...
Symptoms
- The Device and Domain fields of a transaction show “Unknown” instead of the correct value.
...
Implications
...
Cause
DPOD displays a device or a domain as "Unknown" , the user will not be able to view or filter by the correct device or domain name.
Cause
There are three possible causes:
1. Replacing an existing DPOD installation for a DataPower device
2. when it gets Syslog records from the gateway that contain metadata which does not match that gateway or domain configuration in DPOD.
This might be caused by:
- Reinstalling DPOD
- Adding a new monitored device or domain
...
- An issue in DPOD's
...
...
- agents
- Exporting and importing DataPower domains (including their log targets configuration) between gateways
Resolution
- If you replaced an existing DPOD installation for a DataPower device, go to DPOD’s manage menu, under Devices choose “Monitored Devices”, click the device reinstalled DPOD, make sure to add all the gateways that were previously configured in DPOD.
- Go to Manage → Devices → Gateways, click the gateway and under the “Setup” tab click “Setup Syslog for Device” and “Setup Syslog for all domains”.
The After Syslog Setup is complete, the correct device and domain names will appear in a few minutes. - When adding a new monitored device or domain - wait for 1-2 minutes for DPOD to cache and show the new name.if you didn't
- replace an existing DPOD installation, and didn't add a new device or domain - check the health of the ElasticSearch agent, you may need to reallocate unassigned shards or restart the agent via the CLITo detect an issue is DPOD's agents, Check System Status Using the Web Console. You may need to restart the agents using Admin Console.
To identify which gateways are sending Syslog records to DPOD, you may use the following command in DPOD server:
Code Block language bash theme RDark netstat -nap | grep ":600[0-9][0-9]"
Make sure all IP addresses belong to gateways that are configured properly in DPOD.