Article Number
000002019
Applies To
RSA Product Set: Security Analytics, NetWitness Logs & Network
RSA Product/Service Type: Health & Wellness, Security Analytics Server, Core Services
Platform: CentOS
RSA Product/Service Type: Health & Wellness, Security Analytics Server, Core Services
Platform: CentOS
Issue
Besides the Health and Wellness monitoring section available from the RSA NetWitness Platform UI, it may sometimes be useful to retrieve important historical info such as Memory, CPU, disks IO, Swap and network traffic directly from CentOS CLI using SAR.
Resolution
MEMORY
Disks IO
NETWORK (all NICs)
The scripts will create respectively sar_debug_memory.log, sar_debug_Swap.log, sar_debug_cpu.log, sar_debug_IO.log, sar_debug_Network.log files and we can view the files using vi editor for example (if ran from the /root directory):
Image description
For more info about the columns and options, I would suggest to consult the SAR man page.
for i in `ls -t /var/log/sa/sa[0-1]*` ;do sar -r -f $i ;done > sar_debug_memory.logSWAP
for i in `ls -t /var/log/sa/sa[0-1]*` ;do sar -S -f $i ;done > sar_debug_Swap.logCPU
for i in `ls -t /var/log/sa/sa[0-1]*` ;do sar -p -f $i ;done > sar_debug_cpu.log
Disks IO
for i in `ls -t /var/log/sa/sa[0-1]*` ;do sar -b -f $i ;done > sar_debug_IO.log
NETWORK (all NICs)
for i in `ls -t /var/log/sa/sa[0-1]*` ;do sar -n DEV -f $i ;done > sar_debug_Network.log
The scripts will create respectively sar_debug_memory.log, sar_debug_Swap.log, sar_debug_cpu.log, sar_debug_IO.log, sar_debug_Network.log files and we can view the files using vi editor for example (if ran from the /root directory):
vi /root/sar_debug_Network.logPlease note the average at the end of everyday report:
Image descriptionFor more info about the columns and options, I would suggest to consult the SAR man page.
In this article
