The dissectors for each protocol in Unicorn define expert info that can be used to alert you about particular states within a packet using that protocol. These states are separated into four categories:
| Severity | Description |
.files/image025.gif){kind=small} Information | Indicates a normal message and no network problem. |
.files/image026.gif){kind=small} Notice | Indicates normal but significant conditions. |
.files/image027.gif){kind=small} Warning | Indicates an error that requires attention and should be solved soon. |
.files/image028.gif){kind=small} Critical | Indicates requiring immediate intervention by administrators to prevent serious problem to the network. |
To view expert event information, please switch to Events tab, you will see ssimilar results in figure 5- 12.
Figure 5-12: The Events window shows information from the expert system programmed within the protocol dissectors.
The name, count and percentage of all diagnosis events are listed in the pane. They are grouped into four types on the basis of security levels as follows. When selecting a specific node in the Node Explorer window, this pane will only show the events related to the node. that there are no information,2 critical , 4 warnings and 57 notice.
Although some of the features discussed in this chapter may seem as if they would be used in only obscure situations, you will probably find yourself using them more than you might expect. It is important that you familiarize yourself with these windows and options; I will be referencing them a lot in the next few chapters.