aaa-said check-rule rule1

Function

The aaa-said check-rule rule1 command sets the login failure increment within 10 minutes that can trigger fault detection on SAID AAA nodes.

The undo aaa-said check-rule rule1 command restores the default setting.

By default, fault detection on SAID AAA nodes is triggered when the login failure increment exceeds 10000 within 10 minutes.

This command is supported only on the NetEngine 8000 F1A.

Format

aaa-said check-rule rule1 online-fail-num increase increase-num

undo aaa-said check-rule rule1 [ online-fail-num increase increase-num ]

Parameters

Parameter Description Value
online-fail-num

Indicates the number of login failures.

-
increase increase-num

Specifies the login failure increment.

The value is an integer ranging from 100 to 256000. The default value is 10000.

Views

AAA view

Default Level

3: Management level

Task Name and Operations

Task Name Operations
aaa write

Usage Guidelines

Usage Scenario

In user access scenarios, SAID nodes can detect and diagnose user login failures.

One fault detection trigger condition for SAID nodes is the login failure increment, which is 10000 by default, within 10 minutes.

To adjust this trigger condition, run the aaa-said check-rule rule1 command to set a login failure increment within 10 minutes.

Precautions

In VS mode, this command is supported only by the admin VS.

Example

# Set the login failure increment within 10 minutes that can trigger fault detection on SAID AAA nodes to 200.
<HUAWEI> system-view
[~HUAWEI] aaa
[~HUAWEI-aaa] aaa-said check-rule rule1 online-fail-num increase 200
Parent Topic: AAA and User Management Configuration (Access User)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >