AnsweredAssumed Answered

Health and Wellness - Managing Policies

Question asked by qVIQUb8ls9saNP7igYuIdrmmeXDVxfMDeLjDVSbku70= on Oct 4, 2016
Latest reply on Oct 10, 2016 by John Kisner

Hello Everyone


I could see some strange behavior in H&W policies . Need to know below queries :


1. How H&W polices defined would convert into alerts  ? 

2.  When we enable the policies for hosts , log collector , decoders , concentrators  the disk utilization is high ( df -h ) and the alerts are not coming/seen even after 30  minutes of enabling the policy .
3. How to troubleshoot further without making the SA service down or without any performance impact .


When i tail the logs on the SA Head , these is what it shows:

Oct  4 08:19:18 collectd[5760]: Dispatched may be failing behind: took 229 seconds
Oct  4 08:19:18  collectd[5760]: ESMAggregator: Dispatched 592240 stats (in 5923 messages) and 592240 rrd stats in 229 seconds


What's the role of  ESMAggregator and how can differentiate the logs that are related to event source monitoring and H&w monitoring . 


Please advice.


Thanks in advance !