Marwatch System Guide

Total Page:16

File Type:pdf, Size:1020Kb

Marwatch System Guide MARWATCH SYSTEM GUIDE RELEASE 5.0 MarWatch System Guide, Release 5.0 Introduction Notice The information contained in this document is believed to be accurate in all respects but is not warranted by Martello Technologies Corporation. The information is subject to change without notice and should not be construed in any way as a commitment by Martello Technologies or any of its affiliates or subsidiaries. Martello Technologies and its affiliates and subsidiaries assume no responsibility for any errors or omissions in this document. Revisions of this document or new editions of it may be issued to incorporate such changes. No part of this document can be reproduced or transmitted in any form or by any means - electronic or mechanical - for any purpose without written permission from Martello Technologies Corporation. Trademarks MarWatch™, Martello Technologies, and the Martello Technologies logo are trademarks of Martello Technologies Corporation. Windows and Microsoft are trademarks of Microsoft Corporation. Other product names mentioned in this document may be trademarks of their respective companies and are hereby acknowledged. © Copyright 2015 Martello Technologies Corporation, all rights reserved. May 25, 2015 Page 2 of 163 MarWatch System Guide, Release 5.0 Introduction Table of Contents Introduction ............................................................................................................................................ 7 Documentation Conventions ................................................................................................................... 7 What’s New in this Release..................................................................................................................... 8 Updated User Interface ........................................................................................................................... 8 Multi-Tenant Access Levels and Branding ................................................................................................ 8 Editable Naming ...................................................................................................................................... 8 Dynamic Searching .................................................................................................................................. 8 Expanded Remote IP Testing Tools .......................................................................................................... 8 Improved Alerting and Reporting............................................................................................................. 9 Widescreen KPI Dashboard...................................................................................................................... 9 Integration APIs ....................................................................................................................................... 9 MarWatch Overview............................................................................................................................. 10 MarWatch Architecture ......................................................................................................................... 10 MarWatch Capabilities .......................................................................................................................... 10 User Interface........................................................................................................................................ 11 Supported Browsers .............................................................................................................................. 11 Supported Devices................................................................................................................................. 11 Fault and Performance Monitoring ........................................................................................................ 12 Alarming and Alerting ............................................................................................................................ 14 Remote Access ...................................................................................................................................... 15 Reporting .............................................................................................................................................. 15 Optional Features .................................................................................................................................. 16 MarWatch System Data Model .............................................................................................................. 17 MarWatch User Interface ..................................................................................................................... 21 Login Page ............................................................................................................................................. 21 Dashboards ........................................................................................................................................... 21 Dashboard Context ................................................................................................................................ 22 Expanded Views and Context Sensitive Help .......................................................................................... 23 Search Capabilities ................................................................................................................................ 24 Alarm Summary and Display Filtering .................................................................................................... 24 Breadcrumbs ......................................................................................................................................... 25 Menu Items ........................................................................................................................................... 26 User Menu ............................................................................................................................................ 26 Planning Ahead ..................................................................................................................................... 27 Small Organizations ............................................................................................................................... 27 Large Organizations ............................................................................................................................... 27 Service Providers ................................................................................................................................... 28 May 25, 2015 Page 3 of 163 MarWatch System Guide, Release 5.0 Introduction Getting Started and MarWatch System Administration........................................................................ 30 Initial Log In and Changing your Password ............................................................................................. 30 Adding Containers ................................................................................................................................. 30 Adding Users ......................................................................................................................................... 31 Adding Devices ...................................................................................................................................... 32 Adding Device Licenses .......................................................................................................................... 33 MarWatch Alarms and Alerts................................................................................................................ 35 MarWatch Alarm Categories.................................................................................................................. 35 Alarm Severity Levels............................................................................................................................. 35 Alarm Management............................................................................................................................... 36 Hiding Alarms ........................................................................................................................................ 36 Alarm Filtering ....................................................................................................................................... 36 Advanced Alarm Display Capabilities ..................................................................................................... 37 Alert Profiles ......................................................................................................................................... 38 Threshold Alarm Management .............................................................................................................. 40 MarWatch Reporting ............................................................................................................................ 47 Quick Queries ........................................................................................................................................ 47 Generating Reports ............................................................................................................................... 52 Exporting Queries and Reports .............................................................................................................
Recommended publications
  • Fortianalyzer
    Network diagnose fortilogd Device message rate msgrate-device Network Troubleshooting diagnose fortilogd msgrate-type Message rate for each log type execute ping [host] Ping utility execute traceroute [host] Traceroute utility diag sniffer packet <interface> Packet sniffer Disk <filter> <level> <timestamp> Disk / RAID / Virtual Disk config system fortiview settings Resolve IP address to hostname set resolve-ip enable config system locallog disk setting What happens with oldest logs set diskfull nolog / overwrite Logging diagnose system raid [option] RAID information status, hwinfo, alarms Log Forwarding diagnose system disk [option] Disk information info, health, errors, attributes CHEATSHEET config system log-forward edit log-aggregation <id> For virtual machines: provides a list of Forwarding logs to FortiAnalyzer / execute lvm info available disks aggregation-client set mode Syslog / CEF <realtime, execute lvm extend <disk nr.> For virtual machines: Add disk FORTIANALYZER FOR 6.0 aggregation, disable> config system Configure the FortiAnalyzer that receives © BOLL Engineering AG, FortiAnalyzer Cheat Sheet Version 1.1 / 08.02.2019 log-forward-service logs ADOM set accept-aggregation enable ADOM operation Log Backup config system global ADOM settings set adom-status [en/dis] Enable or disable ADOM mode General execute backup logs config system global Set ADOM mode to normal or advanced / Default device information <device name | all> for VDOMs) <ftp | sftp | scp> <server ip> Backup logs to external storage set adom-mode [normal/advanced]
    [Show full text]
  • Introduction to UNIX at MSI June 23, 2015 Presented by Nancy Rowe
    Introduction to UNIX at MSI June 23, 2015 Presented by Nancy Rowe The Minnesota Supercomputing Institute for Advanced Computational Research www.msi.umn.edu/tutorial/ © 2015 Regents of the University of Minnesota. All rights reserved. Supercomputing Institute for Advanced Computational Research Overview • UNIX Overview • Logging into MSI © 2015 Regents of the University of Minnesota. All rights reserved. Supercomputing Institute for Advanced Computational Research Frequently Asked Questions msi.umn.edu > Resources> FAQ Website will be updated soon © 2015 Regents of the University of Minnesota. All rights reserved. Supercomputing Institute for Advanced Computational Research What’s the difference between Linux and UNIX? The terms can be used interchangeably © 2015 Regents of the University of Minnesota. All rights reserved. Supercomputing Institute for Advanced Computational Research UNIX • UNIX is the operating system of choice for engineering and scientific workstations • Originally developed in the late 1960s • Unix is flexible, secure and based on open standards • Programs are often designed “to do one simple thing right” • Unix provides ways for interconnecting these simple programs to work together and perform more complex tasks © 2015 Regents of the University of Minnesota. All rights reserved. Supercomputing Institute for Advanced Computational Research Getting Started • MSI account • Service Units required to access MSI HPC systems • Open a terminal while sitting at the machine • A shell provides an interface for the user to interact with the operating system • BASH is the default shell at MSI © 2015 Regents of the University of Minnesota. All rights reserved. Supercomputing Institute for Advanced Computational Research Bastion Host • login.msi.umn.edu • Connect to bastion host before connecting to HPC systems • Cannot run software on bastion host (login.msi.umn.edu) © 2015 Regents of the University of Minnesota.
    [Show full text]
  • Linux Pocket Guide.Pdf
    3rd Edition Linux Pocket Guide ESSENTIAL COMMANDS Daniel J. Barrett 3RD EDITION Linux Pocket Guide Daniel J. Barrett Linux Pocket Guide by Daniel J. Barrett Copyright © 2016 Daniel Barrett. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebasto‐ pol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promo‐ tional use. Online editions are also available for most titles (http://safaribook‐ sonline.com). For more information, contact our corporate/institutional sales department: 800-998-9938 or [email protected]. Editor: Nan Barber Production Editor: Nicholas Adams Copyeditor: Jasmine Kwityn Proofreader: Susan Moritz Indexer: Daniel Barrett Interior Designer: David Futato Cover Designer: Karen Montgomery Illustrator: Rebecca Demarest June 2016: Third Edition Revision History for the Third Edition 2016-05-27: First Release See http://oreilly.com/catalog/errata.csp?isbn=9781491927571 for release details. The O’Reilly logo is a registered trademark of O’Reilly Media, Inc. Linux Pocket Guide, the cover image, and related trade dress are trademarks of O’Reilly Media, Inc. While the publisher and the author have used good faith efforts to ensure that the information and instructions contained in this work are accurate, the publisher and the author disclaim all responsibility for errors or omissions, including without limitation responsibility for damages resulting from the use of or reliance on this work. Use of the information and instructions contained in this work is at your own risk. If any code samples or other technology this work contains or describes is subject to open source licenses or the intellec‐ tual property rights of others, it is your responsibility to ensure that your use thereof complies with such licenses and/or rights.
    [Show full text]
  • Chapter 10 SHELL Substitution and I/O Operations
    Chapter 10 SHELL Substitution and I/O Operations 10.1 Command Substitution Command substitution is the mechanism by which the shell performs a given set of commands and then substitutes their output in the place of the commands. Syntax: The command substitution is performed when a command is given as: `command` When performing command substitution make sure that you are using the backquote, not the single quote character. Example: Command substitution is generally used to assign the output of a command to a variable. Each of the following examples demonstrate command substitution: #!/bin/bash DATE=`date` echo "Date is $DATE" USERS=`who | wc -l` echo "Logged in user are $USERS" UP=`date ; uptime` echo "Uptime is $UP" This will produce following result: Date is Thu Jul 2 03:59:57 MST 2009 Logged in user are 1 Uptime is Thu Jul 2 03:59:57 MST 2009 03:59:57 up 20 days, 14:03, 1 user, load avg: 0.13, 0.07, 0.15 10.2 Shell Input/Output Redirections Most Unix system commands take input from your terminal and send the resulting output back to your terminal. A command normally reads its input from a place called standard input, which happens to be your terminal by default. Similarly, a command normally writes its output to standard output, which is also your terminal by default. Output Redirection: The output from a command normally intended for standard output can be easily diverted to a file instead. This capability is known as output redirection: If the notation > file is appended to any command that normally writes its output to standard output, the output of that command will be written to file instead of your terminal: Check following who command which would redirect complete output of the command in users file.
    [Show full text]
  • The Linux Command Line Presentation to Linux Users of Victoria
    The Linux Command Line Presentation to Linux Users of Victoria Beginners Workshop August 18, 2012 http://levlafayette.com What Is The Command Line? 1.1 A text-based user interface that provides an environment to access the shell, which interfaces with the kernel, which is the lowest abstraction layer to system resources (e.g., processors, i/o). Examples would include CP/M, MS-DOS, various UNIX command line interfaces. 1.2 Linux is the kernel; GNU is a typical suite of commands, utilities, and applications. The Linux kernel may be accessed by many different shells e.g., the original UNIX shell (sh), the TENEX C shell (tcsh), Korn shell (ksh), and explored in this presentation, the Bourne-Again Shell (bash). 1.3 The command line interface can be contrasted with the graphic user interface (GUI). A GUI interface typically consists of window, icon, menu, pointing-device (WIMP) suite, which is popular among casual users. Examples include MS-Windows, or the X- Window system. 1.4 A critical difference worth noting is that in UNIX-derived systems (such as Linux and Mac OS), the GUI interface is an application launched from the command-line interface, whereas with operating systems like contemporary versions of MS-Windows, the GUI is core and the command prompt is a native MS-Windows application. Why Use The Command Line? 2.1 The command line uses significantly less resources to carry out the same task; it requires less processor power, less memory, less hard-disk etc. Thus, it is preferred on systems where performance is considered critical e.g., supercomputers and embedded systems.
    [Show full text]
  • Bash Guide for Beginners
    Bash Guide for Beginners Machtelt Garrels Garrels BVBA <tille wants no spam _at_ garrels dot be> Version 1.11 Last updated 20081227 Edition Bash Guide for Beginners Table of Contents Introduction.........................................................................................................................................................1 1. Why this guide?...................................................................................................................................1 2. Who should read this book?.................................................................................................................1 3. New versions, translations and availability.........................................................................................2 4. Revision History..................................................................................................................................2 5. Contributions.......................................................................................................................................3 6. Feedback..............................................................................................................................................3 7. Copyright information.........................................................................................................................3 8. What do you need?...............................................................................................................................4 9. Conventions used in this
    [Show full text]
  • Multiping Version 3 Product Manual
    MultiPing version 3 Product Manual (c) 2002, 2014 Nessoft, LLC MultiPing (c) 2002, 2014 Nessoft, LLC All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including photocopying, recording, taping, or information storage and retrieval systems - without the written permission of the publisher. Products that are referred to in this document may be either trademarks and/or registered trademarks of the respective owners. The publisher and the author make no claim to these trademarks. While every precaution has been taken in the preparation of this document, the publisher and the author assume no responsibility for errors or omissions, or for damages resulting from the use of information contained in this document or from the use of programs and source code that may accompany it. In no event shall the publisher and the author be liable for any loss of profit or any other commercial damage caused or alleged to have been caused directly or indirectly by this document. Printed: August 2014 Special thanks to: Publisher All the people who contributed to this documention and to the Nessoft, LLC PingPlotter software. Managing Editor Special recognition to: Pete Ness Pierre Schwab Technical Editor Tom Larrow Jeff Murri Jenna Clara Andrea, D.D., Nina Mele Cam M. Larry M. Contents I Table of Contents Part I Welcome 2 Part II Support / Help 4 Part III Licensing 6 Part IV Getting Started 8 1 Things .t.o.. .d..o.. .w...i.t.h.. .M..u..l.t.i.P...i.n..g.
    [Show full text]
  • Traceroute Is One of the Key Tools Used for Network Troubleshooting and Scouting
    1 Introduction Traceroute is one of the key tools used for network troubleshooting and scouting. It has been available since networking's early days. Because traceroute is based on TTL header modification, it crafts its own network packets. The goal of this assignment is to re-implement a traceroute with cutting edge techniques designed to improve its scouting capabilities and bypass SPI firewalls. In this assignment you will learn about packet injection and sniffing. The assignment also teaches about more subtle topics such as network latency, packet filtering, and Q.O.S. 1.1 Instructions This project has to be completed sequentially as each part depends on the previous ones. The required coding language is C. You should consider using libnet [1] and libpcap [2], however using raw sockets is permitted as well. Note that the exercises become progressively more difficult, with Exercise 5 likely to consume the greatest amount of effort. 1.2 Submission and Grading To compile your project, the script will use the command make, executed in the project directory. Then it will launch our tests, using an executable name "traceng" you have to make sure your make file results in this executable name, in the same project directory. Make sure that the command line options and the output format are correctly implemented as they will be used by our script during the grading process. Specific examples of how we are going to test your executable are provided later in this document, for each exercise. Your project directory should also contain a file called README which is text file describing the highlights of your solution to each exercise anything special that you did, information required in the specific exercise, what is the most interesting thing you learned in the exercise, and anything else we need to take into account.
    [Show full text]
  • The Bioinformatics Lab Linux Proficiency Terminal-Based Text Editors Version Control Systems
    The Bioinformatics Lab Linux proficiency terminal-based text editors version control systems Jonas Reeb 30.04.2013 “What makes you proficient on the command line?” - General ideas I Use CLIs in the first place I Use each tool for what it does best I Chain tools for more complex tasks I Use power of shell for small scripting jobs I Automate repeating tasks I Knowledge of regular expression 1 / 22 Standard tools I man I ls/cd/mkdir/rm/touch/cp/mv/chmod/cat... I grep, sort, uniq I find I wget/curl I scp/ssh I top(/htop/iftop/iotop) I bg/fg 2 / 22 Input-Output RedirectionI By default three streams (“files”) open Name Descriptor stdin 0 stdout 1 stderr 2 Any program can check for its file descriptors’ redirection! (isatty) 3 / 22 Input-Output RedirectionII Output I M>f Redirect file descriptor M to file f, e.g. 1>f I Use >> for appending I &>f Redirect stdout and stderr to f I M>&N Redirect fd M to fd N Input I 0<f Read from file f 4 / 22 Pipes I Forward output of one program to input of another I Essential for Unix philosophy of specialized tools I grep -P -v "^>" *.fa | sort -u > seqs I Input and arguments are different things. Use xargs for arguments: ls *.fa | xargs rm 5 / 22 Scripting I Quick way to get basic programs running I Basic layout: #!/bin/bash if test"$1" then count=$1 else count=0 fi for i in {1..10} do echo $((i+count)) let"count +=1" done 6 / 22 Motivation - “What makes a good text editor” I Fast execution, little system load I Little bandwidth needed I Available for all (your) major platforms –> Familiar environment I Fully controllable via keyboard I Extensible and customizable I Auto-indent, Auto-complete, Syntax highlighting, Folding, ..
    [Show full text]
  • Ongoing Software Development Projects Under Linux/QNX
    Ongoing Software Development Projects under Linux/QNX 1. CCD Image acquistion software under Linux i) Gtk version( 2.0 ) ii) IDL version (6.3) -V.Arumugam, A.V.Ananth 2. Software development under QNX REAL-TIME O.S. Although our efforts are for CONTROL applications specifically for HAGAR, as an initial step we have tried CCD image acquistion software development in QNX to familiarise with various features like Photon Application Builder(PhAB), Resource Manager, Process Manager etc. -V.Arumugam, A.V.Ananth 3. Distributed Telescope control system for 30” telescope at VainuBappu Observatory.The approach we have planned is similar to that of 2 Mtr. Telescope.The advantage of this is scheme is its enoromous flexibility in implementation in the sense ,that different sub-systems could be modified/implemented at different points of time without substantially modify software related to other sub-systems.Also back-ends can also communicate with the telescope and other sub-systems if required to tap information. -V.Arumugam, A.V.Ananth, KavithaPathak, Faseehana, Anbazhagan CCD Image acquisition software under Linux i) Gtk version (2.0) ii) IDL version (6.3) MODEL : It is a Client/Server Design where the Server can be local or at remote site and client accesses the server on LAN/WAN. Applicability : This software intended for 2Kx2K TEK chip and 2Kx4K Marconi chip. Can be used with a little modification for any other sensor in future if appropriate Hardware modifications are made for the existing controller. Drawbacks : As linux and gtk/genome are freely available software and are continuously being modified their version keep changing and hence maintenance of camera software is a hectic task.
    [Show full text]
  • Ipv6 Cheat Sheet
    Internet Protocol Version 6 (IPv6) Basics Cheat Sheet IPv6 Addresses by Jens Roesen /64 – lan segment, 18,446,744,073,709,551,616 v6 IPs IPv6 quick facts /48 – subscriber site, 65536 /64 lan segments successor of IPv4 • 128-bit long addresses • that's 296 times the IPv4 address space • that's 2128 or 3.4x1038 or over 340 /32 – minimum allocation size, 65536 /48 subscriber sites, allocated to ISPs undecillion IPs overall • customer usually gets a /64 subnet, which yields 4 billion times the Ipv4 address space • no need for network address translation (NAT) any more • no broadcasts any more • no ARP • stateless address 2001:0db8:0f61:a1ff:0000:0000:0000:0080 configuration without DHCP • improved multicast • easy IP renumbering • minimum MTU size 1280 • mobile IPv6 • global routing prefix subnet ID interface ID mandatory IPsec support • fixed IPv6 header size of 40 bytes • extension headers • jumbograms up to 4 GiB subnet prefix /64 IPv6 & ICMPv6 Headers IPv6 addresses are written in hexadecimal and divided into eight pairs of two byte blocks, each containing four hex IPv6 header digits. Addresses can be shortened by skipping leading zeros in each block. This would shorten our example address to 0 8 16 24 32 2001:db8:f61:a1ff:0:0:0:80. Additionally, once per IPv6 IP, we can replace consecutive blocks of zeros with a version traffic class flow label double colon: 2001:db8:f61:a1ff::80. The 64-bit interface ID can/should be in modified EUI-64 format. A MAC 00 03 ba 24 a9 6c payload length next header hop limit 48-bit MAC can be transformed to an 64-bit interface ID by inverting the 7th (universal) bit and inserting a ff and fe byte after rd source IPv6 address the 3 byte.
    [Show full text]
  • DDOS Detection and Denial Using Third Party Application in SDN
    International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS-2017) DDOS Detection and Denial using Third Party Application in SDN Roshni Mary Thomas Divya James Dept. of Information Technology Dept. of Information Technology Rajagiri School of Engineering & Technology Rajagiri School of Engineering & Technology Ernakulam, India Ernakulam, India [email protected] [email protected] Abstract— Software Defined Networking(SDN) is a developing introduced i.e, Software Defined Networking (SDN). Software area where network managers can manage the network behavior Defined Networking (SDN) is a developing area where it programmatically such as modify, control etc. Using this feature extract the limitations of traditional network which make we can empower, facilitate or e network related security networking more uncomplicated. In SDN we can develop or applications due to the its capacity to reprogram the data plane change the network functions or behavior program. To make at any time. DoS/DDoS attacks are attempt to make controller the decision where the traffic needs to send with the updated functions such as online services or web applications unavailable to clients by exhausting computing or memory resources of feature SDN decouple the network planes into two. servers using multiple attackers. A DDoS attacker could produce 1. Control Plane enormous flooding traffic in a short time to a server so that the 2. Data Plane services provided by the server get degraded. This will lose of In control plane we can add update or add new features customer support, brand trust etc. to improve the network programmatically also we can change To detect this DDoS attack we use a traffic monitoring method the traffic according to our decision and in updated traffic are iftop in the server as third party application and check the traffic applied in data plane.
    [Show full text]