A10 DNIF health status


#1

Hello Team,

does anyone explain me what it stands for and what will be the cause if below threshold is crossed.

  1. din status
  2. in queue status
  3. out queue status
  4. redis queue status

what will be the query for out queue if DNIF data store connectivity will loss ( out queue >=X value)
what will be the query for DNIF parser error if the in queue size crossed X value.

Regards,
Pravin Singh


#2

Hi @pravin_singh - you can find all the relevant information regarding individual component and its services below:

DNIF COMPONENTS SERVICES INFORMATION

This document describes the details about the services which are running on a various DNIF components.

DATASTORE:

  1. agent79:

This service manages reports building in pdf, xlsx, csv and json as a result of the export queries and the reports.

  1. dataprocessor:

This service is responsible for the picking up the data from the queue and index the data in the Datastore.

  1. datastoreapi:

This service is generally used for running the console which means it will take the data from the datastore and will provide the output on the console.

  1. din:

This service will manage the interprocess communication.

  1. error_collector:

This service will collect the logs with log level errors, i.e. it will collect the centralized logs from all the services.

  1. ilidsapi:

This service manages the communication from the Datastore to Adapter and from Datastore to Correlator.

  1. importstore:

This service is responsible for importing static files into the Datastore.

  1. ingestor:

This service will work as a receiver for the logs processed from the Adapter.

  1. nameserver:

This service is also known as “address manager”. It manages the addresses of all nodes in the cluster.

  1. notifemail:

This service is used for sending alerts related to the module and templates.

  1. celeryds:

This service is also known as a "task manager". It works for the query execution in pipelining(f1, f2, f3,…).

ADAPTER:

  1. config_reporter:

This service will provide the devices and parser from Datastore to the Adapter.

  1. event_parser_processor:

This service will parse the raw data.

  1. httplistener and httpslistener:

This service will accept the data in a JSON format. This service is also used to accept the data from the Detector

  1. netflowv5:

This service is work as a listener specially for the CISCO networking devices.

  1. syslog_listener_tcp:

This service will receive the connection-oriented packets from the various devices on port 514.

  1. syslog_listener_udp:

This service will receive the datagram packets from the various devices on port 514.

  1. wmi 01 and wmi 02:

This service will use for the windows devices to pull the logs, i.e. when there is no third party application used for receiving the logs then we used this service to fetch the logs directly from the devices.

CORRELATOR:

  1. celerycr:

This service is also known as "Task Executer". It executes all the scheduled task.

  1. ilicrapi:

This service is used to manage transport information from Correlator to Datastore.

  1. ilicrscheduler:

This service schedules the reports and alerts and manages the queue.

  1. notifemail:

This service is used for sending alerts related to the module and templates.