Log Management Server Status

The Log Management Server Status report is a relatively basic view that provides you with a dedicated interface with which to see high-level Elasticsearch server information. This includes the server name and connection status as well as current data retention setting and disk space limits. More specifically, Total Disk Space Usage Limit represents the limit of total disk space usage on disks where Elasticsearch stores its data while Maximum Total Disk Space Usage Limit reflects a setting inside Elasticsearch itself, and is the maximum that users are allowed to set the Total Disk Space Usage Limit through the Log Management Settings dialog. The Maximum Total Disk Space Usage Limit is displayed only if the Disk-based shard allocation option is enabled inside Elasticsearch. When enabled (by default), if the disk space usage percentage reaches that level, then all indexes residing on the affected node become read-only and no new data can be added. Additionally, you can access the Log Management Settings interface directly from the report without the need to leave the Log Management Dashboard by clicking the applicable hyperlink.

Expanding the lower section of the report allows you to view current disk space usage data for each node. This data includes the actual disk space in gigabytes, the percentage of total disk space on the node used by Elasticsearch indexes, by other programs, and the percentage of free disk space available.

Important: Only one node is configured on the Elasticsearch server by default. The procedure for adding nodes to the server occurs entirely independent of WhatsUp Gold.

At the bottom of the report view, you can now see the following operational metrics:

Note: Record counts may vary at various levels (e.g., cluster, node, index, etc.) in Elasticsearch and some of these records are categorized as metadata. WhatsUp Gold displays the number of records at the Index level to ensure a greater degree of accuracy regarding how many actual log events, as opposed to total records, were collected.

Note: This metric provides you with a sense of scale for the severity of any peaks. A change in average over time may indicate the disk space allocated for the data store needs to be increased to accommodate more rapid growth than anticipated.

Note: This metric can be useful for capacity planning because it identifies spikes and/or growth in events per second and can give administrators a better idea of the appropriate amount of bandwidth needed to handle those spikes and growth.

Note: This metric is a rough projection of how many days it may take log collection at the current rate (indicated by the daily size increase in GB) to fill the remaining free disk space. Please note, this estimate assumes no other applications other than Elasticsearch are consuming space on this disk.

Export report data

Report data can be exported from WhatsUp Gold, reused, and distributed in multiple formats. Select Expand (Full_Screen_Transparent) from the Dashboard Options (DasboardOptions) menu. After the report has been expanded, select the Export Data icon to access the following options:

See Also

Log Management

Log Activity

Log Source Statistics

Top 10 Devices with Critical Windows Security Events

Top 10 Devices with Critical Windows Application Events

Top 10 Devices with Critical Windows System Events

Top 10 Devices with Critical Syslog Issues