Select the 'Dashboard' component or the
'System Health' option in
the top menu to enter XpoLog Dashboard. The dashboard
displays a summary of your system’s health and allows
navigation within the result. The dashboard screen is
divided in 3: the upper pane, which displays general
system health information, the main pane, which shows
graphically the health of your system and the left pane,
consisting of different slides for data generation and
display settings.
-
The upper part of
the dashboard screen displays general system health
information: On the upper left side is the time window of
the displayed dashboard data. Under the time window the
number of total applications, folders and logs in your
system is displayed. On the upper right side the entire
system status is presented as a red, orange, yellow or green
led. Red means a high level of risk/anomalies, and green
means the health state of the system is very good. Orange
and yellow are intermediate health state levels. Below the
system status there are two graph: the left one shows the
system’s risk level ('Predefined') and the right one shows
the system’s anomaly level ('Anomalies'). Next to it is
displayed the total number of risk events in the system.
On the same pane there is a list box called 'display
mode' which indicates the dashboard's monitor status
(see
Dashboard's Monitoring). If the online status
is selected,
the display on the main pane will be updated periodically according to
the monitor's time settings. On the right side of the list box
there's a display of the
time left to the next screen refresh. Note: In case 'Time Rule' or
'Generate Data' are executed from the left pane while in
online mode, the dashboard's monitor
status automatically changes to offline.
-
The dashboard main pane displays your system’s health
state. The data is displayed either in the context of a
selected root (and this root's children) or in the context of correlated
applications.
The dashboard main pane consists
of 4 dynamic tabs that correspond to 4 view modes:
'Totals Over Time', 'Risk Over Time', 'content' and
'Anomalies'. Selecting one of the tabs displays its
corresponding graph over time and shows the corresponding
graph over time for each of the entries in the table below.
The main graph over time shows data in computed time
intervals that correspond to the current dashboard’s display
time frame. Each line in the graph corresponds, in case of
selected root context, to one of root's children, or to one
of the selected components (application, folder or log) in
case of correlated context view. The lines are
differentiated by colors. In case of 'Total Over Time' mode,
each component is depicted by two lines: a solid one
representing the component’s number of risk events and a
dashed one representing the total number of events of
that component. Each of the points in the graph
corresponds to the health data of that component in the time
interval starting with that point. Hovering with the mouse
over a point in the graph opens a detailed display of the
data represented by that point. In case of adjacent points,
a corresponding table is being displayed showing the data of
these multiple points in a tabular form. Clicking on a point
in the graph drills down to a smaller time interval: if the
initial displays spans one month, then drilling down from
any point on the graph will drill down to the day starting
at that point, and in case other than 'Anomalies' one may further drill down to a selected
hour.
In
case of 'Anomalies', a day is the smallest
drill down resolution.
To go back to larger time frames, click the small arrow
left of the tabs (back). The pie next to the graph shows the distribution of the
risk events among the root’s children, in case of a
selected root context, or among the selected components,
in case of correlated view context. The table below the graph shows the health information
of the components depicted in the graph above. Clicking
on the name of one of the entries in the table drills
down to show that component’s health state – making this
component the root. To go back to the upper most level
of the health tree, click the "home" link above the
graph. If no data is available for a component, it appears with
a darker background. No drill down is then possible from
that component.
The table has
the following columns:
- Name – the name
of the component. An icon representing the component’s
type is displayed left of the name
-
Status – a
computed health status based on the risk and the anomalies
levels
- Predefined – the
risk level of the component, corresponding to the
occurrence of predefined risk events
-
Content – the
risk level of the component, corresponding to the
occurrence of contents which indicate a certain level of
hazard -
Anomalies – the
level of anomaly of that log in terms of number of events
and number of occurrences of columns’ unique values with
respect to computed averages
-
Predefined events –
the total number of events to which a risk weight
has been set (see
Defining log risk)
-
Content events – the total number of
events containing contents which indicate a certain
level of hazard - Total events –
the total number of events. In case of a log, this is the
total number of events that occurred in the given time
frame in the log. In case of a folder or an application,
this is the sum of all total events of that component’s
children
- Sub – in case
the component has children, this pie chart shows the
distribution of the risk events among that component’s
children
- Over Time – the
component’s graph over time (either total events,
risk events or anomalies, depending on the selected
view mode)
- The left pane of the dashboard contains the following slides:
-
Select
Applications: Displays the system's applications
tree. Clicking on one of the entries in the tree
changes to root context view, making the clicked
component the selected root. To get a correlated
view of different components, such as all the access
logs of all the application and web servers in your
system, click the desired logs’ checkboxes and press
'go'. To go back to the upper most level of the
health tree, click the 'home' link above the graph.
-
Generate Data: use this slide to define the time
frame and the applications to generate new
dashboard data for. See
Creating dashboard data for more
information on how to generate data.
-
Time Rule:
drilling down from a graph’s point is one mean of
setting the time frame of the dashboard’s displayed
data. Using the 'Time Rule' slide allows you to
select any time interval for the displayed data.
Setting a new time rule does not create new data –
it simply shows the already available data that
corresponds to that time frame selection. To create
new data, use the 'Generate Data' slide.
-
Alerts:
Each alert under this slide contains information of the
alerts raised while dashboard was running. This
information includes the application name for which the
alert was raised, the start and end times of the
data for which the alert was raised, the alert time
and the alert's message.
-
Search: enter a
search string and press 'go'. A new window will open
displaying the search results.
-
Application Status: shows a summary of the upper most level in your system – the
applications. Click on the arrow next to an application
to get more a detailed information of its health state
consisting of its risk, anomalies and sub graphs. Clicking
an application’s name will make it the current root and
will show its children in the main dashboard pane.
|