General options

Global Options

The black background bar at the top of the interface contains a series of informative options that remain accessible at all times as the user navigates through the different WOCU-Monitoring screens and options.

Being a fixed element, the user will always have the following elements:

../../_images/2_007_aggregator_up-menu_0-57.png

Link to Home screen

Use this link to return to the Overview: Home from any other location of the tool.

Global hosts finder

The top bar includes a global search function to locate a specific Host among all the Realms managed in the application. When selecting or searching for the desired item, the user is automatically redirected to its own detail view to continue with its management and monitoring.

../../_images/2_007m_aggregator_global_search_0-57.png

The global search engine allows several search options:

  • Manually entering the name of the Host of interest.

  • Via the available selector: clicking on the date (V) displays an initial list of the first ten Hosts. Asyou scroll down the list, it will be updated with new items.

For each element is indicated:

Type and name of the Host | Type and name of the Realm in which found.

../../_images/2_007n_aggregator_global_search_selecor_0-57.png

Documentation

By choosing this option, the user will be redirected to this document: WOCU-Monitoring Technical Documentation.

Settings

This dropdown menu includes the following options:

../../_images/2_007o_setting_61.png

New Realm

By choosing this option, the user will be redirected to the registration form for a new Realm that will become part of the monitored monitored technological infrastructure.

More information in: Creation of Realms.

Licenses

Purely informative view with updated data on the licence contracted.

The Administrator shall be able to monitor the status of the licencein force, know the days remaining for its renewal or other particularities of the licence.

This information shall be displayed in the following tabular format:

../../_images/2_007k_aggregator_licenses_view_0-58.png

  • License: identifying name of the contracted licence.

  • Type: details the type of licence in use. The licences that currently provided by WOCU-Monitoring are:

    • Silver

    • Gold

    • Platinum

    • Prepod

    • Demo

    You can find out more about the specifics of each of them here.

  • Creation date: details the exact date and time the licence was created.

  • Expiration date: details the exact date and time of expiry of the licence.

  • Assets max limit: this column records the total number of monitored assets (Services, Hosts, and Business Processes) across all registered standard Realms, compared to the total number of assets available in the contracted license. This indication is purely informational; no restrictions are implemented.

Attention

Each type of licence has its own specific characteristics and terms, so for your review contact our Commercial Team.

Advanced Diagnostic

WOCU-Monitoring offers the possibility to load and execute scripts previously loaded into the system by an Administrator. From this section, the user can select and execute available scripts from easily.

Each time this section Advanced Diagnostic is accessed, the system automatically performs a reload process that detects any changes in the script set (new additions, updates or deletions). This process is completely transparent to the user and does not require any manual action.

../../_images/2_007p_aggregator_advanced_diagnostic_view_0-65.png

After selecting a script from the list, specific configuration fields will appear. These fields are previously defined by the Administrator. More information can be found in Execution of scripts.

../../_images/2_007q_aggregator_advanced_diagnostic_form_0-65.png

Additionally, a file selector will appear that allows the upload of a parameter file, in CSV format. More information at: Execution with file-loaded parameters.

Note

For a detailed description of the complete process of loading, detecting and executing scripts, see section: Execution of scripts.

Event Correlator

Independent module whose function is the prediction of massive failures of monitored devices that share a common property, defined by the assignment of tags.

The system is based on the definition of rules that allow establishing associations between devices and applying thresholds based on a minimum percentage of devices down during a specific time period. When these conditions are met, the module automatically generates a mass failure event and notifies the relevant users, facilitating an early response and proactive incident management.

More information in: Event Correlator.

Audit

Independent module for the detailed logging of actions executed in WOCU-Monitoring, tracing all movements performed in terms of asset configuration and changes tracked by the system, with the purpose of making a subsequent audit of the processed the information processed.

More information in: Audit.

Infrastructure

Interactive and informative module that encapsulates and traces the various elements/nodes that WOCU-Monitoring has deployed at the time of the query.

This functionality provides a comprehensive and correlated overview of the different components that make up the network infrastructure monitored, being a tool of great help for administrators of the solution.

More information in: Infrastructure.

Aggregator Summary

It is a space designed to provide a comprehensive view of the monitored infrastructure according to the nature, connectivity, and configuration of realms and member assets at the time of the query.

This module stands out for its ability to translate the complexity of the infrastructure into clear and intuitive sectoral graphics, greatly simplifying the interpretation of key data.

More information in: Aggregator Summary.

Configuration

Clicking on this option will take you to the WOCU Administration module(WOCU Administration), the epicentre of a multitude of advanced features of WOCU-Monitoring. It is possible to perform and set more deep configurations of the elements that make up the monitoredtechnological infrastructure, although it requires more technical knowledge on the of the user.

Attention

To access this configuration module, you need to enter the access credentials authorised by your Administrator.

Once the option is selected, a new browser window will open, giving access to the advanced module, where the different the different elements, services and functions available for, among other actions, to set the advanced parameters of the monitoring tasks monitoring tasks carried out by the tool.

../../_images/7_002_advanced_configuration-view_0-53.jpg

Auto-refresh screen

WOCU-Monitoring enables the automatic update of the data displayed on the screen.

By clicking on the auto-refresh icon (🕐) it is possible to activate or deactivate the repeated reloading of the page. Note that when switching the autoscreen refresh, this icon will change depending on the status:

  • Auto-refresh disabled

    ../../_images/2_007b_aggregator_autorefresh-icon-off_0-53.png

  • Auto-refresh enabled

    ../../_images/2_007c_aggregator_autorefresh-icon-on_0-53.png

Note

It is possible to consult the remaining time for the next refresh of the screen, by placing the cursor over the icon. By default, the length of the time interval between refreshes is 60 seconds, and you can define a new sequence from the User preferences.

Notification options

Only in the Overview: Home, we find the notification options:

../../_images/2_008_aggregator_notifications-icons_0-36.png

Top option, with a speaker icon enables and disables notifications via a small pop-up window.

Bottom option, with a bell icon enables and disables audible notifications.

The background colour of each icon indicates the status of each option, green: enabled, dark grey: disabled. You can enable/disable these options by clicking on the corresponding icon.

Infrastructure

Interactive and informative module that encapsulates and plots the different elements/nodes that WOCU-Monitoring has deployed at the time of the query.

This functionality provides a comprehensive and correlated overview of the different components that make up the network infrastructure monitored, being a tool of great help for administrators of the solution.

../../_images/2_007f_aggregator_infraestructure-view_0-56.png

It is possible to expand and collapse nodes in order to make navigation through the nested tree and to be able to trace the different hierarchical levels originated. Just click on a particular node and the dependent nodes dependent nodes are hidden or expanded.

../../_images/2_007g_aggregator_infraestructure-view-detail_0-52.png

Icons of implemented technologies are used for the representation and identification of nodes.

../../_images/2_007l_aggregator_infraestructure-icons-detail_0-55.png

The section is organised in two different spaces:

Aggregator Infrastructure

This view represents all the services related to the aggregation console (Aggregator), where are located components such as:data bases, metrics indexing systems, logs collectors, etc. etc.

../../_images/2_007h_aggregator_infraestructure-aggregator-view_0-55.png

Monitoring Infrastructure

This view represents all services of each Monitoring (Import-Tool) managed in the solution.

../../_images/2_007i_aggregator_infraestructure-monitoring-view_0-55.png

A selector is available to navigate between the different (Monitorings) and and see the details of the infrastructure of each.

../../_images/2_007j_aggregator_infraestructure-selector-monitoring_0-55.png

Although the representation is rather elementary, it provides a completeoverview capable of recording non-operational components, which may be affecting the stability of the monitored infrastructure.

Audit

Independent module for the detailed logging of actions executed in WOCU-Monitoring, tracing all movements performed in terms of asset configuration and changes tracked by the system, with the purpose of making a subsequent audit of the processed the information processed.

Attention

This module will only be enabled for Administrator users (Super-admin).

In this new tab you will find two different sections:

Realms

In this section you will be able to visualise all the actions and operations that are carried out on Realms, i.e. the information that is audited at Kingdom level.

../../_images/2_104_aggregator_audit-requests-realms-conf_0-56.png

Note

As indicated in the text: Only the first 10000 entries can be shown, only the first 10000 entries will be shown, in order to facilitate and alleviate the query computation capacity.

Columns/ Table fields

The fields at the head of the table are described below:

../../_images/2_104a_aggregator_audit-requests-realms-conf-table_0-56.png

✓ Date: date and exact time at which the action was recorded in the system, and consequently a relevant event occurred in the internal functioning and operation of the infrastructure.

✓ Realm: the entity or set of entities where the action.

✓ User: user profile that has executed the action registered in the infrastructure.

Note

There is a user named System, author of automatic tasks and periodicals managed in the application (launch of Import Tasks (Tasks), new-scheduling, etc.). Assigned when a user does not exist behind the action carried out.

✓ Method: indicates the method used according to the origin or nature of the the audited action. It is categorised as follows:

  • Changes that occur at the database level, i.e. operations performed on a particular Realm from its Configuration module (Import-Tool).

    These are:

    • CREATE

    • UPDATE

    • DELETE

  • Audited requests based on HTTP protocol.

    • GET

    • POST

  • Relating to automatic processes executed (such as Schedule and Import Tasks (Tasks)). Some of the possible options are:

    • SCHEDULED <Name> REPORT: Scheduled Availability Report, Scheduled Multimetrics Report, Top Hosts Report, etc.

    • <Name> REPORT: Availability Report, Multimetrics Report, Top Hosts Report, etc.

    • SNMP IMPORT

    • CSV IMPORT

    • SNMP IMPORT INVENTORY

Note

There is a Filter by Method filter to limit the table by HTTP requests (Requests), database requests for changes in configuration (Changes in configuration) or automatic processes (Automatic Process).

✓ Description: contains a general description of the registered.

✓ Affected Item(s): type of asset that the action performed. There are a multitude of types of items stored in the database database (HOST, SERVICES, REPORTS,etc.).

✓ Actions: allows the user to know in detail the characteristics of the action performed on an object.

../../_images/2_104b_aggregator_audit-requests-realms-conf-table-action-detail_0-54.png

Note

It may happen that the text displayed in any of the columns exceeds the available the space available, in which case the text shall be cut off at the limit of each column, followed by an ellipsis (…) to indicate that the text continues but has been cut off. However, you can consult the full information by placing the cursor over the text.

Available data filters

Filtering of objects in the table is possible from the following drop-down menus:

✓ Realm Filter: this selector gathers all the Realms managed in the infrastructure. After selecting one of them, the table will be filtered with the operations executed only on these systems.

../../_images/2_104c_aggregator_audit-requests-realms-conf-realm-filter_0-54.png

✓ User Filter: this selector gathers all the users registered in the infrastructure.After selecting one of them, the table will be filtered with the operations executed only by this profile.

../../_images/2_104d_aggregator_audit-requests-realms-conf-user-filter_0-54.png

✓ Filter by Method: this selector gathers all the possible methods categorised according to the origin or nature of the action:

../../_images/2_104e_aggregator_audit-requests-realms-conf-method-filter_0-55.png

Changes in configuration: encompasses changes that occur at the database levelfrom its Configuration module (Import-Tool).

These are:

  • CREATE

  • UPDATE

  • DELETE

Request: encompasses audited requests based on the HTTP.

  • GET

  • POST

Automatic Process: relating to automatically executed processes (such as Schedule and Import Tasks (Tasks)). Some of the options possible are:

  • AUTOMATIC REPORT

  • AUTOMATIC SCHEDULED REPORT

  • SNMP IMPORT

  • CSV IMPORT

  • SNMP IMPORT INVENTORY

✓ Date range: audited actions can be filtered according to of the dates on which they have been registered.For this purpose, a time filter is used for this purpose.

../../_images/2_104f_aggregator_audit-requests-realms-conf-date-range_0-54.png

There are several time criteria already in place for the filtering of actions:

Today: filters and displays only audited actions generated duringthe time period elapsed in today’s day.

Yesterday: shares registered yesterday.

Last 24 hours: actions recorded in the last 24 hours.

Last 48 hours: actions registered in the last 48 hours

Last 7 Days: actions registered in the last seven days.

This Week: actions recorded during the period of time elapsed in the current week (from the start day of the week to the current day).

Previous Week: actions registered in the previous full week(Monday-Sunday).

In case you want to set a specific period of time, there is a the Custom Range option. To set the time frame it is is necessary to set a start date and an end date. By clicking on one of the days, this date will be set as a selection, and it will be marked with a blue background. In addition to the day, it is possible to set a specific time of that day, to do so, use the drop-down menus in the hour, minute and second boxes, until you to set the desired time.

Attention

In order to facilitate and alleviate the query computation capacity, the filtering of items by date range is limited to a maximum of seven days, i.e. the defined range may not be longer than this interval (seven days).

Logically, it is not possible to choose start and end dates after the current date, nor is it possible to set an end date prior to the start date.

Export of the list of items

The two buttons next to the Search bar, CSV and JSON, make it easy to export the data in both formatsfor further processing or use.

../../_images/2_049k_aggregator_realm_assets_hosts-inventory-export-buttons_0-36.png

CSV

By clicking on the corresponding button, a new modal will be opened for selection and marking of parameters to be exported according to the criteria of the the selection and marking of parameters to be exported at the user. The available options are:

  • Date (Required)

  • Realm

  • User (Required)

  • Method

  • Description

  • Affected Item (Required)

  • Details

Once the selection is confirmed, the download of a file in the CSV (Comma Separated Value) format, a very simple format that organises the columns by a separator (semicolon “;”) and the rows by a line break.

JSON

This other option follows the same operation as the previous case, but initiating the download of a file in JSON format (JavaScript Object Notation), a lightweight data interchange format capable of being read by any programming language and therefore be used to exchange information between different technologies.

In both options, the system shall offer the option to select the directory where to download and store the generated inventory fileand assign an alternative name to it.

Administration

In this section you can view all the changes that occur to administration level (and not Realm) in the application, either in the Advanced Configuration Module, Login Control (including failed attempts) or WOCU-Monitoring administration: registration, deletion or modification of Realms, loggers, metrics, user creation and assignment, etc.

../../_images/2_105_aggregator_audit-aggregato-administration_0-56.png

Note

As indicated in the text: Only the first 10000 entries can be shown, only the first 10000 entries will be shown, in order to facilitate and alleviate the query computation capacity.

Columns/ Table fields

The fields at the head of the table are described below:

../../_images/2_105a_aggregator_audit-aggregator-administration-table_0-56.png

✓ Date: date and exact time at which the action was recorded in the system, and consequently a relevant event occurred in the internal functioning and operation of the infrastructure.

✓ User: user profile that has executed the action registered in the infrastructure.

Note

There is a user named System, author of automatic tasks and periodicals managed in the application (launch of Import Tasks (Tasks), new-scheduling, etc.). Assigned when a user does not exist behind the action carried out.

✓ Method: indicates the method used according to the origin or nature of the the audited action. It is categorised as follows:

  • Changes that occur at the database level, i.e. operations performed in the Configuration Module.

    These are:

    • CREATE

    • UPDATE

    • DELETE

  • Audited requests based on HTTP protocol.

    • GET

    • POST

Note

There is a Filter by Method filter to limit the table by HTTP requests (Requests) or database requests for changes in configuration (Changes in configuration).

✓ Affected Item(s): type of asset that the action performed. There are a multitude of types of items stored in the database database (HOST, SERVICES, REPORTS,etc.).

✓ Actions: allows the user to know in detail the characteristics of the action performed on an object.

../../_images/2_105b_aggregator_audit-aggregator-administration-table-action-detail_0-54.png

Note

By clicking on one of the dates followed by the Old or New, a new info box will pop up and provide the full complete. The view also includes a copy-to-clipboard function (action located in the upper right corner), facilitating the process of copying data in a single click.

../../_images/2_105c_aggregator_audit-aggregator-administration-table-copy_0-59.png

Available data filters

Filtering of objects in the table is possible from the following drop-down menus:

✓ User Filter: this selector gathers all the users registered in the infrastructure.After selecting one of them, the table will be filtered with the operations executed only by this profile.

../../_images/2_104d_aggregator_audit-requests-realms-conf-user-filter_0-54.png

✓ Date range: audited actions can be filtered according to of the dates on which they have been registered.For this purpose, a time filter is used for this purpose.

../../_images/2_104f_aggregator_audit-requests-realms-conf-date-range_0-54.png

There are several time criteria already in place for the filtering of actions:

Today: filters and displays only audited actions generated duringthe time period elapsed in today’s day.

Yesterday: shares registered yesterday.

Last 24 hours: actions recorded in the last 24 hours.

Last 48 hours: actions registered in the last 48 hours

Last 7 Days: actions registered in the last seven days.

This Week: actions recorded during the period of time elapsed in the current week (from the start day of the week to the current day).

Previous Week: actions registered in the previous full week(Monday-Sunday).

In case you want to set a specific period of time, there is a the Custom Range option. To set the time frame it is is necessary to set a start date and an end date. By clicking on one of the days, this date will be set as a selection, and it will be marked with a blue background. In addition to the day, it is possible to set a specific time of that day, to do so, use the drop-down menus in the hour, minute and second boxes, until you to set the desired time.

Attention

In order to facilitate and alleviate the query computation capacity, the filtering of items by date range is limited to a maximum of seven days, i.e. the defined range may not be longer than this interval (seven days).

Logically, it is not possible to choose start and end dates after the current date, nor is it possible to set an end date prior to the start date.

Export of the list of items

The two buttons next to the Search bar, CSV and JSON, make it easy to export the data in both formatsfor further processing or use.

../../_images/2_049k_aggregator_realm_assets_hosts-inventory-export-buttons_0-36.png

CSV

By clicking on the corresponding button, a new modal will be opened for selection and marking of parameters to be exported according to the criteria of the the selection and marking of parameters to be exported at the user. The available options are:

  • Date (Required)

  • User (Required)

  • Method

  • Description

  • Affected Item (Required)

  • Details

Once the selection is confirmed, the download of a file in the CSV (Comma Separated Value) format, a very simple format that organises the columns by a separator (semicolon “;”) and the rows by a line break.

JSON

This other option follows the same operation as the previous case, but initiating the download of a file in JSON format (JavaScript Object Notation), a lightweight data interchange format capable of being read by any programming language and therefore be used to exchange information between different technologies.

In both options, the system shall offer the option to select the directory where to download and store the generated inventory fileand assign an alternative name to it.

Aggregator Summary

It is a space designed to provide a comprehensive view of the monitored infrastructure according to the nature, connectivity, and configuration of realms and member assets at the time of the query.

This module stands out for its ability to translate the complexity of the infrastructure into clear and intuitive sectoral graphics, greatly simplifying the interpretation of key data.

Attention

Depending on the location from which the view Aggregator Summary is queried, the data will vary.

If accessed from a specific Realm (section Dashboards), the data is collected from the assets that make up said Realm, if by theOn the contrary, it is accessed from the Settings of the global view, the data covers the entire monitored infrastructure.

Due to its length, the module is divided into four sectionsmain:

../../_images/2_109_aggregator_global_aggregator_summary_0-61.png

Realms

This view is divided into three widgets, whose graphics illustrate the different types of kingdoms (managed in the system) and their connectivity.

../../_images/2_109p_aggregator_summary_realms_0-60.png

Realms and Multirealms

This view is divided into three widgets, whose graphics illustrate the different types of kingdoms (managed in the system) and their connectivity.

Use the legend to identify each typology. For each sector of the graph, the percentage value and total figure is detailed, which simplifies the identification and reading of the graph.

../../_images/2_109a_aggregator_summary_realms_multirealms_widgets_0-60.png

By clicking on one of the sectors of the chart, a new window will pop up with a detailed list of the Kingdoms that make up that typology.

../../_images/2_110_aggregator_summary_realms_multirealms_widgets_0-61.png

The following information is presented in a tabular format:

  • Image: profile image of the Realm, visible on different screens and tool summary panels.

  • Type: indicates the type of the Realm through its representative icon.

  • Name: identifying name of the Realm.

  • Connectivity: indicates the Realm’s connectivity and availability.

Standard Realms and HG Realms

In this ring chart, a distinction is made between Realms based on Hostgroups and standard type Realms, which are being administered on WOCU-Monitoring.

Use the legend to identify each typology. For each sector of the graph, the percentage value and total figure is detailed, which simplifies the identification and reading of the graph.

../../_images/2_109b_aggregator_summary_standars_HG_realms_widgets_0-60.png

By clicking on one of the sectors of the chart, a new window will pop up with a detailed list of the Kingdoms that make up that typology.

../../_images/2_110a_aggregator_summary_standars_HG_realms_widgets_0-61.png

The following information is presented in a tabular format:

  • Image: profile image of the Realm, visible on different screens and tool summary panels.

  • Type: indicates the type of the Realm through its representative icon.

  • Name: identifying name of the Realm.

  • Connectivity: indicates the Realm’s connectivity and availability.

Realms connected and disconnected

In this ring chart, a distinction is made between Realms with connectivity (from the availability perspective) and non-operational Realms, in the absence of communication between the plant devices and WOCU-Monitoring.

This panel takes into consideration all types of Realms managed in the tool, whether they are standard, Hostgroups based or Multi-Realms.

Use the legend to identify each typology. For each sector of the graph, the percentage value and total figure is detailed, which simplifies the identification and reading of the graph.

../../_images/2_109c_aggregator_summary_connection_realms_widgets_0-60.png

By clicking on one of the sectors of the chart, a new window will pop up with a detailed list of the Kingdoms that make up that typology.

../../_images/2_110b_aggregator_summary_connection_realms_widgets_0-61.png

The following information is presented in a tabular format:

  • Image: profile image of the Realm, visible on different screens and tool summary panels.

  • Type: indicates the type of the Realm through its representative icon.

  • Name: identifying name of the Realm.

  • Connectivity: indicates the Realm’s connectivity and availability.

Assets Hosts

This view is divided into six widgets, whose graphics distinguish between monitoring states recorded, devices duplicated by name and IP, and those with disabled checks.

../../_images/2_109q_aggregator_summary_assets_hosts_0-60.png

Host counts by State

In this ring chart, a distinction is made between Hosts based on the monitoring state they are in, in addition to the overall sum of all of them.

Use the legend to identify each typology. For each sector of the graph, the percentage value and total figure is detailed, which simplifies the identification and reading of the graph.

../../_images/2_109d_aggregator_summary_counts_by_state_widgets_0-60.png

By clicking on one of the sectors of the chart, a new window will emerge with the detailed list of Hosts that record that monitoring state.

../../_images/2_110c_aggregator_summary_counts_by_state_widgets_0-61.png

The following information is presented in a tabular format:

  • Type: indicates the type of asset through its representative icon.

  • Name: formal name or identifier of the host..

  • Active Checks Icon: when the Disable Active Checks action is enabled, a forbidden icon (🚫) is displayed, indicating that the active monitoring tasks performed by WOCU-Monitoring are temporarily suspended.

  • Status: reports the current monitoring state of the asset.

  • Address: contains the network or IP address of the host.

  • Last Check: shows the date of the last status check of the host’s monitoring.

  • Duration: indicates the time the device has been available in the system without experiencing downtimes or complete failures.

  • Packs: this field contains a series of tags that provide information about the configured Monitoring Packs.

  • Hostgroups: indicates the hostgroups to which the host belongs.

  • Realm: indicates the Realm to which the asset belongs.

Tops 5 Hosts duplicated by Name

This panel displays hosts duplicated by name using a treemap, which is divided into five blocks of different dimensions. Each rectangular block represents a specific host, and its size varies according to the total number of hosts with the same name. In other words, the larger the block representing a host, the greater the number of duplicate hosts with that name.

../../_images/2_109e_aggregator_summary_tops_5_duplicated_hosts_widgets_0-60.png

Each rectangle in the map includes the name, followed by the total quantity of duplicates. By hovering over one of the blocks, an informative window will appear with the same information.

../../_images/2_110d_aggregator_summary_tops_5_duplicated_hosts_widgets-detail_0-60.png

Furthermore, by clicking on any block, a new window is enabled with the detailed list specifying information for each item.

../../_images/2_110e_aggregator_summary_tops_5_duplicated_hosts_widgets_0-60.png

The following information is presented in a tabular format:

  • Name: name of the duplicated Host.

  • Address: contains the network address or IP address of the Host.

  • Realm: indicates the Realm to which the Host belongs.

Tops 5 Hosts duplicated by IP

This panel displays devices duplicated by IP address using a treemap, which is divided into five blocks of different dimensions. Each rectangular block represents a specific IP address, and its size varies according to the total number of devices that share the same IP. In other words, the larger the block representing an IP address, the greater the number of duplications.

../../_images/2_109f_aggregator_summary_tops_5_duplicated_hosts_ip_widgets_0-60.png

By clicking on one of the sectors of the chart, a new window will emerge with the detailed list of a specific IP:

../../_images/2_110f__aggregator_summary_tops_5_duplicated_hosts_ip_widgets_0-60.png

The following information is presented in a tabular format:

  • Name: name of the Host sharing the IP.

  • Address: contains the network address or duplicated IP address.

  • Realm: indicates the Realm to which the Host with the duplicated IP belongs.

Hosts with checks disabled

In this ring chart, a distinction is made between Devices with enabled and disabled checks, in addition to the overall sum of each type.

../../_images/2_109g_aggregator_summary_hosts_checks_disabled_widgets_0-60.png

Use the legend to identify each type of Host. Additionally, for each sector of the chart, the percentage value and total figure are detailed, which facilitates its identification and reading.

By clicking on one of the sectors of the chart, a new window will emerge with the detailed list of each Host that belongs to one group or another.

../../_images/2_110g_aggregator_summary_hosts_checks_disabled_widgets_0-61.png

The following information is presented in a tabular format:

  • Type: indicates the type of asset through its representative icon.

  • Name: formal name or identifier of the host..

  • Active Checks Icon: when the Disable Active Checks action is enabled, a forbidden icon (🚫) is displayed, indicating that the active monitoring tasks performed by WOCU-Monitoring are temporarily suspended.

  • Status: reports the current monitoring state of the asset.

  • Address: contains the network or IP address of the host.

  • Last Check: shows the date of the last status check of the host’s monitoring.

  • Duration: indicates the time the device has been available in the system without experiencing downtimes or complete failures.

  • Packs: this field contains a series of tags that provide information about the configured Monitoring Packs.

  • Hostgroups: indicates the hostgroups to which the host belongs.

  • Realm: indicates the Realm to which the asset belongs.

Hosts with checks disabled with filter of days

This ring chart represents the total number of Hosts with disabled checks, according to a specific time filter.

The default options are:

  • 1 day

  • 7 days

  • 15 days

  • 30 days

../../_images/2_109h_aggregator_summary_hosts_checks_disabled_with_filters_widgets_0-60.png

Additionally, there is the capability to create and customize new time ranges by adding an integer number. For example: if you enter 100, it will automatically create a new filtering option for 100 days.

../../_images/2_110i_aggregator_summary_selector_0-60.png

By clicking on the chart, a new window will emerge with the detailed list of Hosts whose checks are disabled.

../../_images/2_110h_aggregator_summary_hosts_checks_disabled_with_filters_widgets_0-61.png

The following information is presented in a tabular format:

  • Type: indicates the type of asset through its representative icon.

  • Name: formal name or identifier of the host..

  • Active Checks Icon: when the Disable Active Checks action is enabled, a forbidden icon (🚫) is displayed, indicating that the active monitoring tasks performed by WOCU-Monitoring are temporarily suspended.

  • Status: reports the current monitoring state of the asset.

  • Address: contains the network or IP address of the host.

  • Last Check: shows the date of the last status check of the host’s monitoring.

  • Duration: indicates the time the device has been available in the system without experiencing downtimes or complete failures.

  • Packs: this field contains a series of tags that provide information about the configured Monitoring Packs.

  • Hostgroups: indicates the hostgroups to which the host belongs.

  • Realm: indicates the Realm to which the asset belongs.

Hosts having long-term Problems

In this ring chart, a distinction is made between Hosts in the state of DOWN (fallen) or UNREACHABLE (unknown state), according to a specific time filter.

../../_images/2_109i_aggregator_summary_hosts_with_problems_widgets_0-60.png

The default filtering options are:

  • 15 days

  • 7 days

  • 15 days

  • 30 days

Additionally, there is the capability to create and customize new time ranges by adding an integer number. For example: if you enter 100, it will automatically create a new filtering option for 100 days.

../../_images/2_110i_aggregator_summary_selector_0-60.png

Use the legend to identify each typology. For each sector of the graph, the percentage value and total figure is detailed, which simplifies the identification and reading of the graph.

By clicking on one of the sectors of the chart, a new window will emerge with the detailed list of Hosts that record that monitoring state.

../../_images/2_110j_aggregator_summary_hosts_with_problems_widgets_0-61.png

The following information is presented in a tabular format:

  • Type: indicates the type of asset through its representative icon.

  • Name: formal name or identifier of the host..

  • Active Checks Icon: when the Disable Active Checks action is enabled, a forbidden icon (🚫) is displayed, indicating that the active monitoring tasks performed by WOCU-Monitoring are temporarily suspended.

  • Status: reports the current monitoring state of the asset.

  • Address: contains the network or IP address of the host.

  • Last Check: shows the date of the last status check of the host’s monitoring.

  • Duration: indicates the time the device has been available in the system without experiencing downtimes or complete failures.

  • Packs: this field contains a series of tags that provide information about the configured Monitoring Packs.

  • Hostgroups: indicates the hostgroups to which the host belongs.

  • Realm: indicates the Realm to which the asset belongs.

Services

This view is divided into four widgets, whose graphics distinguish between recorded critical monitoring states and services with disabled checks.

../../_images/2_109r_aggregator_summary_services_0-60.png

Service counts by State

This ring chart distinguishes between Services based on the monitoring state they are in, in addition to the overall sum of all of them.

Use the legend to identify each type of state and the total number of Services that register that state at the time of the query. Additionally, for each sector of the chart, the percentage value and total figure are detailed, which facilitates its identification and reading.

../../_images/2_109j_aggregator_summary_service_counts_by_state_widgets_0-60.png

By clicking on one of the sectors of the chart, a new window will emerge with the detailed list of Services that register that monitoring state.

../../_images/2_110k_aggregator_summary_service_counts_by_state_widgets_0-60.png

The following information is presented in a tabular format:

  • Type: indicates the type of asset through its representative icon. The possible options are:

    • Independent Services: identified with the crossed arrows icon.

    ../../_images/2_030e_aggregator_realm_assets_services-logo_0-36.png

    • Business Process Services (BP Services): identified with the crossed arrows icon framed in a circle.

    ../../_images/2_030f_aggregator_realm_assets_bpservices-logo_0-36.png

  • Host: records the formal identifier of the Host associated with the respective Service.

  • Host Status: reports the current monitoring status of the Host.

  • Service: name of the monitoring Service.

  • Status: informs the current monitoring state of the Service.

  • Last Check: shows the date of the last status check of the host’s monitoring.

  • Duration: indicates the time the device has been available in the system without experiencing downtimes or complete failures.

  • Packs: this field contains a series of tags that provide information about the configured Monitoring Packs.

  • Hostgroups: indicates the hostgroups to which the host belongs.

  • Realm: indicates the Realm to which the asset belongs.

Service with checks disabled

In this ring chart, a distinction is made between Services with enabled checks and disabled checks, in addition to the overall sum of each type.

../../_images/2_109k_aggregator_summary_service_checks_disabled_widgets_0-60.png

Use the legend to identify each type of Service. Additionally, for each sector of the chart, the percentage value and total figure are detailed, which facilitates its identification and reading.

By clicking on one of the sectors of the chart, a new window will emerge with the detailed list of each Service that belongs to one group or another.

../../_images/2_110l_aggregator_summary_service_checks_disabled_widgets_0-60.png

The following information is presented in a tabular format:

  • Type: indicates the type of asset through its representative icon. The possible options are:

    • Independent Services: identified with the crossed arrows icon.

    ../../_images/2_030e_aggregator_realm_assets_services-logo_0-36.png

    • Business Process Services (BP Services): identified with the crossed arrows icon framed in a circle.

    ../../_images/2_030f_aggregator_realm_assets_bpservices-logo_0-36.png

  • Host: records the formal identifier of the Host associated with the respective Service.

  • Host Status: reports the current monitoring status of the Host.

  • Service: name of the monitoring Service.

  • Status: informs the current monitoring state of the Service.

  • Last Check: shows the date of the last status check of the host’s monitoring.

  • Duration: indicates the time the device has been available in the system without experiencing downtimes or complete failures.

  • Packs: this field contains a series of tags that provide information about the configured Monitoring Packs.

  • Hostgroups: indicates the hostgroups to which the host belongs.

  • Realm: indicates the Realm to which the asset belongs.

Service with checks disabled with filter of days

This ring chart represents the total number of Services with disabled checks, according to a specific time filter.

../../_images/2_109l_aggregator_summary_service_checks_disabled_with_filter_widgets_0-60.png

The default options are:

  • 15 days

  • 7 days

  • 15 days

  • 30 days

../../_images/2_110i_aggregator_summary_selector_0-60.png

Additionally, there is the capability to create and customize new time ranges by adding an integer number. For example: if you enter 100, it will automatically create a new filtering option for 100 days.

By clicking on the chart, a new window will emerge with the detailed list of Services whose checks are disabled.

../../_images/2_110n_aggregator_summary_service_checks_disabled_with_filter_widgets.0-60.png

The following information is presented in a tabular format:

  • Type: indicates the type of asset through its representative icon. The possible options are:

    • Independent Services: identified with the crossed arrows icon.

    ../../_images/2_030e_aggregator_realm_assets_services-logo_0-36.png

    • Business Process Services (BP Services): identified with the crossed arrows icon framed in a circle.

    ../../_images/2_030f_aggregator_realm_assets_bpservices-logo_0-36.png

  • Host: records the formal identifier of the Host associated with the respective Service.

  • Host Status: reports the current monitoring status of the Host.

  • Service: name of the monitoring Service.

  • Status: informs the current monitoring state of the Service.

  • Last Check: shows the date of the last status check of the host’s monitoring.

  • Duration: indicates the time the device has been available in the system without experiencing downtimes or complete failures.

  • Packs: this field contains a series of tags that provide information about the configured Monitoring Packs.

  • Hostgroups: indicates the hostgroups to which the host belongs.

  • Realm: indicates the Realm to which the asset belongs.

Service having long-term Problems

In this ring chart, a distinction is made between Services in the state of CRITICAL (down) or UNKNOWN (unknown state), according to a specific time filter.

../../_images/2_109m_aggregator_summary_services_having_long-term_problems_widgets_0-60.png

The default filtering options are:

  • 15 days

  • 7 days

  • 15 days

  • 30 days

Additionally, there is the capability to create and customize new time ranges by adding an integer number. For example: if you enter 100, it will automatically create a new filtering option for 100 days.

../../_images/2_110i_aggregator_summary_selector_0-60.png

By clicking on the chart, a new window will emerge with the detailed list of Services whose checks are disabled.

../../_images/2_110p_aggregator_summary_services_having_long-term_problems_widget_0-60.png

The following information is presented in a tabular format:

  • Type: indicates the type of asset through its representative icon. The possible options are:

    • Independent Services: identified with the crossed arrows icon.

    ../../_images/2_030e_aggregator_realm_assets_services-logo_0-36.png

    • Business Process Services (BP Services): identified with the crossed arrows icon framed in a circle.

    ../../_images/2_030f_aggregator_realm_assets_bpservices-logo_0-36.png

  • Host: records the formal identifier of the Host associated with the respective Service.

  • Host Status: reports the current monitoring status of the Host.

  • Service: name of the monitoring Service.

  • Status: informs the current monitoring state of the Service.

  • Last Check: shows the date of the last status check of the host’s monitoring.

  • Duration: indicates the time the device has been available in the system without experiencing downtimes or complete failures.

  • Packs: this field contains a series of tags that provide information about the configured Monitoring Packs.

  • Hostgroups: indicates the hostgroups to which the host belongs.

  • Realm: indicates the Realm to which the asset belongs.

Host By Packs

This view is divided into two widgets, whose graphics are linked to the use of Monitoring Packs.

../../_images/2_109s_aggregator_summary_host_by_packs_66.png

Hosts with/without Packs configured

In this ring chart, a distinction is made between Hosts with configured Monitoring Packs and those without.

../../_images/2_109n_aggregator_summary_hosts_packs_state_widgets_66.png

Use the legend to identify each type of Host. Additionally, for each sector of the chart, the percentage value and total figure are detailed, which facilitates its identification and reading.

By clicking on one of the sectors of the chart, a new window will emerge with the detailed list of each Host that belongs to one group or another.

../../_images/2_110q_aggregator_summary_hosts_packs_state_widgets_0-60.png

The following information is presented in a tabular format:

  • Name: records the formal identifier of a respective Host.

  • Status: informs the current monitoring state of the Service.

  • Address: contains the network address or IP address of the Host.

  • Packs: list of Monitoring Packs associated with the respective Host.

  • Realm: indicates the Realm to which the asset belongs.

Hosts with specific Pack configured

In this ring chart, the total number of Hosts with a specific Monitoring Pack is represented. To do this, you should use the pack selector, which acts as a filter. Once a specific pack is selected, the chart will update immediately. If, however, there are no configured packs, the selector will appear disabled.

../../_images/2_109o_aggregator_summary_hosts_packs_state_specific_widgets_66.png

Use the legend to know the total number of Hosts with a specific associated pack. Additionally, the chart also details the percentage value and total figure.

By clicking on one of the sectors of the chart, a new window will pop up with a detailed list of the Kingdoms that make up that typology.

../../_images/2_110r_aggregator_summary_hosts_packs_state_specific_widgets_0-60.png

The following information is presented in a tabular format:

  • Name: records the formal identifier of a respective Host.

  • Status: informs the current monitoring state of the Service.

  • Address: contains the network address or IP address of the Host.

  • Packs: list of Monitoring Packs associated with the respective Host.

  • Realm: indicates the Realm to which the asset belongs.

Export and shipping options

There are three options for exporting the displayed data:

Full View Download and Send Options

Download

Download a file with the data of the fifteen widgets, through XLSX and JSON buttons (and formats) located in the function Download located at the top of the global view.

../../_images/2_007w_aggregator_global_aggregator_summary-export_0-61.png
Mail

The system makes it possible to send a report via email, the which collects the data from the fifteen widgets. The Mail dropdown located at the top of the global view has the followingShipping options:

../../_images/2_103_aggregator_global_summary-email_0-61.png

Send Report:

This function allows you to email a report with the activity and status of the monitored infrastructure.

The report can only be sent to the logged-in user. For this, in the Contacts drop-down menu, the account of the currently logged-in user must be selected.

../../_images/2_103a_aggregator_global_summary-email_0-61.png

Schedule Mail:

Through this option it is possible to schedule the regular sending of the reportat the discretion of the user.

../../_images/2_103b_aggregator_global_summary-email_0-61.png

Configurable fields:

  • Schedule name: mnemonic name assigned to the schedule of a report.

  • Contacts: selector of the account receiving the report.

  • Schedule interval: in this block the periodicity is established with the that the report will be generated and sent. To do this, there is a selector with multiple options that depending on which one is selected, will revealconfigurations according to the chosen option.

    Run every day: This option will relaunch the report daily. For your configuration it will be necessary to indicate the hour and minute in which the reportwill be executed and sent every day.

    Run every week: This option will relaunch the report weekly. In your Settings displays a series of selectors:

    • Run at days: to define the launch day or days of the week.

    • Starting at: to set the hour and minute.

    • Presets: predefined configuration selector for generationautomatic reporting. By clicking on one of the available options, youwill automatically set the appropriate settings:

      • Working days: reports will be released only on working days(Mo, Tu, We, Th, Fr).

      • Weekend: reports will be released only on weekends(Sa, Su).

      • Default: this option configures the default launch of reportson Mondays (Mo) and at the time established by the user.

    This way it is possible to establish which days of the week and at what timeexactly the report will be released.

    ../../_images/2_103e_schedule-interval-run-every-week_0-61.png

    Run every month: This option will relaunch the report monthly. In yourconfig, the following selectors are displayed:

    • On day: to indicate the day of the month in which the report will be released. TheNumbers from 1 to 31 represent the days of the month.

    • At: to program the hour and minute in which the report will be launchedevery established day of each month.

    ../../_images/2_103f_schedule-interval-run-every-month_0-61.png

    Attention

    If you select days 29, 30 or 31, they are excluded from the executionthe months with the fewest number of days.

    Run on cron schedule: finally this option allows you to do a configuration as it would be done in Crontab format, giving us all the flexibility that this tool offers us for more explicit cases.

    ../../_images/2_103g_schedule-interval-run-cron_0-61.png

    Important

    To use this option you need to know the tool Crontab format.

And accompanying all the previous options, is the Selector of the time zone, useful for operators who want to schedule reportsapplying a time zone other than the one you are in.

../../_images/2_103h_schedule-interval-tine-zone_0-61.png

Scheduled Mail: All schedules are presented in this viewof existing reports in detail, for management and editingindividual.

../../_images/2_103c_aggregator_global_summary-email_0-61.png

For each programming via email you are informed of:

  • Name: mnemonic name assigned to a report schedule.

  • Receivers: contact recipient of the report via email.

  • Cron: indicates the frequency with which the report will be released,according to Crontab format.

In addition, the actions applicable on each reporting schedule aredescribed below:

  • Edit: action to edit the summary report schedule.The form matches the Schedule interval option of Mail.

../../_images/2_103i_aggregator_global_summary-update-scheduled-mail_0-61.png

  • Delete: action to definitively delete the programmingselected.

../../_images/2_103j_aggregator_global_summary-delete-scheduled-mail_0-61.png

Export of a section

Export and download a file with the data from a specific section through the PDF button (and format) located in the banner of each section.

../../_images/2_109u_aggregator_summary_export_pdf_0-60.png

Export of a widget

Export and download a file with the data from a specific widget through the CSV and JSON buttons (and formats) located in the header of each widget.

../../_images/2_109t_aggregator_summary_export_0-60.png

The exported files condense all the information represented in the widgets into a document that is easy to distribute and analyze.

Filtered by Category Type

Another option is the filtering of panels by category type. A category is a label freely assigned by the user, used for the classification and identification of Realms with some similar trait. Each category is assigned a color and weight.

The categories are represented with visible labels on each Realm panel:

../../_images/2_007s_aggregator_global_aggregator_summary-category_0-59.png

Every category will be visible in the dropdown menu. Upon selecting one of them, the view will be filtered to display panels whose Realm is associated with that category.

../../_images/2_007t_aggregator_global_aggregator_summary-category_0-59.png

Event Correlator

Independent module responsible for predicting mass device failuresmonitored devices that share a common property, defined by the assignment of tags.

This module is accessed from the Settings menu.

../../_images/2_136_event_correlator_access_66.png

The system is based on the definition of rules that allow establishing associations between devices and applying thresholds based on a minimum percentage of devices down during a specific time period. When these conditions are met, the module automatically generates a mass failure event and notifies the relevant users, facilitating an early response and proactive incident management.

The module is organized into two sections:

  • Events: provides a history of the rules that have been triggeredalong with the date and the percentage of downed devices.

../../_images/2_136a_event_correlator_66.png

  • Rules: This is where all the correlation rules are created and managed.correlation rules.

../../_images/2_136b_event_correlator_rules_66.png

Creating and Configuring Rules

Within the Rules section, you can create new correlation rules using the + Add button.

The Create Correlation Rules form will then be displayed with the following configuration fields:

../../_images/2_136c_event_correlator_rules-button-add_66.png

Event Rule Name: name assigned to the rule.

Description: Field intended to add additional information that provides more context about the rule.

Hosts Percentage Threshold: minimum percentage threshold of devices that must be in a Down state for the rule to activate and, consequently, generate a correlation event.

Duration in minutes: minimum time, expressed in minutes, during which a device must remain in the Down state for the rule to be activated and the corresponding correlation event to be generated.

Tags: These constitute the fundamental element of the correlation rule. They are used to define and assign the common attribute that will allow the grouping of devices that share the same tag. A device may have additional tags, but these will be ignored as long as the tags specified in the rule match.

Tags are freely defined following the format name = value (name-value) where:

  • Name corresponds to the name of the attribute or category that you wish to describe.describe.

  • Value corresponds to the specific value assigned to that attribute.

Example: location = datacenter-1

In addition to defining the tag in the correlation rule, the user must assign this tag in the configuration of all devices that share this attribute. This linking can be done from the following locations:

Example

From a set of 10 devices that share the tag Location=Madrid,at least 30% (Hosts Percentage Threshold) must register a Down state for at least 5 minutes (Duration in minutes) in order for the defined thresholds to be exceeded and therefore for a correlation event to be generated.

Event Scope: determines the scope of the rule. The possible options are:

  • Global: executes the correlation rule in all available realms.

  • Realm: Executes the rule only in a specific realm. Selecting this option enables the Realms selector to indicate the corresponding realm.

../../_images/2_136d_event_correlator_rules-realm-selector_66.png

Notification strategy: defines the notification strategy for the event to the contact or group of contacts. The possible options are:

  • All Contacts: notifies all contacts registered in the system.system.

  • Realms Contacts: notifies only contacts with access to the realm selected in the Event Scope parameter.

  • Custom Contacts: Allows you to select one or more contacts in a customized way from the Notify to selector.

../../_images/2_136e_event_correlator_rules-contacts_66.png

Once all the correlation rule parameters have been configured, click the Create button to finalize the process.

Visualization and enabling of correlation rules

All created correlation rules are centralized in the Rules view. From this view, the user can create, edit, pause, and delete rules.

../../_images/2_136b_event_correlator_rules_66.png

The main table shows, for each rule, the following information:information:

Name: Official name of the rule. Clicking on the name displays a detailed view of the rule’s settings. From this view, it is also possible to edit the rule.

../../_images/2_136f_event_correlator_rules_info_view_66.png

The information in this view is more complete, as it offers the following data:the following data:

  • Created at: exact date and time the rule was created.

  • Updated at: exact date and time the rule was created.

  • Name: name assigned to the correlation rule.

  • Description: Descriptive text that provides additional information about the purpose or scope of the rule.

  • Enabled: indicates whether the rule is currently enabled for execution.its execution.

  • Triggered: indicates whether the rule has been triggered (launched) at any recent time, i.e., whether the defined conditions have been met.

  • Last Raise: date and time the rule last generated a correlation event.

  • Last OK: Date and time the rule returned to a normal state(the event was resolved) after being activated.

  • Hosts pct Threshold: Minimum percentage of devices in Down staterequired to activate the rule.

  • Duration minutes: Minimum duration, in minutes, during which the devices must remain in a Down state for the activation conditions to be met.

  • Tags: List of tags configured to group the devices affected by the rule. Each tag represents a common attribute according to the format Name = Value.

  • Event scope: Scope of application of the rule. It can be global or restricted to a specific realm.restricted to a specific realm.

  • Realm name: Name of the realm to which the rule applies, when the selected scope is not global.

  • Realm type: the type of realm to which the rule belongs.

  • Notify strategy: notification strategy defined for sending alerts generated by the rule.

  • Notify to: List of contacts or contact groups that will receive notifications when the rule is activated.

Description: Descriptive text that provides additional information about the purpose or scope of the rule.

Scope: The scope of application of the rule. It can be GLOBAL or restricted to a specific realm (REALM).

Enabled: indicates whether the rule is currently enabled for execution.its execution.

Triggered: Indicates whether the rule has been recently activated, that is, whether the established conditions for its execution have been met.This state is visually represented by the background of the row corresponding to the rule changing to red. The system evaluates rule compliance every minute through an internal task. The triggered state is maintained as long as the percentage of hosts in the Down state does not fall below the configured threshold and until a new check is performed.

Threshold: Minimum percentage of devices in Down state required to activate the rule.

Tags: List of tags configured to group the devices affected by the rule. Each tag represents a common attribute according to the format Name = Value.

Date: date the rule was created.

Actions: actions applicable individually to each rule.

../../_images/2_136g_event_correlator_rules_actions_66.png

The first button contains two actions that allow you to control the state of execution of a rule:

  • Start (▶️) activates the rule when it is stopped. The rule will run again when its conditions are met.

  • Pause (⏸️) temporarily stops the rule. It ceases to execute, but it is not deleted.

  • Delete: action for the permanent deletion of a rule. It is identifiedwith a trash can icon.

Rule filtering

Accompanying the overall list, there is a set of filters to more easily locate a specific rule:

../../_images/2_136k_event_correlator_rules_filters_66.png
Rule Filters

This block allows you to apply quick filters to the list of rules in order to facilitate their consultation and analysis. The available filters are:

  • Triggered: When activated, only the rules that are currently triggered are shown, that is, those whose thresholds have been exceeded and have generated a correlation event.

  • Enabled: When selected, only the rules that are enabled for execution are displayed.

Next, click the Filter button to apply the filtering criteria to the table.

These filters can be activated independently or in combination, allowing the user to adjust the view according to their needs. This is possible because each filter can assume three states, summarized in the following table. Simply check the filter box repeatedly to cycle through the different states.

Status

Icon

Value

Description

Off

The filter is not enabled. The table displays all items by default.default.

True

Filter enabled. The table is updated to show the items that meet the filter condition.

False

Filter enabled. The table is updated, hiding the items that meet the filter condition.

See the following example, where the list hides the rules that are not currently in effect and shows only those that are enabled.

../../_images/2_136h_event_correlator_rules_filters_66.png
Date Range

This filter allows you to retrieve rules based on the date they were created (detailed information in the Date column).

It allows you to choose between different predefined time ranges:

Today: Filters and displays only the rules created during the period of time elapsed today.

Yesterday: rules created yesterday.

Last 24 hours: rules created in the last 24 hours.

Last 48 hours: rules created in the last 48 hours.

Last 7 Days: rules created in the last seven days.

This Week: rules created during the elapsed time period in the current week (from the start of the week to the current day).

Previous Week: generated in the previous full week (from Monday to Sunday).

In case you want to set a specific period of time, there is a the Custom Range option. To set the time frame it is is necessary to set a start date and an end date. By clicking on one of the days, this date will be set as a selection, and it will be marked with a blue background. In addition to the day, it is possible to set a specific time of that day, to do so, use the drop-down menus in the hour, minute and second boxes, until you to set the desired time.

../../_images/3_077d_aggregator_realm_reports_reports_inventory-create-at_0-58.png

Correlation event visualization

The Events section displays an activity history detailing both the activation and deactivation of correlation rules. This history includes the date of each event and the percentage of devices that were down at the time of activation.

../../_images/2_136a_event_correlator_66.png

For each event that occurs, the following information is displayed:

  • Rule: correlation rule that generates an event.

  • Date: the exact moment the rule is activated or deactivated, that is, when the event is triggered. Events are points in time, not ranges.

  • Status: indicates the operational status of the rule using a color code.It is shown in red when the rule is triggered, that is, when the affected devices are down and the threshold has been exceeded; and in green when the devices become available again and therefore the threshold has fallen below the minimum required for the rule to be active.

  • Threshold: Minimum percentage of devices in Down state required to activate the rule.

  • Scope: Specifies the scope of application of the rule. It can be GLOBAL or restricted to a specific realm (REALM).

  • Realm: Name of the realm to which the rule applies, when the selected scope is not global.

  • Affected Hosts: Shows the total number of devices to which the rule applies and how many of them are currently in a Down state. This value allows you to verify if the threshold defined in the rule (Hosts Percentage Threshold) is met.

Event filtering

In addition to the overall list, there is a set of filters to more easily locate a specific event:

../../_images/2_136l_event_correlator-filters_66.png
Is Global

By enabling this checkbox, the list will be filtered to show the rules that have generated an event in any of the realms available in the system, that is, the rules with a global scope will be displayed.

These filters can be activated independently or in combination, allowing the user to adjust the view according to their needs. This is possible because each filter can assume three states, summarized in the following table. Simply check the filter box repeatedly to cycle through the different states.

Status

Icon

Value

Description

Off

The filter is not enabled. The table displays all items by default.default.

True

Filter enabled. The table is updated to show the items that meet the filter condition.

False

Filter enabled. The table is updated, hiding the items that meet the filter condition.
Realm name

If, on the other hand, you want to filter by rules that impact a specific realm, you can use this dropdown menu, where you select a specific realm from the global list.

See the following example, where the listing shows only the rules whose scope corresponds to a realm (i.e., they are not global), in this case, Wocu-devel.

../../_images/2_136j_event_correlator-example-events-filter_66.png
Date Range

This filter allows you to retrieve rules based on the date on which activity was recorded (rule activation/deactivation).

It allows you to choose between different predefined time ranges:

Today: filters and displays only the rules that generated an event during the time period that has elapsed today.

Yesterday: rules that recorded any type of event on the day of yesterday.

Last 24 hours: rules that recorded any type of event in the last 24 hours.

Last 48 hours: rules that recorded any type of event in the last 48 hours.

Last 7 Days: rules that recorded any type of event in the last seven days.

This Week: rules that recorded any type of event during the period of time elapsed in the current week (from the week start day to the current day).

Previous Week: rules that recorded any type of event in the previous full week (Monday to Sunday).

In case you want to set a specific period of time, there is a the Custom Range option. To set the time frame it is is necessary to set a start date and an end date. By clicking on one of the days, this date will be set as a selection, and it will be marked with a blue background. In addition to the day, it is possible to set a specific time of that day, to do so, use the drop-down menus in the hour, minute and second boxes, until you to set the desired time.

../../_images/3_077d_aggregator_realm_reports_reports_inventory-create-at_0-58.png

Next, click the Filter button to apply the filtering criteria to the table.

Issuance of notifications

For each event generated, notifications are issued to the user.

The recipient(s) are configured during the creation of the rule in the Notification strategy field, where you define the notification strategy for the event to a contact or group of contacts.

../../_images/2_136i_event_correlator_rules_notification_66.png

Each email notification includes the essential information about the event generated, in order to facilitate its identification and analysis.

The message details:

  • Rule name: name of the rule that originated the event.

  • Affected hosts: Shows the total number of devices to which the rule applies and how many of them are currently in the Down state.

  • Threshold defined by rule: configured threshold that triggered the emission of the event.

  • Event scope: scope of the event according to the condition defined in the rule.

  • Timestamp: The exact date and time the event was generated.

In this way, the user receives clear information to quickly assess the incident and take appropriate action.