Trisul Network Analytics
Developer Zone

User Tools

Site Tools

You are here: Home » Tools » IPDR Watchdog
Trace:
tools:ipdr_watchdog

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
tools:ipdr_watchdog [2024/05/08 19:12] vigneshtools:ipdr_watchdog [2024/05/24 13:06] (current) vignesh
Line 1: Line 1:
 ====== IPDR Watchdog ====== ====== IPDR Watchdog ======
  
 +{{ :tools:ipdr_watchdog_1_.png?200 |}}\\
 **What is the use of this tool ?** **What is the use of this tool ?**
-  Real time IPDR monitoring system that alerts when IPDR is down. And provides the details of the down status in email.+  Real time IPDR monitoring system that alerts when IPDR is down by sending email and syslog. 
 +   
 +**How it works ?** \\ 
 +  * First it checks the Hub-config file present or not  
 +  * Then it get the location of the log file from Hub-config.xml file 
 +  * After getting the location of the file it checks it can open a log file without any permisssion error 
 +  * Also it get the timestamp of latest log entry and compares with the system time to know the log file is latest 
 +  * Then it checks the current log file is new or not.If new then it not checks because the log entries will not be completed yet 
 +  * You can run this script for netflow as well as tap mode. You have to provide this in argument 
 +  * It checks each engine is flushing or not by fetching each engine log entries and checks the flush is not empty  
 +  * If the system is down you receive an alert , likewise if the system is up from down status you will receive an alert  
 +  * The script deliver the alert log to the syslog . You have to configure the email to receive mail.
  
  
 **Procedure before running the script** **Procedure before running the script**
-  * Login as admin+  * Login as admin and go to (profile0 --> email config)
   * [[https://www.trisul.org/docs/ug/reports/emailsettings.html|Configure]] email on trisul server   * [[https://www.trisul.org/docs/ug/reports/emailsettings.html|Configure]] email on trisul server
   * Start the email notification    * Start the email notification 
-  * Log into trisul server and assign a cronjob to run ipdr_watchdog script. +  * Configure alert whom you want to send mail  
 +  * Go to profile0 -> All groups alert -> and click edit option -> change Send to Syslog/Email to Alert  
 +  * Log into trisul server and assign a cronjob to run ipdr_watchdog script or you can run manually
 +<note important>Run cronjob as root user</note>
  
 **Options** **Options**
Line 17: Line 30:
 | -n              2                      No of Engines | | -n              2                      No of Engines |
 | -c           context0                  Context Name  | | -c           context0                  Context Name  |
-| -s           Hostnme of your system   |  Sytem Name    |    +| -s           Hostname of your system  |  Sytem Name    |    
-| -k                    0               |  verbose       |+| -k                    0               |  Verbose       | 
 +| -t                   70                Fixed seconds | 
 +| -r                                  |  Router        | 
 +| -f                                  |  Flow          | 
 +If the trisul is running in netflow mode then run the script with -f option or -r option if it is running with tap mode  
 + 
 + 
 + 
 +<note>The verbose argument will send syslog if the system is running . But doesn't send mail </note> 
 + 
 + 
 +**Examples Using cronjob**  \\ 
 + 
 + * /10* * * * /usr/local/share/trisul-hub/ipdr_watchdog.sh \\ 
 + 
 +** When the IPDR down you get this type of syslog ** 
 + 
 +  May  9 05:55:01 IPDR-TESTING trisul_flushd: Alert:probe0:context0:1715234100:0,0,0,0,0,IPDRUP:mailsubject:Trisul IPDR Alert System DOWN IPDR TESTING:mailsubjectUser ,Last flush time : (Thu May  9 05:55:00 AM UTC 2024) 
 + 
 +** When you assign a cronjob with -k argument you will get this syslog if the system is running** \\ 
 +  May  9 07:12:01 IPDR-TESTING infod: IPDR-TESTING  RUNNING
  
-**Examples**  \\ +** When your system is started after the down stauts you will get this syslog ** \\ 
- * /10* * * * /usr/local/share/trisul-hub/ipdr_watchdog.sh  +  May  9 05:55:01 IPDR-TESTING trisul_flushd: Alert:probe0:context0:1715234100:0,0,0,0,0,IPDRUP:mailsubject:Trisul IPDR Alert System UP IPDR TESTING:mailsubjectUser ,Last flush time : (Thu May  9 05:55:00 AM UTC 2024) 
- \\ **or** \\ +<note>When you start the IPDR system after the IPDR-DOWN then you will be notified through mail that IPDR is up</note>
- you can run without cronjob to get the current status of IPDR ./ipdr_watchdog.sh+
  
 +**Examples without using cronjob**  \\
 +/usr/local/share/trisul-hub/ipdr_watchdog.sh /ipdr_watchdog.sh \\
 +{{:tools:output1.png?400|}}
  
  
tools/ipdr_watchdog.1715175744.txt.gz · Last modified: 2024/05/08 19:12 by vignesh