IBM DataPower Operations Dashboard v1.0.15.0

A newer version of this product documentation is available.

You are viewing an older version. View latest at IBM DPOD Documentation.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 14 Next »

This is a tech preview feature introduced in v1.0.5. When used, a syslog record will be sent for each DataPower transaction.

The syslog record used is a json-formatted data object, containing information aggregated from several sources relating to the transaction.

The feature requires DataPower FW 7.6+

Value to Customers

  • This feature allows customers to easily display DataPower information on their APMs or log aggregator such as IBM APMs , Splunk or ELK. This removes the dependency on, and isolates the customer from changes to DataPower's log structure.
  • Customers may add a link to the syslog record, which redirects from each transaction into DPOD' transaction details, in order to enhance troubleshooting efforts.
  • DPOD customers can use this feature to externalize DPOD information for Data Warehouse purposes.
  • DPOD customers can retain summarized transaction details. This will increase history information retention time period and minimize storage requirements.


Transaction Record Structure

The following table describes the fields that are logged with this feature.

Field NameDescriptionPossible Values
serviceTypeService type as defined in DataPowermpgw,wsp,xml-firewall,b2bgw
transactionGlobalIdDataPower global transaction ID (GTID)26 chars long
transactionIdDataPower transaction ID (TID)long number
srcNodeNameThe name of the DPOD node that captured the transaction
domainNameDataPower domain name where the transaction was executedString
deviceNameDataPower device nameString
timeYearOnlyYear of transaction startformat YYYY
timeMonthNumMonth number of transaction start1-12
timeDayDay of month of transaction start1-31
timeHHMMSSFull time of transaction start

format HHMMSS where:

HH: 00-23
MM: 00-59
SS: 00-59

timeHourHour of transaction start00-23
timeMinuteMinute of transaction start0-59
timeSecondSecond of transaction start00-59
timeMicroSec

Microsecond of transaction start


timeZoneThe time zone used to log transaction startformat +ZZZZ
timeInMilTransaction start time since Epoch in millisecondslong number
timeInMicroSec

Transaction start time since Epoch in microseconds


timeDayInYearDay of year of transaction start1-365
timeSecondInDaySecond in the Day of transaction start0-86399
timeMinuteInDayMinute in the Day of transaction start0-3599
timeDayInWeekDay in a week of transaction start1-7. 1- Sunday, 7-Saturday.
microSecTimestampTimestamp format of the time the transaction startedYYYY-MM-DDTHH:mm:ss.SSSSSS+ZZZZ
aggRecordVersionEstimated FW version of the DataPower that executed the transaction. (For internal use)String
technicalServiceNameService Name.
Note: in WSP we are not currently providing an operation name
String
technicalErrorMessageError message relating to the transaction.
This field will only be populated when the transaction completed with error.
String
isTechnicalErrorIndication whether the transaction completed with errorstrue/false
aggErrorCodeError Code in DataPowerString
messageThe Syslog line that DPOD discerned is most likely to reflect the error causeString
aggIndTXErrorIndication that information on error transaction was receivedtrue/false
aggIndTXFinishedIndication that information on transaction completion was receivedtrue/false
aggIndTXStartedIndication that information on starting transaction arrivedtrue/false
aggFirstTxOfGtxIndication on whether this is the first transaction in a group. In this case -there might be a following transaction logged with the same GTIDtrue/false
microSecTimestampFinishFor internal uselong
aggUuidGtidEpochSecondsFor internal uselong
docAddedTimeInMilFor internal uselong
WDPTutXUuidGtidTidFor internal uselong
WDPTutXUuidGtidDeviceIdFor internal useString
aggUuidGtidTimstFor internal useString
microSecTimestampStart For internal use
String


JSON Example
{
   "_index" : "logical-tran-compact_i1",
   "_type" : "wdpLogicalTrans",
   "_id" : "802d48ad5976a98f00080cc4_527556",
   "_timestamp" : "2017-07-25T02:15:23.279Z",
   "_version" : 4,
   "_operation" : "INDEX",
   "_source" : {
      "serviceType" : "mpgw",
      "timeDayInYear" : "206",
      "transactionGlobalId" : "802d48ad5976a98f00080cc4",
      "timeDayInWeek" : "2",
      "microSecTimestampStart" : "2017-07-25T05:14:39.570000+0000",
      "timeHHMMSS" : "05:14:39",
      "aggUuidGtidTimst" : "2017-07-25 02:14:39",
      "aggFirstTxOfGtx" : "true",
      "aggIndTXStarted" : "true",
      "deviceName" : "idg7600",
      "timeSecond" : "39",
      "aggUuidGtidEpochSeconds" : "1500948879",
      "timeSecondInDay" : "18879",
      "timeMinuteInDay" : "314",
      "timeYearOnly" : "2017",
      "timeInMicroSec" : "1500948879569000",
      "srcNodeName" : "NODE0",
      "timeDay" : "25",
      "microSecTimestamp" : "2017-07-25T05:14:39.569000+0000",
      "WDPTutXUuidGtidDeviceId" : "802d48ad",
      "timeInMil" : "1500948879569",
      "timeZone" : "+0000",
      "transactionId" : "527556",
      "timeMinute" : "14",
      "timeMonthNum" : "07",
      "domainName" : "APIMgmt_ACB198F9A6",
      "timeMicroSec" : "569000",
      "timeHour" : "05",
      "WDPTutXUuidGtidTid" : "00080cc4",
      "aggRecordVersion" : "7.6.0.0+",
      "technicalServiceName" : "GetDeliveryStatus_MHJV.MPGW",
      "docAddedTimeInMil" : "1500948882966",
      "technicalErrorMessage" : "Invalid JSON format",
      "isTechnicalError" : "1",
      "aggErrorCode" : "0x02130008",
      "message" : "<11>2017-07-25T05:14:39.570000+0000 MonTierLocalId-8 [0x02130008][mpgw][error] mpgw(GetDeliveryStatus_MHJV.MPGW): trans(527556)[error][192.168.0.112] gtid(802d48ad5976a98f00080cc4): Invalid JSON format\r",
      "aggIndTXError" : "true",
      "microSecTimestampFinish" : "2017-07-25T05:14:39.573000+0000",
      "aggIndTXFinished" : "true"
   }
}


Feature enablement

Perform the following steps to enable this feature

  1. Install and configure Store plugin.
  2. Configure each syslog agent.
  3. Stop and start all system services.

Plugin Configuration

  1. Configure each Store node number 2 and 4 as follow:

    1. cd /app/elasticsearch_nodes/config/MonTier-es-raw-trans-Node-2 
    2. Edit the elasticsearch.yml file
  2. uncomment the following parameters:

    ParameterValuesDescription
    montier.events.feed.syslog.protocoltcp or udpthe protocol used to send messages to syslog
    montier.events.feed.syslog.hostip address v4 or valid hostnametarget syslog agent hostname
    montier.events.feed.syslog.portinteger 1-65535target syslog agent port
    montier.events.feed.syslog.sslfalse or truedisable or enable SSL
    montier.events.feed.appnametext A-Z|a-z|0-9 name - 8 charssyslog application name

Configure syslog agent

For each syslog agent in the system perform the following:

  1. cd /app/flume/syslog_agents/conf/MonTier-SyslogAgent-nn/ (replace nn with the agent number)
  2. edit the flume_syslog.conf file
  3. Locate in each agent rows with pattern:  MonTier-SyslogAgent-nn.sinks.syslogElasticSinknnn.batchSize = (replace nnn with sink name 1 to 10. Also - replace nn with the agent number)
  4. Add below each of these rows the line below (substituting nn and nnn as described in step 3 above)
    MonTier-SyslogAgent-nn.sinks.syslogElasticSinknnn.serializer.enableLogicalTx = false
  • No labels