Monitoring
The Monitoring features are a collection of additions available for the DD Engine. These features are configured in the DD Manager.
SNMP monitoring
Apart from the DD Manager, DD Engine can also be accessed on the admin interface, using SNMP. This requires SNMP support to be enabled, which can be configured in the DD Manager.
If SNMP is enabled, the SNMP agent can be contacted on the IP address of the admin interface using port 161. All values are read-only, i.e. SNMP can only be used for monitoring, not for configuration. DD Engine has its own MIB defining the available parameters. The MIB file is available for download from the Advenica Artifactory file share site, see Downloads.
Parameters
The following parameters are predefined and non-configurable:
| Parameter | Value |
|---|---|
| SNMP version | 3 |
| Authentication algorithm | SHA512, digest length 512 bits |
| Privacy algorithm | AES-256, key length 256 bits |
| Security model | USM |
The following parameters are configurable:
| Parameter | Description | Format |
|---|---|---|
| Security level | Enabling SNMP and defining the security level. | Available options: SNMP disabled and Authentication & Privacy |
| Username | Username required when requesting SNMP information from the DD Engine. | String |
| Authentication password | Password used to verify the identity of the user. | String, minimum 16 characters including one number, one upper case and one lower case character. No spaces allowed. |
| Privacy password | Password used to allow encryption of SNMP information. | String, minimum 16 characters including one number, one upper case and one lower case character. No spaces allowed. |
Available OID:s
The following OID:s (and their descendants) are exposed when SNMP monitoring is enabled:
| Name | OID | MIB | Description |
|---|---|---|---|
| system | .1.3.6.1.2.1.1 | SNMPv2-MIB | Standard SNMP objects describing the device |
| hrSystem | .1.3.6.1.2.1.25.1 | HOST-RESOURCES-MIB | Overview of the device's state and resources |
| hrStorage | .1.3.6.1.2.1.25.2 | HOST-RESOURCES-MIB | RAM and hard drive size and current usage statistics |
| hrProcessorTable | .1.3.6.1.2.1.25.3.3 | HOST-RESOURCES-MIB | The average, over the last minute, of the percentage of time this processor was not idle. This OID is a table with one value per processor core, where the hrProcessorFrwID row has been intentionally excluded |
| lmSensors | .1.3.6.1.4.1.2021.13.16 | LM-SENSORS-MIB | Sensor values for temperatures, fan speeds, voltages and other miscellaneous sensors on common mainboards |
| advenicaDDE | .1.3.6.1.4.1.29868.20 | DDE-MIB | DD Engine-specific information |
SNMP forwarding
DD Engine can be configured to forward certain SNMP information, i.e. send SNMP information from Upstream and receive it on Downstream. This enables monitoring of the Upstream DD Engine from the destination network.
SNMP forwarding must be enabled on both Upstream and Downstream to function.
The following parameters are configurable:
| Parameter | Description | Format |
|---|---|---|
| SNMP metrics | If enabled, SNMP metrics will be sent (from Upstream) or received (on Downstream) | Checkbox, check to enable SNMP forwarding |
SNMP metrics forwarding
When SNMP metrics forwarding is enabled, metrics concerning currently configured services on the Upstream DD Engine will be available in the Downstream DD Engine's SNMP agent,
if it's enabled. The forwarded metrics will be available under the advenicaDDERemote object (OID .1.3.6.1.4.1.29868.20.2). See the DD Engine MIB for more information.
SNMP monitoring does not need to be enabled on the Upstream DD Engine to forward SNMP metrics.
Logging
From the DD Engine, log information can be sent to a single external, third party log server, typically not located at the same facility as the DD Engine. The system supports Syslog over UDP, TCP and TLS. Logs can also be exported using Local admin.
Logging can be enabled on both the Upstream and Downstream sections and all system logs generated by both services and DD Engine will be sent to the log server. The configured interface (Admin or Data) will be used to send logs to the log server on either the Admin or Data networks.
Parameters
| Parameter | Description | Format |
|---|---|---|
| Remote log transfer | Enabling remote logging. | Available options: Logging disabled and Transfer logs |
| Remote port | TCP or UDP port number used when transferring logs. | Integer within range 1 - 65535. Default: 514 |
| Remote address | IP address or hostname of the remote server used when transferring logs. If a hostname is entered, an Admin DNS server must be configured in Local admin. | String |
| Protocol | The protocol used when transferring logs. | Available options: UDP, TCP and TLS |
| Interface | Interface (Admin or Data) that will be used to send logs to the remote server. | Available options: Admin and Data |
| Certificate | If TLS is the selected protocol, a CA certificate in PEM file format for the target log server must be supplied and uploaded using the file upload dialogue. Note! Even if the SAN (Subject Alternative Name) field of the certificate contains an IP address, that address cannot be used to to connect to a server. Use hostname for connection and certificate verification. IP address can, however, be used if it is included in the certificate CN (Common Name). | PEM file name |
Log forwarding
DD Engine can be configured to forward generated log events, i.e. send log events from Upstream and receive them on Downstream. This enables log monitoring of the Upstream DD Engine from the destination network.
Log forwarding is disabled by default. When enabled, log events generated by the Upstream DD Engine and configured Upstream services will be sent from Upstream to Downstream. The Upstream logs will be included when exporting device logs, using Local admin, and when Remote log transfer is enabled on Downstream.
Log forwarding must be enabled on both Upstream and Downstream to function.
The following parameters are configurable:
| Parameter | Description | Format |
|---|---|---|
| Logs | If enabled, log events will be sent (from Upstream) or received (on Downstream) | Checkbox, check to enable log forwarding |