Chat now with support
Chat with Support

syslog-ng Store Box 5.3.0 - Administration Guide

Preface Introduction The concepts of SSB The Welcome Wizard and the first login Basic settings User management and access control Managing SSB Configuring message sources Storing messages on SSB Forwarding messages from SSB Log paths: routing and processing messages Configuring syslog-ng options Searching log messages Searching the internal messages of SSB Classifying messages with pattern databases The SSB RPC API Troubleshooting SSB Security checklist for configuring SSB About us Third-party contributions

Querying SSB status information using agents

External SNMP agents can query the basic status information of SSB.

To configure which clients can query this information

  1. Navigate to Basic Settings > Management > SNMP agent settings.

    Figure 30: Basic Settings > Management > SNMP agent settings — Configure SNMP agent access

  2. The status of SSB can be queried dynamically via SNMP. By default, the status can be queried from any host. To restrict access to these data to a single host, enter the IP address of the host into the Client address field.

  3. Optionally, you can enter the details of the SNMP server into the System location, System contact, and System description fields.

  4. Select the SNMP protocol to use.

    • To use the SNMP v2c protocol for SNMP queries, select SNMP v2c agent, and enter the community to use into the Community field.

    • To use the SNMP v3 protocol, select SNMP v3 agent and complete the following steps:

    1. Click .

    2. Enter the username used by the SNMP agent into the Username field.

    3. Select the authentication method (MD5 or SHA1) to use from the Auth. method field.

    4. Enter the password used by the SNMP agent into the Auth. password field.

    5. Select the encryption method (Disabled, DES or AES) to use from the Encryption method field.

      The supported AES method is AES-128.

    6. Enter the encryption password to use into the Encryption password field.

    7. To add other agents, click .

    NOTE:

    SSB accepts passwords that are not longer than 150 characters. The following special characters can be used: !"#$%&'()*+,-./:;<=>?@[]^-`{|}

  5. Click Commit.

Configuring system monitoring on SSB

SSB continuously monitors a number of parameters of the SSB hardware and its environment. If a parameter reaches a critical level (set in its respective Maximum field), SSB sends e-mail and SNMP messages to alert the administrator.

SSB sends SNMP alerts using the management network interface by default, or using the external interface if the management interface is disabled. SSB supports the SNMPv2c and SNMPv3 protocols. The SNMP server set on the Management tab can query status information from SSB.

TIP:

To have your central monitoring system recognize the SNMP alerts sent by SSB, select Basic Settings > Alerting & Monitoring > Download MIBs to download the SSB-specific Management Information Base (MIB), then import it into your monitoring system.

Figure 31: Basic Settings > Alerting & Monitoring — Configure SNMP and e-mail alerts

The following sections describe the parameters you can receive alerts on.

Configuring monitoring

The following describes how to configure monitoring.

To configure monitoring

  1. Navigate to Basic Settings > Alerting & Monitoring.

    Figure 32: Basic Settings > Alerting & Monitoring — Configure SNMP and e-mail alerts

  2. The default threshold values of the parameters are suitable for most situations. Adjust the thresholds only if needed.

  3. Select the type of alert (e-mail or SNMP) you want to receive for the different events. For details about the events that trigger an alert, see Health monitoring, System related traps, and Alerts related to syslog-ng. See also Preventing disk space fill up and Configuring message rate alerting.

  4. Click Commit.

  5. Navigate to Basic Settings > Management and verify that the SNMP settings and Mail settings of SSB are correct. SSB sends alerts only to the alert e-mail address and to the SNMP server.

    Caution:

    Sending alerts fails if these settings are incorrect.

Health monitoring

  • Disk utilization maximum: Ratio of free space available on the hard disk. SSB sends an alert if the log files use more space than the set value. Archive the log files to a backup server to free disk space. For details, see Archiving and cleanup.

    NOTE:

    The alert message includes the actual disk usage, not the limit set on the web interface. For example, you set SSB to alert if the disk usage increases above 10 percent. If the disk usage of SSB increases above this limit (for example to 17 percent), you receive the following alert message: less than 90% free (= 17%). This means that the amount of used disk space increased above 10% (what you set as a limit, so it is less than 90%), namely to 17%.

  • Load 1|5|15 maximum: The average load of SSB during the last one, five, or 15 minutes.

  • Swap utilization maximum: Ratio of the swap space used by SSB. SSB sends an alert if it uses more swap space than the set value.

Related Documents