Checking data availability on Security Analytics Appliance using CLI command
search cancel

Checking data availability on Security Analytics Appliance using CLI command

book

Article ID: 169604

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

Customer would like to know how to confirm the oldest meta data and capture data on SA from the command line.

  1.  Meta data: The beginning of the light pink area
  2.  Capture data: The beginning of the white area.

Resolution

If you want to see the beginning of the light pink area or the oldest index data on SA from the command line, use this command: 

# walk_space_table_journal | head -4 

Sample: The output will show the the Slot 0 start date as below, 

[root@SA ~]# walk_space_table_journal | head -4 
Space table journal name: /var/lib/solera/meta/space_table_journal_v3 
Entries: 59014 
---- Space table journal contents ---- 
Slot 0 start Wed Mar 22 12:27:13 2017 (1490207233) end Wed Mar 22 12:32:10 2017 (1490207530) iface 3 flags:0 

You may identify the beginning of the white area by running the command "dsmon" then go to Slot Chains, select the capture interface, then it will show as below, the start date/time will be the beginning of the white area.

Powered by Wolken Software