Configuration#

Overview#

admin-users-only

The Insights Dashboard Configuration page, accessible only to admin users, provides several options for configuring and administering application functionality.

Note

To access this page, log in as an admin user, then click the System Configuration (Cog icon) to open the admin menu, then select Configuration.

You can select the following tabs on this page:

Archive#

The Archive tab configures archiving (backup) settings for the Insights Dashboard application.

../../../_images/dashboard-configuration-settings-archive.png

You can select the following tabs on this page:

Dashboard Backup#

This tab displays the Dashboard backup settings. The settings are read-only, for informational purposes only.

This Archive group contains the Dashboard configuration settings (assets, licensing), user permissions settings (LDAP), and NDX files.

The backup excludes data from the specific Broadsoft data store, along with definition data and files. Broadsoft definitions and definition files each have their own separate Archive group.

Dashboard Files#

Read-only, Dashboard files archive group settings. This archive group will archive all Dashboard settings. This includes all user created definition files, mappings, color palettes, user configs, schedules, and dashboards.

../../../_images/analytics-configuration-dashboard-files.png

Definitions Data#

Read-only, Dashboard definitions archive group settings. This archive group backs up all User Search Definitions data in the database tables. This is the data that drives the widgets.

../../../_images/analytics-configuration-definitions-data.png

Ndx#

This archive group manages Ndx files. The default for monthsKept is 6 months.

../../../_images/VAA-config-ndx-file-retention-times.png

Netflow Definitions Data#

The NetFlow definitions data archive group backs up all Netflow Definitions data, which is the data that drives the widgets. These are read-only settings, for information purposes only.

analytics-configuration-netflow-definitions-data

Remote Storage#

This tab allows you to configure remote archiving of the system backup files, if you’ve chosen standard / local storage in the setup.

Each archive group produces one or many archive files. The system can be configured to scp these archive files to a backup location or to another VOSS Insights system.

The archives can be sent to a separate backup location (SFTP-server, SCP or remote synced to another Dashboard).

The table describes settings on this tab:

archive_interval

Choose a schedule, either Daily, Weekly, or Monthly.

method

Choose a method. Either of the following:

  • scp: System will copy archives to a remote location. Scp is not a sync. To reduce load on system and network, system only copies new / changing archives over to the scp location.

  • sftp: System will copy archives to a remote location. Sftp is not a sync. To reduce load on system and network, system only copies new / changing archives over to the sftp location.

  • rsync: System will sync the archive directory to remote system. The remote system must have rsync installed for this to work.

  • rsyncToArb: System will sync the archives directory to a remote Dashboard. This utilizes the rsync protocol so both Dashboards will always be in sync.

IP location

The IP address. Also add username and password.

destination

The path on the remote server to the folder where backups are to be stored.

monthsKept

Choose how long to retain the backup.
../../../_images/analytics-configuration-remote-storage.png

Related Topics

DS9#

This tab configures settings for DS9.

For details, refer to DS9 Configuration on the Dashboard

DS9 Flow Summary#

This tab displays and configures DS9 NetFlow summary status, options for detection of applications, internal subnets, and NetFlow, and port filtering.

Import#

This tab allows you to import data into the system from a .csv file.

Note

Only csv file imports are supported.

File import allows you to manually add data that can be used in various contexts within the VOSS Insights platform. An example could be specific costs associated with calling functions.

../../../_images/analytics-configuration-import.png

Import- Date Range Mapping

This setting allows you to import in a list of named date ranges (for example: Fiscal Quarters that may not align to standard calendar quarters, etc.).

If a date range mapping is imported, the Dashboard GUI allows you to change the Dashboard calendar by the imported date range name. Multiple named date ranges may be provided. Only dates are currently supported. The times for the entire day will be used (midnight to midnight).

Select a file to be imported then click IMPORT.

Note the instructions on this page around formatting rules for the .csv file.

CSV file to import. The CSV should adhere to the CSV RFC https://www.ietf.org/rfc/rfc4180.txt.
Additionally, there are two more requirements. First, the first line of the CSV must contain the
desired names for each CSV placement. Secondly, the second line of the CSV must contain the desired
types for each CSV placement. Use 'integer', 'float', or 'string'. The normal CSV data can then start
on lines 3 and above. Inherently a CSV file does not describe the names or types of each CSV placement.
This is required so the system can create the proper database table and store the data appropriately.
Failure to include these two lines will result in a failure to import in the CSV data.
../../../_images/analytics-configuration-import-date-range-mapping.png

Once imported, you can use the date range drop down to cycle through and select the custom dates.

analytics-choose-date-range

LDAP#

The system uses a local LDAP server to store user information. The system also supports authenticating with an external Microsoft Active Directory server. If an external Microsoft AD is used, the system will automatically sync all users locally. Local user accounts are necessary to set specific system privileges. Please note that Microsoft AD passwords are never stored locally. Authentication always occurs with external Microsoft AD. Once authenticated, the system allows the user access based on the user’s local system privileges. In order to properly configure this screen, the customer administrator must have an in-depth knowledge of the customer’s Microsoft AD architecture. Improper configuration may cause too little or too many users in the system.

../../../_images/analytics-configuration-ldap.png

The auto_sync_always_clean option can be set to clear user dashboards before sync.

../../../_images/VAA-always-clean.png

Sendmail#

Although the system has Sendmail built in, this tab allows for specific configuration changes to allow the system to interface with specific customer mail functions.

For example, you can set up an alternative IP address, in the sendmail_from_host field, to define the IP address used in email reports. This is useful where Dashboard systems may have multiple network interfaces, especially if end-users cannot access the Dashboard system’s default IP address. Emailed report recipients will find the IP address you configure here, in the email notification they receive for the report.

Note

All settings on this tab are optional.

../../../_images/analytics-configuration-sendmail.png

Related Topics

SNMP#

This tab allows the system to be configured to work with SNMP v3. It allows you to select the specific authentication and encryption methods to be utilized.

../../../_images/analytics-configuration-snmp.png

Syslog#

This tab configures the IP address of your central syslog server.

The system can send out syslog messages about several of the internal functions, including backup and archival success.

This is a system-wide setting. If an IP address is specified, the system will send any internal messages onto the specified syslog server. Only one central syslog server can be specified at this time. Please validate firewall settings are open to allow incoming messages on the specified IP address and port.

../../../_images/analytics-configuration-syslog.png

VOSS#

This tab configures the setup for VOSS Mongo database.

../../../_images/dashboard-config-voss.png

VPN#

The system can be connected to another Dashboard/Reporting platform, an Arbitrator Correlation platform, a Windows Forwarder or other client that supports the connectivity. Utilize this screen to set up automated connections to a server or client. The default port utilized is port 1194. Note that the screen selections will change based on the context selected (server or client).

analytics-configuration-vpn

VPN Manual#

  • Configuration: Client - Add Server Config: The system allows you to enter a VPN configuration file directly into the system. Just paste the config directly into the bar under the label vpn_config.

    analytics-configuration-vpn-manual-add-server

  • Configuration: Server – Add Client: This screen is used to obtain a VPN Client Configuration file. This will allow connectivity from the Windows Forwarder directly to this server utilizing OpenVPN. There are a few prerequisites:

    1. There must be network connectivity between the Windows Forwarder machine to this server.

    2. The specified OpenVPN port (default port 1194) must be opened on the firewall between this server and the Windows Forwarder IPs.

    3. This server VPN Configuration screen should be configured for server mode.

    analytics-configuration-vpn-manual-add-client

Widget Resources#

This tab allows the auto-creation of a dashboard widget’s resource description for a new table. At a minimum, the IP address and table name should be provided to fetch/create the lxtapi_* definitions. This functionality may also be used to generate dashboards for generic Postgres databases, if the database’s security information is known.

../../../_images/analytics-configuration-widget-resources.png