Versions Compared

Old Version 1

changes.mady.by.user Svetlana Sheptiy

Saved on

compared with

New Version 2

changes.mady.by.user Svetlana Sheptiy

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Info

This page applies to Snare Central v8.2.0 and later.

...

and later.
Note: in v8.6.0 the page was renamed from 'Dashboard' to 'Executive Dashboard'.


Image Added

Overview

Snare Central Executive Dashboard provides System Health indicators and Events Collection statistics, allowing quick and easy access to critical data and quicker response to the emerging issues.
The dashboard uses Green-Orange-Red color scheme for status indicators.
Image Removed
Image Added



The Dashboard contains the following components:

...

Current status of Snare Central Health Checker. Updates every 1 minute.
The Health Checker combines most key aspects of system operation (depending on configuration), including, but not limited to: licensing, key services status, integrity checks, available disk space, Reflector destinations status and more. 

Color-coding: green - normal operation, orange - warning, red - error.

Click the System Status card to navigate to Status > Snare Health Checker page for more details.

...

CPU Usage percentage averaged across all cores.

Color-coding: green - up to 60%, orange -  greater than 60%, red - greater than 80%

Click the CPU Usage card to navigate to Status > System Status page, then click CPU tab for more details.

...

Average Bytes per Second received during the past 1 minute.

Color-coding: green - normal operation, red - Collector service is not responding.

...

Indicates disk and inode usage percentage by Snare Archive.

Color-coding: green - normal operation, up to 80% of disk and/or inode usage, orange - warning, 81-85% of disk usage, or 81-90% of inode usage, red - above 85% of disk usage or above 90% of inode usage.
Note: these thresholds are configurable in Snare Health Checker

...

Number of configured destinations for Snare Reflector.
Snare Reflector has 2 default internal destinations, reflecting to localhost ports 6170 (Snare format) and 6171 (Syslog format).
Additional destinations can be configured to reflect to other servers or 3rd party log analysis tools.

Color-coding: green - normal operation, red - at least one Destination is not reachable.

...

Incoming Events per Second. Updates every 1 minute.

Color-coding: green - normal operation, red - Collector service is not responding.

...

Total number of events collected by Snare Central Collector in the past 24 hours, or since last Collector/Reflector restart.

Color-coding: green - normal operation, red - Collector service is not responding.

...

Total number of bytes collected by Snare Central Collector in the past 24 hours, or since last Collector/Reflector restart.

Color-coding: green - normal operation, red - Collector service is not responding.

...

Number of licensed entities.

Color-coding: green - used licenses do not exceed allowance.

...

Indicates whether there are licenses that are about to expire or have already expired.

Color-coding: green - active license, orange - license is about to expire within the next 30 days, red - license has expired.

Click   to find more details in Table View
Click   to close Table View.

...

Indicates whether license support is about to expire or have already expired.

Color-coding: green - active support, orange - support is about to expire within the next 30 days, red - support has expired.

Click   to find more details in Table View
Click   to close Table View.

...

Number of Snare Agents that have connected to SAM within the last 5 minutes.
% out of all agents known to SAM.
Color-coding: green - all agents are connected, orange - warning: 1 or more unreachable agents.

...

Number of Snare Agents that have not connected to SAM within the last 5 minutes.
% out of all agents known to SAM.
Color-coding: green - 0 unreachable agents, orange - warning: 1 or more unreachable agents.

...

Info
titleChart Canvas Controls

Chart canvas controls


Chart canvas controls allow to perform common actions on a displayed chart area:

 Zoom Selection - allows to select an area to zoom into. Toggle this button, then click and hold on the area of a chart and drag to the left or to the right to select the area to zoom into.
 Zoom Restore - reverts the above zoom selection
 Save as Image - allows to download the chart canvas as an image
 View Raw Data - displays the chart data in plain text view. Click Return to return to the chart view.
 Line Chart - displays the chart as a Line Chart
 Bar Chart - displays the chart as a Bar Chart
 Stacked - displays data series stacked on top of each other
 Tiled - displays each data series separately, relative to 0 (the opposite of Stacked)
 Reset - resets all above made changes to the default chart settings.

Note: various charts on the dashboard may have all or some of the above controls depending on the context.

Historical Collection

Image RemovedImage Added

This Bar chart displays the number of Events and Bytes collected daily by Snare Central over the last 30 days.
From v8.6.0, Historical Collection graph displays additional column for Compressed Bytes, and shows summary of received data volume vs stored compressed data volume, highlighting data storage saving.

Time period can be adjusted from last 7 days to last 365 days, using either a slider or the input field.

...

Click  to exit Full Screen view.

Live Events

Image RemovedImage Added        

Live Events chart displays Bytes and Bytes Events per Second being collected by Snare Central from latest 10 sources.
The source is indicated by either host name or IP address, depending on its configuration.
This chart refreshes every 2.5 seconds.

...