Host GS: Services System View

Document created by RSA Information Design and Development on Mar 21, 2017
Version 1Show Document
  • View in full screen mode
  

This topic introduces features and functions of the Services System view.

The Services System view provides a services summary for Security Analytics Core services and some other services, for example Reporting Engine.

The summary information for Security Analytics Core services (Broker, Concentrator, Decoder, and Log Decoder) is similar, including information about: 

  • Service
  • Appliance Service
  • Service user information
  • Host user information
  • License information
  • Session information

The toolbar for Security Analytics Core services is also similar. The options provide a way to run command-line host tasks, control services and hosts, and other service-specific tasks such as uploading packet capture or log files to a service.

To access the Services System view:

  1. In the Security Analytics menu, select Administration > Services.
    The Administration Services view is displayed.
  2. Select a service and select Actns.png > View> System.

The following is an example of the Services System view for a Decoder. 

SrvsSysViewD.png

Features

This section describes common features for Security Analytics Core service types.

  • Features specific to Brokers and Concentrators are described in the Services System View - Broker topic in the Broker and Concentrator Configuration Guide.
  • Features specific to Decoders and Log Decoders are described in Decoder Services System View.

Services System View Toolbar

At the top of the Services System view is a toolbar. While some options in the toolbar apply to a specific service type, four options are common to all. The examples below show the options for a Concentrator, for a Decoder, and for a Log Decoder.

SrvSysTbC.png

SrvSysTbD.png

SrvSysTbLD.png

This table describes the Services System View toolbar options common to all Core services.

                         
ActionDescription
Host Tasks Displays the Host Task List dialog, which provides a way to run command-line host tasks from a selection list. See Host Task List Dialog for detailed information.
Shutdown Service Shuts down and restarts the service for a Decoder, Log Decoder, Broker, or Concentrator.
Shutdown Appliance Service Stops all services running on the host, then shuts down and restarts the appliance service for a Log Decoder, Log Decoder, Broker, or Concentrator.
Reboot Shuts down and restarts the host on which the Core services are running.

Services Summary Information

The top section of the Services System view summarizes information about the selected service. This applies to all Core service types: Decoders, Brokers, Concentrators, and Log Decoders.

                     
CategoryDescription
Service and Appliance Service Information This Includes the service name, service version, memory usage in megabytes, memory usage as a percentage of total memory, the time and date the service started running, the duration of time the service has been running, and the current time.
Service and Host User Information Displays users who have access to this service and the user role to which they belong.
License Information Displays the computer ID for the service and the licenses installed for that ID.
  • In Security Analytics 10.1 and later, the license information is the license key provided for the service by the Security Analytics local license server.
  • In Security Analytics 10.0, each license has an expiration date and some have other parameters such as maximum storage on system.

Session Information Grid

The bottom section of the Services System view provides a list of active sessions. In this view, you can:

  • End a session
  • End an active query

This table describes the Session Information grid columns.

                             
CategoryDescription
Session The ID for the session. Clicking the session ID displays a dialog with the option to kill the session. You can approve the action or cancel the action.
User The name of the session owner.
IP Address The IP address of the service where the session is running.
Login Time The time the user logged in.
Active Queries The count of active queries. Clicking a non-zero count displays a dialog in which you can stop execution of a query.

 

 

Topics

You are here
Table of Contents > References > Services System View

Attachments

    Outcomes