Sys Maintenance: Create Historical Graph of Events Collected for an Event Source

Document created by RSA Information Design and Development on Sep 14, 2017Last modified by RSA Information Design and Development on Oct 13, 2017
Version 10Show Document
  • View in full screen mode
  

The historical graph of the events collected from an event source gives you information about the variation of the collection over a time frame selected.

To view a historical graph:

  1. Go to ADMIN > Health & Wellness.
    The Health & Wellness view is displayed with the Alarms tab open.
  2. Click Event Source Monitoring.
    The Event Source Monitoring view is displayed.
  3. In the Historical Graph column, select Historical Graph icon.
    The Historical graph for the selected event source is displayed.
    The figure below gives an example of the historical graph for the event source type winevent_snare.
    Historical Graph for winevent_snare
    The graphical view is customized to display the events collected for the current day and the values are zoomed in for an interval of an hour (09.05 - 105.05 hrs). Hover over the graph to view the details at a particular instant. For example, in the figure it displays the average rate of collection at 09.30 hrs.

Note: You can customize the graph view by selecting the Time Frame and Date range. You can zoom in using the zoom in value, time window, or by just a click and a drag in the plot area. For details on the parameters to customize and zoom in functions see Health and Wellness Historical Graphs collected from an event source.
If there is no data displayed on the chart it may be due to one of the following reasons:
-  event source is down.
-  event source is not processing anything right now.

Previous Topic:Filter Event Sources
Next Topic:Monitor Alarms
You are here
Table of Contents > Monitoring Health and Wellness of NetWitness Suite > Monitor Event Sources > Create Historical Graph of Events Collected for an Event Source

Attachments

    Outcomes