Diagnosing TLS handshake by using Handshake Analyzer

(BMC.AMIOPS.SPE2407) You can use Handshake Analyzer to collect and analyze TLS Handshakes by starting a packet trace. You can set the Handshake Analyzer to display handshakes based on the following parameters:
• Successful or failed
• Local port
• Remote port
• IP address

Related topics

Configuring-BMC-AMI-Ops-Monitor-for-IP

Customizing-after-installation

Performing-diagnostics

Use the following commands on the HSHDIAG view to indicate the type of handshake to be displayed:

Command

Description

STA

Starts the Handshake Analyzer trace     

STO       

Stops the Handshake Analyzer trace

D

Displays all handshakes on the HSHDIAG view

DEL       

Delete the Handshake Analyzer trace                              

DF

Displays only failed handshakes

You can also display only failed handshakes by setting the Failures Only parameter to Yes.

DG

Displays only successful handshakes

DIP      

Displays handshakes by IP Address on the HSHIPAD view

DLP

Displays handshakes by local port on the HSHLPORT view

DRP

 

Displays handshakes by remote port on the HSHRPORT view

Writes a Raw IP Trace to an IBM CTRACE file

Generates CTRACE reports for Traces

Writes a packet trace in Sniffer format to a data set

Writes a formatted trace to a sequential data set

(BMC.AMIOPS.SPE2410) You can also offload traces on the HSHIPAD, HSHLPORT, and HSHRPORT views.                                      

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*