Monitoring SSB-related parameters
SSB's version number
| SNMP object: | SSB-SNMP-MIB::ssbFirmwareVersion |
| Type: | String |
| Short description: | Current version of the SSB. |
Description: The current version number of SSB. This always changes after a successful upgrade.
Number of session files on SSB
| SNMP object: | SSB-SNMP-MIB::ssbHTTPSessions |
| Type: | Integer32 |
| Short description: | Number of recently active HTTP-based connections to SSB. |
Description: The number of session files on SSB. These are generated as a result of the following events:
- Accessing the web user interface of SSB.
- Accessing a remote logspace.
- Performing an RPC API call.
Number of core files on SSB
| SNMP object: | SSB-SNMP-MIB::ssbCoreFiles |
| Type: | Integer (number of) |
| Short description: | The number of core files in SSB's core firmware. |
Description: If the value of this parameter is larger than 0, contact our Support Team.
The status of the HA cluster
| SNMP object: | SSB-SNMP-MIB::ssbHAClusterStatus |
| Type: | String |
| Short description: | Status of the HA cluster. |
Description: The status of the SSB cluster. For details, see Status.
The status of the Redundant Heartbeat interface
| SNMP object: | SSB-SNMP-MIB::ssbHARedundantStatus |
| Type: | String |
| Short description: | Status of the Redundant Heartbeat interface. |
Description: The status of the Redundant Heartbeat interface. For details, see Redundant Heartbeat status.
Available free space on SSB
| SNMP object: | SSB-SNMP-MIB::ssbUnusedLogStorageCapacity |
| Type: | Integer (% percent) |
| Short description: | Ratio of free space on SSB compared to the Disk space fill up prevention limit. |
Description: The available free space on SSB.
|
|
Caution:
Hazard of data loss If the value of this parameter is constantly close to 0%, fine-tune your configuration or purchase more SSB appliances. For assistance, contact our Support Team. If the value of this parameter reaches 0%, SSB will stop receiving logs. If you have an Archive Policy configured, archiving will start after the value of this parameter reaches 0%. Therefore, SSB might start receiving logs again after some time has passed. |
Make sure that you always have enough free space.
The definition of "enough" varies based on your specific configuration settings, for example:
- The disk size of your SSB appliance.
- The size, number and frequency of your incoming logs.
- Your Policies > Backup & Archive/Cleanup settings configuration.
- Your Basic Settings > Management > Disk space fill up prevention limit configuration. For details, see Preventing disk space fill up
- and so on
Example: Available free space on SSB
To calculate the available free space on SSB, the following formula is used:
[Disk capacity of the core partition] - [The free space above the Basic Settings > Management > Disk space fill up prevention limit] - [The space that is already in use].
For example:
- Disk capacity of the core partition: This is always 100%
- The free space above the Basic Settings > Management > Disk space fill up prevention limit: If SSB is configured to Disconnect clients when disks are 90 percent used, this value is 100% - 90% = 10%
- The space that is already in use: 35%
Available free space on SSB = 100% - 10% - 35% = 55%
The synchronization progress of HA nodes
| SNMP object: | SSB-SNMP-MIB::ssbHASynchronizationProgress |
| Type: | Integer32 (0..100 %) |
| Short description: | HA cluster synchronization progress (in percent). 100%, if the cluster is fully synchronized. |
Description: This value can be important in the following cases:
-
When enabling HA mode the first time, after navigating to Basic Settings > High Availability and clicking Convert to Cluster, the synchronization process starts. This value will start at 0% and will gradually increase to 100%. When it reaches 100%, it means that the conversion has been finished and the nodes are now in HA status.
-
If one of your nodes becomes unavailable and you decide to reinstall SSB, you will have to rejoin your cluster again by navigating to Basic Settings > High Availability and clicking Join HA. This will start the synchronization progress from 0% again and will gradually increase to 100%. When it reaches 100%, it means that the join progress has been finished and the nodes are now in HA status again.
-
If a node becomes unavailable for a longer period and then gets joined again, it can be possible that the configuration of the two nodes become different. In this case, the two nodes start the synchronization process again so that the new changes are transferred to the previously unavailable node. This does not necessarily mean that the synchronization value will start at 0%, it is possible that it starts from a number somewhere between 0% and 100%.
Determining whether the HA node is the primary node
| SNMP object: | SSB-SNMP-MIB::ssbHAIsPrimary |
| Type: | TruthValue (SNMP boolean value) |
| Short description: | The current HA node is the primary node |
Description: This information is only supplied on HA-cluster nodes and it is available on the SNMP community provided by the boot-firmwares (the ID-based communities on the Basic Settings > Management > SNMP agents settings page).
You can monitor which node is the primary HA node, that is, which node is responsible for SSB's business logic. For example, HTTP configuration, log management (syslog-ng, archive, backup), and so on.
Troubleshooting SSB
This section describes the tools to detect networking problems, and also how to collect core files and view the system logs of SSB.
To find the SSB appliance in the server room, you can use IPMI to control the front panel and back panel identify lights.
-
On SSB T4 and SSB T10, navigate to Basic Settings > System > Hardware information > Blink system identification lights.
NOTE: SSB T1 does not support identify lights.
-
To blink the blue LEDs on the front and back of the SSB appliance, click On.
Alternatively, use the command line as follows:
-
To start the blinking of the blue LEDs on the front and back of the SSB appliance, enter:
ipmitool chassis identify force
-
To stop the blinking of the blue LEDs on the front and back of the SSB appliance, enter:
ipmitool chassis identify 0
Network troubleshooting
The Troubleshooting menu provides a number of diagnostic commands to resolve networking issues. Logfiles of SSB can also be displayed here — for details, see Viewing logs on SSB.
Figure 165: Basic Settings > Troubleshooting > System debug — Network troubleshooting with SSB
The following commands are available:
-
ping: Sends a simple message to the specified host to test network connectivity.
-
traceroute: Sends a simple message from SSB to the specified host and displays all hosts on the path of the message. It is used to trace the path the message travels between the hosts.
-
connect: Attempts to connect the specified host using the specified port. It is used to test the availability or status of an application on the target host.
To execute one of the above commands
-
Navigate to Basic Settings > Troubleshooting.
-
Enter the IP address or the hostname of the target host into the Hostname field of the respective command. For the Connect command, enter the target port into the Port field.
-
Click the respective action button to execute the command.
-
Check the results in the popup window. Log files are displayed in a separate browser window.
Gathering data about system problems
SSB automatically generates core files if an important software component (for example, syslog-ng, or the indexer) of the system crashes for some reason. These core files can be of great help to the One Identity Support Team to identify problems. To display a list of alerts, navigate to Search > Log Alerts.
To list and download the generated core files, navigate to Basic Settings > Troubleshooting > Core files.
By default, core files are deleted after 14 days. To change the deletion timeframe, navigate to Basic Settings > Management > Core files.