Hosts GS: Services System View

Document created by RSA Information Design and Development on Jul 27, 2016
Version 1Show Document
  • View in full screen mode
 

The Services System view provides a services summary for Security Analytics Core services and some other services, for example Reporting Engine.

The summary information for Security Analytics Core services (Broker, Concentrator, Decoder, and Log Decoder) is similar, including information about: 

  • Service
  • Appliance Service
  • Service user information
  • Host user information
  • License information
  • Session information

The toolbar for Security Analytics Core services is also similar. The options provide a way to run command-line host tasks, control services and hosts, and other service-specific tasks such as uploading packet capture or log files to a service.

To access the Services System view:

  1. In the Security Analytics menu, select Administration > Services.
    The Administration Services view is displayed.
  2. Select a service and select Actns.png > View> System.

The following is an example of the Services System view for a Decoder. 

SrvsSysViewD.png

Features

This section describes common features for Security Analytics Core service types.

  • Features specific to Brokers and Concentrators are described in the Broker and Concentrator Configuration Guide.
  • Features specific to Decoders and Log Decoders are described in the Decoder and Log Decoder Configuration Guide.

Services System View Toolbar

At the top of the Services System view is a toolbar. While some options in the toolbar apply to a specific service type, four options are common to all. The examples below show the options for a Concentrator, for a Decoder, and for a Log Decoder.

SrvSysTbC.png

SrvSysTbD.png

SrvSysTbLD.png

This table describes the Services System View toolbar options common to all Core services.

                   
ActionDescription
Host TasksDisplays the Host Task List dialog, which provides a way to run command-line host tasks from a selection list. See Host Task List Dialog for detailed information.
Shutdown ServiceShuts down and restarts the service for a Decoder, Log Decoder, Broker, or Concentrator.
Shutdown Appliance ServiceStops all services running on the host, then shuts down and restarts the appliance service for a Log Decoder, Log Decoder, Broker, or Concentrator.
RebootShuts down and restarts the host on which the Core services are running.

Services Summary Information

The top section of the Services System view summarizes information about the selected service. This applies to all Core service types: Decoders, Brokers, Concentrators, and Log Decoders.

                
CategoryDescription
Service and Appliance Service InformationThis Includes the service name, service version, memory usage in megabytes, memory usage as a percentage of total memory, the time and date the service started running, the duration of time the service has been running, and the current time.
Service and Host User InformationDisplays users who have access to this service and the user role to which they belong.
License Information Displays the computer ID for the service and the licenses installed for that ID.
  • In Security Analytics 10.1 and later, the license information is the license key provided for the service by the Security Analytics local license server.
  • In Security Analytics 10.0, each license has an expiration date and some have other parameters such as maximum storage on system.

Session Information Grid

The bottom section of the Services System view provides a list of active sessions. In this view, you can:

  • End a session
  • End an active query

The table describes the Session Information grid columns.

                    
ColumnDescription
SessionThe ID for the session. Clicking the session ID displays a dialog with the option to kill the session. You can approve the action or cancel the action.
UserThe name of the session owner.
IP AddressThe IP address of the service where the session is running.
Login TimeThe time the user logged in.
Active QueriesThe count of active queries. Clicking a non-zero count displays a dialog in which you can stop execution of a query.
You are here: References > Hosts GS: Services System View

Attachments

    Outcomes