Differences

This shows you the differences between two versions of the page.

--- tools:ipdr_watchdog [2024/05/09 10:43] – vignesh
+++ tools:ipdr_watchdog [2024/05/24 13:06] (current) – vignesh
@@ Line 1: / Line 1: @@
 ====== IPDR Watchdog ======
+{{ :tools:ipdr_watchdog_1_.png?200 |}}\\
 **What is the use of this tool ?**
   Real time IPDR monitoring system that alerts when IPDR is down by sending email and syslog.
+**How it works ?** \\
+  * First it checks the Hub-config file present or not
+  * Then it get the location of the log file from Hub-config.xml file
+  * After getting the location of the file it checks it can open a log file without any permisssion error
+  * Also it get the timestamp of latest log entry and compares with the system time to know the log file is latest
+  * Then it checks the current log file is new or not.If new then it not checks because the log entries will not be completed yet
+  * You can run this script for netflow as well as tap mode. You have to provide this in argument
+  * It checks each engine is flushing or not by fetching each engine log entries and checks the flush is not empty
+  * If the system is down you receive an alert , likewise if the system is up from down status you will receive an alert
+  * The script deliver the alert log to the syslog . You have to configure the email to receive mail.
 **Procedure before running the script**
-  * Login as admin
+  * Login as admin and go to (profile0 --> email config)
   * [[https://www.trisul.org/docs/ug/reports/emailsettings.html|Configure]] email on trisul server
   * Start the email notification
-  * Log into trisul server and assign a cronjob to run ipdr_watchdog script.
+  * Configure alert whom you want to send mail
+  * Go to profile0 -> All groups alert -> and click edit option -> change Send to Syslog/Email to Alert
+  * Log into trisul server and assign a cronjob to run ipdr_watchdog script or you can run manually.
+<note important>Run cronjob as root user</note>
 **Options**
@@ Line 17: / Line 30: @@
 | -n         |      2                     |  No of Engines |
 | -c         |   context0                 |  Context Name  |
-| -s         |   Hostnme of your system   |  Sytem Name    |
+| -s         |   Hostname of your system  |  Sytem Name    |
-| -k         |            0               |  verbose       |
+| -k         |            0               |  Verbose       |
+| -t         |           70               |  Fixed seconds |
+| -r         |           0                |  Router        |
+| -f         |           1                |  Flow          |
+If the trisul is running in netflow mode then run the script with -f option or -r option if it is running with tap mode
+<note>The verbose argument will send syslog if the system is running . But doesn't send mail </note>
+**Examples Using cronjob**  \\
+ * /10* * * * /usr/local/share/trisul-hub/ipdr_watchdog.sh \\
+** When the IPDR down you get this type of syslog **
+  May  9 05:55:01 IPDR-TESTING trisul_flushd: Alert:probe0:context0:1715234100:0,0,0,0,0,IPDRUP:mailsubject:Trisul IPDR Alert System DOWN IPDR TESTING:mailsubjectUser ,Last flush time : (Thu May  9 05:55:00 AM UTC 2024)
+** When you assign a cronjob with -k argument you will get this syslog if the system is running** \\
+  May  9 07:12:01 IPDR-TESTING infod: IPDR-TESTING  RUNNING
-**Examples**  \\
+** When your system is started after the down stauts you will get this syslog ** \\
- * /10* * * * /usr/local/share/trisul-hub/ipdr_watchdog.sh
+  May  9 05:55:01 IPDR-TESTING trisul_flushd: Alert:probe0:context0:1715234100:0,0,0,0,0,IPDRUP:mailsubject:Trisul IPDR Alert System UP IPDR TESTING:mailsubjectUser ,Last flush time : (Thu May  9 05:55:00 AM UTC 2024)
- \\ **or** \\
+<note>When you start the IPDR system after the IPDR-DOWN then you will be notified through mail that IPDR is up</note>
- you can run without cronjob to get the current status of IPDR ./ipdr_watchdog.sh
+**Examples without using cronjob**  \\
+/usr/local/share/trisul-hub/ipdr_watchdog.sh /ipdr_watchdog.sh \\
+{{:tools:output1.png?400|}}