IBM DataPower Operations Dashboard contains an extensive set of parameters that let administrators fine-tune the system's behavior to the installation requirements.
The following sections describe these parameters in detail.
...
| Parameter | Category | Default Value | Description |
|---|---|---|---|
| Enable Queries Emails SMTP | Alerts | true | Enable / Disable publishing alerts via SMTP server |
| Enable Queries Emails SMTP WS | Alerts | false | Enable / Disable publishing alerts via Web Service |
| Fields to Ignore in ElasticSearch Response in Alerts | Alerts | doc_count_error_upper_bound,sum_other_doc_count | Field to omit from alert description |
| Enable Queries Output File | Alerts | false | Enable / Disable publishing alerts as file in local file system |
| Syslog Severity Field Value | Alerts | info | Syslog record message level. Possible values: debug, info, notice, warning, err, crit, alert, emerg |
| Alerts Syslog Server Hostname | Alerts | 172.77.77.7 | Syslog server hostname or IP address. |
| Alerts Syslog Server Port | Alerts | 60031 | Syslog server listening port. |
...
Parameter | Category | Default Value | Description |
|---|---|---|---|
From Address | from@example.com | The from address used for the report email. | |
SMTP Host | Email SMTP | smtp.example.com | Destination SMTP host |
SMTP Password | Email SMTP | ******** | Password for logging in to the SMTP host. If no authentication required leave this field empty. |
SMTP Port | Email SMTP | 465 | Destination SMTP host port |
SMTP User | Email SMTP | mailer@example.com | Username for logging in to the SMTP host. If no authentication required leave this field empty. |
| SMTP SSL Enabled | Email SMTP | true | Enable / Disable TLS/SSL |
SMTP WS Endpoint URI | Email SMTP WS | /SMTPSender | Destination URI for sending reports via Web-Service |
SMTP WS Host | Email SMTP WS | localhost | Destination hostname for sending reports via Web-Service |
SMTP WS Port | Email SMTP WS | 8080 | Destination port for sending reports via Web-Service |
SMTP WS Protocol | Email SMTP WS | HTTP | Protocol for accessing the Web-Service host Valid values: HTTP / HTTPS |
SMTP WS User | Email SMTP WS | user | User used for sending reports via Web-Service. This value is sent using HTTP Basic Authentication. |
SMTP WS Password | Email SMTP WS | ******** | Password used for sending reports via Web-Service. This value is sent using HTTP Basic Authentication. |
...
The following parameters control configuration and connection to an LDAP registry, used for role-based security.
All parameters below are mandatory when enabling LDAP role-based security (by switching on the Enable LDAP parameter).
If LDAP RBM is disabled, all these parameters should be left blank.
...
Parameter
...
Category
| Warning |
|---|
The LDAP parameters should not be altered manually and should exactly match the values in the services configuration files. |
Parameter | Category | Default Value | Description |
|---|---|---|---|
| Enable LDAP | LDAP | false |
Valid Values: true / false
| See LDAP Configuration Script | |
| LDAP Connection URLs | LDAP |
| See LDAP Configuration Script | ||
| Enable LDAP Host Name Verification | LDAP | true |
| See LDAP Configuration Script | |
LDAP Connection Name (DN) | LDAP |
LDAP Connection Password | LDAP |
TLS configuration information can be found in LDAP Configuration Script.
Configuration Changes Tracking
DPOD collects data about DataPower configuration changes from its monitored devices. It does this by pulling the complete configuration from the device, and comparing it to the last collected configuration. The parameters below control this mechanism.
...
Parameter
...
Category
...
Default Value
...
Description
...
Interval time to extract all service configuration and compare to last version; In Seconds;
...
ServiceConfig
...
1800
...
Determines how often monitored devices configuration is collected and compared to the last version.
Recommended nterval is at least 900 (15 minutes).
...
Interval number to compress Configuration Table since massive update and delete occurs. Once a day
...
ServiceConfig
...
50
For internal use, do not change unless instructed to do so by product support.
Consult the table on System Services Management for more information about the types of agents in DPOD and the information they collect.
Console UI Appearance
These parameters control the way data is displayed in DPOD's Console UI.
Parameter
Category
Default
Description
Default Full Date Format
Style
MM/dd/yyyy HH:mm:ss.SSS
Full date format
Default Date Format with no Millis
Style
MM/dd/yyyy HH:mm:ss
Full date format, without milliseconds
Default Date Format with no Year
Style
MM/dd HH:mm:ss.SSS
Full date format, without year
Default Short Date Format
Style
MM/dd/yyyy
Short date format
Default Theme (light/dark/elegant)
Style
Light
LDAP Referral (ignore/follow) | LDAP | ignore |
Define handling of JNDI referrals (see javax.naming.Context.REFERRAL for more information).
Valid values are:
- ignore
- follow
- throw
Microsoft Active Directory often returns referrals. Set this parameter to follow If your installation is required to follow them.
Caution: if your DNS is not part of AD, the LDAP client lib might try to resolve your domain name in DNS to find another LDAP server.
LDAP User Name Attribute Name
LDAP
The user attribute name that contains the name of that user (as entered in the login page)
LDAP Group Membership Search Nested
LDAP
true
Search for nested group membership (groups within groups)Search nested group members
The LDAP filter (using LDAP filter syntax) to search for a group by its name, usually by the "cn" attribute, Use {0} as a placeholder for the group name
LDAP Group Name Attribute Name
LDAP
cn
The group attribute name that contains the name of that group
For more information regarding DPOD and LDAP configuration, consult the sections under Configuring LDAP in the Admin Guide.
Monitored Devices Authentication
The following parameters control authentication of monitored DataPower Gateways.
When DPOD collects data from monitored devices, it verifies that these are the correct devices using TLS; The DataPower certificate is authenticated against DPOD’s CA trust store, specified below.
...
Parameter
...
Category
...
Default Value
...
Description
...
false (for new installations v1.0.7+)
true (when upgrading from v1.0.6)
...
TLS Level (TLSv1/TLSv1.1/TLSv1.2)
...
Security
...
TLSv1.2
...
TLS level used to perform authentication
...
CA Trusted Keystore Password
...
Security
...
Trust store password
...
CA Trusted Keystore Full Path and Filename
...
Security
...
/app/java/jre/lib/security/cacerts
...
Trust store full path
...
CA Trusted Keystore Type (JKS/PKCS12)
...
Security
...
JKS
...
Trust store type
| See LDAP Configuration Script | |||
| LDAP User Search Base | LDAP | See LDAP Configuration Script | |
| LDAP User Search Filter | LDAP | See LDAP Configuration Script | |
LDAP User Name Attribute Name | LDAP | ||
| LDAP Group Search Base | LDAP | See LDAP Configuration Script | |
| LDAP Group Membership Search Filter | LDAP | See LDAP Configuration Script | |
LDAP Group Membership Search Nested | LDAP | true | |
| LDAP Group Name Search Filter | LDAP | ||
LDAP Group Name Attribute Name | LDAP | cn |
Monitored Devices Authentication
The following parameters control authentication of monitored DataPower Gateways.
When DPOD collects data from monitored devices, it verifies that these are the correct devices using TLS; The DataPower certificate is authenticated against DPOD’s CA trust store, specified below.
Parameter | Category | Default Value | Description |
|---|---|---|---|
| Local User Registry Enabled | Security | false (for new installations v1.0.7+) true (when upgrading from v1.0.6) | When disabled, DPOD will not store any new user details in local repository to comply with Security complaince requirements (DPOD will not automatically delete any existing user details after changing the value of this parameter) |
TLS Level (TLSv1/TLSv1.1/TLSv1.2) | Security | TLSv1.2 | TLS level used to perform authentication |
CA Trusted Keystore Password | Security | Trust store password | |
CA Trusted Keystore Full Path and Filename | Security | /app/java/jre/lib/security/cacerts | Trust store full path |
CA Trusted Keystore Type (JKS/PKCS12) | Security | JKS | Trust store type |
TLS configuration information can be found in LDAP Configuration Script.
Configuration Changes Tracking
DPOD collects data about DataPower configuration changes from its monitored devices. It does this by pulling the complete configuration from the device, and comparing it to the last collected configuration. The parameters below control this mechanism.
Parameter | Category | Default Value | Description |
|---|---|---|---|
Interval time to extract all service configuration and compare to last version; In Seconds; | ServiceConfig | 1800 | Determines how often monitored devices configuration is collected and compared to the last version. Recommended nterval is at least 900 (15 minutes). |
Interval number to compress Configuration Table since massive update and delete occurs. Once a day | ServiceConfig | 50 | For internal use, do not change unless instructed to do so by product support. |
Consult the table on System Services Management for more information about the types of agents in DPOD and the information they collect.
Console UI Appearance
These parameters control the way data is displayed in DPOD's Console UI.
Parameter | Category | Default | Description |
Default Full Date Format | Style | MM/dd/yyyy HH:mm:ss.SSS | Full date format |
Default Date Format with no Millis | Style | MM/dd/yyyy HH:mm:ss | Full date format, without milliseconds |
Default Date Format with no Year | Style | MM/dd HH:mm:ss.SSS | Full date format, without year |
Default Short Date Format | Style | MM/dd/yyyy | Short date format |
Default Theme (light/dark/elegant) | Style | Light | Light, dark or elegant theme of the console UI screens |
...
| Parameter | Category | Default | Description |
|---|---|---|---|
| Internal Alerts - Check Agents Interval in Seconds | Health | 300 | How often to check whether DPOD's syslog and WS-M agents are up and working |
| Internal Alerts - Check Derby Interval in Seconds | Health | 300 | How often to check whether DPOD's internal database is up and working |
| Internal Alerts - Check Dropped Syslogs Interval in Seconds | Health | 600 | How often to check whether DPOD's syslog agents lost incoming messages |
| Internal Alerts - Check Dropped WS-M Messages Interval in Seconds | Health | 600 | How often to check whether DPOD's WS-M agents lost incoming payloads |
| Internal Alerts - Check ES Interval in Seconds | Health | 300 | How often to check whether DPOD's big data component is up and working |
| Internal Alerts - Check File System Interval in Seconds | Health | 300 | How often to check whether DPOD's filesystem is out of space |
| Internal Alerts - Check Retention Interval in Seconds | Health | 300 | How often to check whether DPOD's internal big data retention process is working |
| Internal Alerts - Check Log Targets Misconfig Interval in Seconds | Health | 43200 | How often to check whether the monitored gateways for misconfigured DPOD log targets |
| Internal Alerts - Send Email on Alert | Health | false | Whether or not to send an Email when a problem was detected by the internal health monitoring |
| Internal Alerts - Email Destination Address for Alerts | Health | No Default | Destination Email address for sending internal health alerts |
| Internal Alerts - Send Syslog on Alert | Health | false | Whether or not to send a Syslog message when a problem was detected by the internal health monitoring |
| Interval in Seconds to Sample Logging Targets | Health | 300 | How often to sample DPOD's log targets in the monitored devices |
| Interval in Seconds to Sample Nodes Health Statistics | Health | 300 | How often to collect statistics on DPOD's big data nodes |
| Interval in Seconds to Monitor Objects Status | Health | 300 | How often to monitor enabled but down objects in the monitored devices |
| Object Status Monitor Class List (All, Default or a Custom List) | Health | Default | By default, the Failed Objects dashboard (under the "explore" menu) displays only common object classes, |
| Interval in Seconds to Sample WSM Agents Statistics | Health | 300 | How often to sample WS-M Agents in the monitored devices |
| Internal Alerts REST API Service Host | Health | localhost | Host name / IP address of the maintenance housekeeping server to save and publish internal alerts. |
| Internal Alerts REST API Service Port | Health | 8084 | Port of the maintenance housekeeping service to save and publish internal alerts. |
...
Custom/Logical Transaction
| Parameter | Category | Default | Description |
|---|---|---|---|
| Allow Monitoring Transactions in Default Domain | Transactions | false | Whether or not the "Support TX in the Default Domain" box will be displayed in the Monitored Devices→Setup page |
| Show Custom Transaction View Selection | Transactions | false | Whether or not the "Custom TX View" checkbox will be displayed in the Product Views |
| Default Transactions Source (syslog/logical) | Transactions | syslog | If the "Custom TX View" is displayed, what will be the default for users on their first sign in. |
| Logical Transaction, Custom String 1 Table Header | Transactions | Custom String 1 | The Table Header and Filter names for "Custom String 1" in the transactions page |
| Logical Transaction, Custom String 2 Table Header | Transactions | Custom String 2 | The Table Header and Filter names for "Custom String 2" in the transactions page |
| Transaction Analysis Level - User Override Path | Transactions | (blank) | Where to take the user override file for the syslog analysis message groups, no value (blank) means there is no override file |
| Transaction Analysis Level - Max TPS | Transactions | Core, MemoryReqRes, B2B, error | The message group names and log level for the Max TPS analysis level, |
| Transaction Analysis Level - More TPS | Transactions | Core, MemoryReqRes, B2B, notice | The message group names and log level for the More TPS analysis level, The last parameter must be a valid log level name (debug, info, notice, warn. error, critic). The values must be comma separated, lower, upper or mixed case are allowed. |
| Transaction Analysis Level - Balanced | Transactions | Core, MemoryReqRes, B2B, MemActionLevel, notice | The message group names and log level for the Balanced analysis level, The last parameter must be a valid log level name (debug, info, notice, warn. error, critic). The values must be comma separated, lower, upper or mixed case are allowed. |
| Transaction Analysis Level - More Data | Transactions | Core, MemoryReqRes, B2B, MemActionLevel, ReqPayloadSize, ExtLatency, info | The message group names and log level for the More Data analysis level, The last parameter must be a valid log level name (debug, info, notice, warn. error, critic). The values must be comma separated, lower, upper or mixed case are allowed. |
| Transaction Analysis Level - Max Data | Transactions | Core, MemoryReqRes, B2B, MemActionLevel, ReqPayloadSize, ExtLatency, Sidecalls, info | The message group names and log level for the Max Data analysis level, The last parameter must be a valid log level name (debug, info, notice, warn. error, critic). The values must be comma separated, lower, upper or mixed case are allowed. |
| Deprecated Extended Transaction Enabled | Transactions | false | If true system will show by defaut the Deprecated Extended Transaction page. |
Miscellaneous Parameters
The following parameters control various other functions.
Parameter | Category | Default Value | Description |
|---|---|---|---|
Enable agents management | Agents | true | Set to true, unless using an External Self Service Console installation, in which case it should be false. |
Certificate monitoring duration in days | Certificate Monitoring | 60 | DataPower Gateways are able to send an alert a configurable number of days before certificates are about to expire. DPOD leverages this ability in the certificate monitoring screens. When a new monitored device is added to DPOD, the value in this parameter is copied to the corresponding parameter on the device. This value does not affect already-monitored devices. If you wish to change this in previously added devices, you need to do so manually. |
| Time to Keep WS-M Payloads (1d, 1w, blank) | WSM | (blank) | Automatically delete WS-M payloads from store, possible values are 1d = one day, 1w = one week, no value = don't delete automatically |
| Interval in Seconds to Sample Gateway MQ Objects Stats | WDP Objects | 300 | How often to sample the gateway's MQ objects, the data is shown in the Gateway MQ Overview dashboard |
| Interval in Seconds to Analyze Audit Logs | Restarts | 300 | How often to sample the gateway's audit logs, this data will be used for the restarts dashboard |
System Parameters
| Parameter | Category | Default Value | Description | ||
|---|---|---|---|---|---|
| Is Internal Self Service Installation | System | true | Is the current DPOD installation an Internal Self Service Console - change this value only for external self service console scenarion | ||
| Internal Self Service Address | System | https://montier-management | The address of the internal Self Service Console - change this value only for external self service console scenarion | ||
| Internal Self Service User Name | System | (no default) | The DPOD user name that will be used to access the internal Self Service Console - change this value only for external self service console scenarion
| ||
| Internal Self Service Password | System | (no default) | The DPOD user's passwordthat will be used to access the internal Self Service Console - change this value only for external self service console scenarion | ||
| Internal Self Service Webserver Port | System | 443 | The internal Self Service Console's webserver port - change this value only for external self service console scenarion | ||
| Interval in Seconds to Check and Cleanup DB Tables | System | 28800 | Interval in seconds to cleanup DB tables that exceeded the threshold size (threshold for each table is defined in a different system parameter) | ||
| Threshold in MB to Clean Reports Execution Table | System | 100 | Threshold in MB to cleanup the reports execution DB table | ||
| Threshold in MB to Clean Alerts Execution Table | System | 200 | Threshold in MB to cleanup the alerts execution DB table | ||
| Threshold in MB to Clean Services Portal Execution Table | System | 100 |
| Threshold in MB to cleanup the services portal execution DB table | |||
| Threshold in MB to Clean Maintenance Plan Execution | System | 100 | Threshold in MB to cleanup the maintenance execution DB tables (backup, sync and firmware upgrade) |
| The HTTP Address of the UI | System | (no default) | The URL used to access DPOD Web Console root context, e.g. https://dpod.example.com (without /op or /admin suffixes). This URL will be used to create URLs to DPOD Web Console that are embedded in emails sent by maintenance plans or sharing by email from the Web Console. |
| The HTTP Address of the UI - External (optional) | System | (no default) | The URL used to access DPOD Web Console root context from external networks, e.g. https://dpod.example.com (without /op or /admin suffixes). If this URL if specified, an additional link will be added to email addresses where "The HTTP Address of the UI" is used, to allow external users to have an additional link they can use instead of the internal link. |
| Experimental Features | Experimental | (no default) | For support use only, do not change unless advised by L2/L3 support |