicate the product
family and the remaining numbers are a sequential assignment created
by ART. For example, 1012345678. The Product ID and Alarm ID are
exactly the same number.

Public Key An authentication scheme that uses exchange of certificates which are
Infrastructure (PKI) usually stored on a fob. The certificates use asymmetric public key
algorithms to avoid sending shared secrets such as passwords over the
network. Certificates are usually generated and signed by a certificate
authority (CA) such as VeriSign. CAs and the signing certificates have
expiry dates, and all can be revoked. Authentication with certificates
requires verification that the certificate is valid, that the client sending the
certificate possesses the private key for the certificate, that the certificate
is signed by a trusted certificate authority, that the certificate and its
signers have not expired and that the certificate and signers have not
been revoked. Checking a certificate for revocation requires looking up
the certificate in a Certificate Revocation List (CRL) or querying an Online
Certificate Status Protocol (OCSP) service.

January 2022 Administering Avaya Diagnostic Server SAL Gateway 212

Comments on this document? infodev@avaya.com
 Secure Socket Layer (SSL)

Secure Socket Layer A protocol developed by Netscape to secure communications on the

(SSL) Transport layer. SSL uses both symmetric and public-key encryption
methods.

Solution Element ID The unique identifier for a device-registered instance of a Solution

(SE ID) Element Code. This is the target platform which is being remotely
serviced or accessed by this solution. Solution Elements are uniquely
identified by an ID commonly known as Solution Element ID or SEID in
the format (NNN)NNN-NNNN where N is a digit from 0 to 9. Example:
Solution Element ID (000)123-5678 with solution element code S8710.

Transport Layer A protocol based on SSL 3.0, approved by IETF.

Security (TLS)

January 2022 Administering Avaya Diagnostic Server SAL Gateway 213

Comments on this document? infodev@avaya.com
Index
A checklist
decommissioning of SAL Gateway .............................186
accessing CIM ...................................................................................... 78
SAL Gateway web interface ......................................... 22 client certificate
adding importing ..................................................................... 114
managed elements ....................................................... 54 CLINotification component
NMS ..............................................................................49 diagnostics output .......................................................183
administrator responsibilities ............................................... 18 collecting inventory on demand ........................................... 88
agent management component configuration ...................................................................... 169
diagnostics output .......................................................182 configuration change component
alarm component diagnostics output .......................................................178
diagnostics output .......................................................180 configuration changes
alarming ............................................................................... 16 applying ........................................................................ 51
apply software update configuration file
immediately .................................................................119 exporting .....................................................................147
applying configuration changes ........................................... 51 viewing ........................................................................147
ASG credentials ...................................................................79 Configuration Viewer
automatic software update ................................................. 117 field descriptions .........................................................148
enable ......................................................................... 118 configure solution element ID
Automatic Software Update page ...................................... 122 SAL Gateway ..........................................................26, 27
automatic solution element ID generation ........................... 25 configuring
Avaya support website .......................................................204 Business Partner .......................................................... 37
device SNMP v3 credentials .........................................67
NMS ..............................................................................44
B OCSP and CRL .......................................................... 105
backing up configuration data ............................................126 proxy server ..................................................................31
Backup Configuration page SAL Gateway ................................................................29
field descriptions .........................................................128 SAL Policy Manager ..................................................... 39
BP configuration page ......................................................... 36 SMTP server .................................................................41
browser requirements .......................................................... 20 SNMP subagent ........................................................... 50
bulk importing ...................................................................... 70 confirming
Business Partner download and application of certificates ..................... 113
configuration ................................................................. 37 connectivity test component
diagnostics output .......................................................183
Core Server ......................................................................... 15
C configuration ................................................................. 34
Core Server page
CA certificate replacement ................................................. 112
field descriptions ...........................................................34
CA certificates
creating
install ...........................................................................112
redundant SAL Gateways .............................................93
capacity
role mapping .................................................................98
SAL Gateway UI ........................................................... 19
credentials for inventory collection .......................................79
standalone SAL Gateway ............................................. 14
Avaya provided ............................................................. 79
certificate authority .............................................................108
editing ........................................................................... 82
certificate management
user-defined credentials ............................................... 81
importing ..................................................................... 111
CRL ....................................................................................105
uploading .................................................................... 109
configuring .................................................................. 105
Certificate Management page
CRL settings
field descriptions .........................................................109
editing ......................................................................... 106
certificates
viewing ........................................................................108
changing link ID ................................................................... 39 D
checking
SAL Gateway status ................................................... 152 data transport component

January 2022 Administering Avaya Diagnostic Server SAL Gateway 214

Comments on this document? infodev@avaya.com
 Index

data transport component (continued) exceptions

diagnostics output .......................................................173 inventory related ......................................................... 188
DataSource ..........................................................................76 SAL Gateway diagnostics ...........................................194
decommissioning SAL Gateway ........................................ 186 exporting
deleting configuration file ......................................................... 147
certificate .....................................................................110 diagnostics report ....................................................... 145
local role mapping ...................................................... 104 inventory report .............................................................88
managed element .........................................................63 managed element .........................................................63
NMS ..............................................................................50 SAL Gateway status report .........................................153
role mapping ...............................................................101 exporting certificates .......................................................... 111
Device SNMP v3 Credentials page
field descriptions ...........................................................68
devices
F
importing .......................................................................70 factory settings ................................................................... 110
diagnostic report field description ....................................................................36
viewing ........................................................................145 field descriptions
diagnostics output Automatic Software Update page ...............................122
agent management component ..................................182 Backup Configuration page ........................................ 128
alarm component ........................................................180 Certificate Management page .................................... 109
CLINotification component ......................................... 183 Configuration Viewer .................................................. 148
configuration change component ............................... 178 Core Server page ......................................................... 34
connectivity test component ....................................... 183 Device SNMP v3 Credentials page .............................. 68
data transport component ...........................................173 Diagnostics Viewer ............................................. 146, 148
heartbeat component ..................................................177 Gateway Configuration page ........................................ 30
inventory component .................................................. 179 Gateway Service Control page ...................................141
LinuxDiagnostic component ....................................... 184 Health Reports page ...................................................154
LogForwarding component .........................................183 HTTP/SOCKS Proxy Server page ................................32
LogManagement component ......................................183 Import and Configure Devices page ............................. 72
managed services agent component ..........................178 Import Client Certificate page ..................................... 113
NmsConfig component ............................................... 179 Inventory support page .................................................82
OS environment ..........................................................184 live remote connection ................................................151
ProductConfig component .......................................... 179 Log Viewer page .........................................................159
diagnostics report Managed Element Configuration page ......................... 59
exporting .....................................................................145 Managed Element page ............................................... 57
Diagnostics Viewer Map local group names to SAL Gateway roles page . 103
field descriptions .................................................146, 148 Model Distribution Preferences page ..........................116
document changes .............................................................. 10 Network Management Systems page ...........................45
download and application of certificates OCSP/CRL configuration ............................................106
confirming ................................................................... 113 Policy Manager page ....................................................40
downloading logs ............................................................... 163 Redundant Gateways ................................................... 94
Remote Server page .................................................... 36
E Restore page .............................................................. 133
SMTP Configuration page ............................................ 42
editing SNMP Subagent Configuration page ........................... 51
credentials for inventory collection ............................... 82 filtering logs
local role mapping ...................................................... 103 advanced filter options ................................................165
managed element configuration ................................... 62 basic filter option .........................................................164
NMS details .................................................................. 49
OCSP settings ............................................................ 106
SAL Gateway configuration .......................................... 29
G
editing syslog configuration file Gateway Configuration page
for SAL Gateway ........................................................ 169 field descriptions ...........................................................30
enable Gateway link ID change .......................................................38
automatic software update ..........................................118 Gateway Service Control page
enabling field descriptions .........................................................141
inventory collection ....................................................... 85
example ............................................................................... 95

January 2022 Administering Avaya Diagnostic Server SAL Gateway 215

Comments on this document? infodev@avaya.com
Index

H live remote connection (continued)

field descriptions .........................................................151
Health Reports page local role mapping
field descriptions .........................................................154 deleting ....................................................................... 104
heartbeat component editing ......................................................................... 103
diagnostics output .......................................................177 local user groups to roles
home page mapping ......................................................................102
SAL Gateway ................................................................20 Log Viewer page
HTTP/SOCKS Proxy Server page field descriptions .........................................................159
field descriptions ...........................................................32 LogForwarding component
diagnostics output .......................................................183
Logging .............................................................................. 168
I logging on to SAL Gateway UI
Import and Configure Devices page using a certificate or e-token ........................................ 23
field descriptions ...........................................................72 logging on to SAL Gateway user interface
Import Client Certificate page using local credentials .................................................. 23
field descriptions ......................................................... 113 logging out ........................................................................... 24
importing LogManagement component
managed elements ....................................................... 64 diagnostics output .......................................................183
importing certificate ............................................................ 114
importing certificates .......................................................... 111 M
importing devices .................................................................70
InSite Knowledge Base ......................................................204 managed element
install certificate adding to SAL Gateway ................................................54
proxy server ..................................................................33 configuration requirement .............................................53
installing CA certificates ..................................................... 112 deleting ......................................................................... 63
inventory editing configuration ..................................................... 62
collecting on demand ....................................................88 exporting from SAL Gateway ........................................63
diagnostics ....................................................................90 importing to SAL Gateway ............................................64
exceptions .................................................................. 188 Managed Element Configuration page
inventory collection field descriptions ...........................................................59
enabling ........................................................................ 85 Managed Element page
overview ....................................................................... 76 field descriptions ...........................................................57
using Avaya-provided credentials .................................79 managed services
using user-defined credentials ......................................81 viewing configuration .................................................. 138
inventory collection process .................................................76 managed services agent component
inventory component diagnostics output .......................................................178
diagnostics output .......................................................179 Managed Services Configuration .......................................139
inventory log files Managed services configuration overview .........................138
viewing ..........................................................................89 management
inventory report local roles ................................................................... 101
data elements ............................................................... 87 managing
exporting .......................................................................88 SAL Gateway services ............................................... 140
viewing ..........................................................................87 Map local group names to SAL Gateway roles page
inventory service field descriptions .........................................................103
starting ..........................................................................86 mapping
stopping ........................................................................ 86 local user groups to roles ........................................... 102
Inventory support page roles for organizational unit .......................................... 99
field descriptions ...........................................................82 roles to organizations ................................................... 98
MIB
SAL Gateway ..............................................................208
L model application indicators ...............................................116
link ID change ...................................................................... 39 model distribution
link ID modification ...............................................................39 preference configuration ............................................. 115
LinuxDiagnostic component model distribution preferences ........................................... 115
diagnostics output .......................................................184 Model Distribution Preferences page
live remote connection field descriptions ......................................................... 116

January 2022 Administering Avaya Diagnostic Server SAL Gateway 216

Comments on this document? infodev@avaya.com
 Index

modifying remote access ..................................................................... 16

NMS details .................................................................. 49 Remote Server .....................................................................15
Remote Server page
field descriptions ...........................................................36
N removing
Network Management Systems page redundancy of SAL Gateways ...................................... 96
field descriptions ...........................................................45 resetting certificates ........................................................... 110
NMS restoration ..........................................................................131
adding ...........................................................................49 restore
configuring .................................................................... 44 failing with high severity ..............................................187
deleting ......................................................................... 50 failing with low severity ............................................... 187
editing details ................................................................49 operation stopped abruptly ......................................... 187
NMS server ..........................................................................43 restore history
NmsConfig component viewing ........................................................................137
diagnostics output .......................................................179 Restore page
field descriptions .........................................................133
restoring
O data from an SFTP host server using the CLI ............ 136
SAL Gateway configuration data using CLI ................135
OCSP .................................................................................105
restoring SAL Gateway configuration data
configuring .................................................................. 105
using UI ...................................................................... 132
OCSP settings
reviewing
editing ......................................................................... 106
SAL Core Server .......................................................... 34
OCSP/CRL configuration
Reviewing
field descriptions .........................................................106
SAL Remote Server ......................................................35
overview ...............................................................................36
role mapping
inventory collection ....................................................... 76
creating .........................................................................98
PKI ................................................................................98
deleting ....................................................................... 101
SAL Gateway ................................................................14
updating ......................................................................100
SAL Gateway administration ........................................ 25
roles for organizational units
SAL Gateway status monitoring ................................. 144
mapping ........................................................................99
syslog ......................................................................... 167
roles to organizations
mapping ........................................................................98
P running
SAL Gateway diagnostics ...........................................144
PKI
overview ....................................................................... 98
PKI configuration ................................................................. 97 S
Policy Manager .................................................................... 16
SAL architecture .................................................................. 16
Policy Manager page
SAL Core Server ..................................................................15
field descriptions ...........................................................40
SAL diagnostics ................................................................. 171
ProductConfig component
SAL Gateway .....................................................................126
diagnostics output .......................................................179
automatic solution element ID generation .................... 25
proxy server
backup ........................................................................ 125
configuring .................................................................... 31
configuring .................................................................... 29
proxy server certificate .........................................................33
decommissioning ........................................................186
Proxy Server page
home page ....................................................................20
field descriptions ...........................................................32
logging ........................................................................ 156
logging capabilities ..................................................... 156
R overview ....................................................................... 14
redundancy ...................................................................91
redundant gateways ............................................................ 95 restoring configuration data using UI ..........................132
Redundant Gateways syslog logging .............................................................168
field descriptions ...........................................................94 viewing status ............................................................. 151
redundant SAL Gateway web interface ................................................................ 19
upgrade ........................................................................ 91 SAL Gateway administration ............................................... 25
related documentation ....................................................... 202 SAL Gateway backup

January 2022 Administering Avaya Diagnostic Server SAL Gateway 217

Comments on this document? infodev@avaya.com
Index

SAL Gateway backup (continued) SNMP traps (continued)

scheduling .................................................................. 127 by SAL Gateway .........................................................208
SAL Gateway configuration by SAL Watchdog ....................................................... 210
editing ........................................................................... 29 SNMP v3 credentials
SAL Gateway diagnostics ..................................................171 configuring .................................................................... 67
exceptions .................................................................. 194 software update
running ........................................................................144 apply immediately ....................................................... 119
SAL Gateway health report ................................................154 apply manually ............................................................206
SAL Gateway logging ........................................................ 156 scheduling for later ..................................................... 120
SAL Gateway logging capabilities ..................................... 156 view details ................................................................. 123
SAL Gateway MIB ............................................................. 208 solution element ID generation ............................................ 25
SAL Gateway redundancy starting
creating .........................................................................93 inventory service ...........................................................86
removing .......................................................................96 STC ......................................................................................15
SAL Gateway services stopping
managing ....................................................................140 inventory service ...........................................................86
SAL Gateway solution element ID support ...............................................................................204
configure manually ....................................................... 26 syslog .................................................................................169
generate automatically ................................................. 27 overview ..................................................................... 167
SAL Gateway status viewing ........................................................................170
checking ..................................................................... 152 syslog configuration file
SAL Gateway status monitoring editing for SAL Gateway .............................................169
overview ..................................................................... 144 syslog logging .................................................................... 168
SAL Gateway status report syslogd service .................................................................. 167
exporting .....................................................................153
viewing ........................................................................153
SAL Gateway truststore
T
uploading certificate ....................................................109 troubleshooting
SAL Gateway UI diagnostics-related exceptions ................................... 194
browser requirements ...................................................20 inventory-related exceptions .......................................188
capacity ........................................................................ 19
SAL Gateway web interface
accessing ......................................................................22 U
SAL model in inventory collection ........................................77
updating
SAL Policy Manager
role mapping ...............................................................100
configuring .................................................................... 39
upgrade of redundant SAL Gateway ................................... 91
SAL Policy Manager with SSH Proxy .................................. 16
uploading certificate ...........................................................109
SAL Remote Server .............................................................15
user names and passwords .................................................79
configuration ................................................................. 35
uses ................................................................................... 168
scheduling a backup .......................................................... 127
using local credentials ......................................................... 23
scheduling automatic software update .............................. 120
searching
registered devices ...................................................... 150 V
Secure Tunnel Connector .................................................... 15
set preferences videos ................................................................................ 203
for automatic software update .....................................118 viewing
setting backup history ............................................................ 130
model distribution preferences ....................................115 certificates .................................................................. 108
SMTP Configuration page field descriptions ........................42 configuration file ......................................................... 147
SMTP server diagnostic report ......................................................... 145
configuring .................................................................... 41 inventory log files ..........................................................89
SNMP modes .......................................................................70 inventory report .............................................................87
SNMP subagent restore history .............................................................137
configuring .................................................................... 50 SAL Gateway status report .........................................153
SNMP Subagent Configuration page syslog ......................................................................... 170
field descriptions ...........................................................51 viewing logs ....................................................................... 158
SNMP traps viewing Managed services configuration details ................138

January 2022 Administering Avaya Diagnostic Server SAL Gateway 218

Comments on this document? infodev@avaya.com
 Index

viewing SAL gateway status .............................................. 151

January 2022 Administering Avaya Diagnostic Server SAL Gateway 219

Comments on this document? infodev@avaya.com