Host GS: Services Stats View

Document created by RSA Information Design and Development on Jul 25, 2016
Version 1Show Document
  • View in full screen mode
 

This topic describes the features available in Security Analytics Services Stats view. 

The Services Stats view provides a way to monitor the status and operations of a service. This view displays key statistics, service system information, and host system information for a service. In addition, more than 80 statistics are available for viewing as gauges and in timeline charts. In historical timeline charts, only statistics for session size, sessions, and packets are viewable.

To access the Service Stats view:

  1. In the Security Analytics menu, select Administration > Services.
    The Services view is displayed.
  2. Select a service and select Actns.png > View > Stats.

The following example shows the Services Stats view for a Decoder.

SrvStatsViewTop.png

The following example shows the additional charts available after scrolling down.
SrvStatsViewBotAll.png

The following example shows the Chart Stats Tray expanded.
SrvStatsViewBottom.png

Features

Although different statistics are available for different types of services, certain elements are common to the Services Stats view for any Core service:

  • Summary Stats section
  • Gauges section
  • Timelines section
  • Historical Timelines section
  • Chart Stats Tray

Summary Stats Section

The Summary Stats section is at the top of the default view, and has no editable fields.

There are five panels in the Summary Stats section. The Key Stats panel displays different statistics for different types of services. The remaining panels in the Summary Stats section are the same for all types of services.

Key Stats

The Key Stats panel displays different statistics for different types of services.

  • For a Decoder or Log Decoder, key statistics include capture statistics, such as capture rate, total packets or logs captured, total packets or logs dropped, the data capture begin time and end time.
    SrvStatsViewKeyStatsD.png
  • A Broker or Concentrator aggregates data from multiple services. Therefore, the key statistics for all aggregate services are presented in a grid. The columns in the grid provide the service name, the capture rate, the maximum capture rate, the number of session behind (that need to be aggregated), and the service status.
    SrvStatsViewKeyStatsC.png

Services System Info

The Services System Info panel includes the percentage of CPU used by the service, the memory usage statistics (system, total, process, and maximum process), service uptime, status, running since time, and the current time. 

SrvStatsViewSrvSysInfoD.png

Host System Info includes percentage of CPU used by the host, the memory usage statistics (system, total, process, and maximum), host uptime, status, running since time, and the current time.

104SrvStatDecoder7.png

Logical Drives and Physical Drives are shown with an icon for the drive name and state. Drive types used in the names and the drive status options are listed below.

104SrvStatDecoder8.png

Drive Types and Status

                                   
Drive TypeDescriptionCommentStatus Options
sd SCSI block deviceDirectly connected SAS, SATA MegaRAID volumesOK (green)
FAIL (red)
ld MegaRAID Logical VolumeDefined in BIOS or with MegaCLI toolOK (green)
DEGRADED (yellow)
BUILDING (yellow)
FAIL (red)
pd MegaRAID Physical DisksNot directly exposed to LinuxOK (green)
FAIL (red)
md Linux software RAID Volume OK (green)
DEGRADED (yellow)
BUILDING (yellow)
FAIL (red)

Gauges

The Gauges section in the Stats View presents statistics in the form of analog gauges. See Gauges for details on configuring gauges.

Timelines

Timeline charts display the selected statistics in a running timeline with focus on the current time. This is the same for all types of services, and only the display name of the timeline is editable. See Timeline Charts for details on configuring timelines.

Historical Timelines

Historical timeline charts display statistics for session size, sessions, and packets in a historical timeline. This is the same for all types of services, and has an editable display name, begin date, and end date. See Timeline Charts for details on configuring timelines.

Chart Stats Tray

The Chart Stats Tray lists all available statistics for the selected service type. Different services have different statistics to monitor. See Chart Stats Tray for a detailed description.

 

 

Topics

You are here: References > Host GS: Services Stats View

Attachments

    Outcomes