Log Collector Details View

The Log Collector Details view provides information for the Log Collector. The following figure depicts the Log Collector Details.

netwitness_121_lcdetails_1122_750x347.png

For the related procedure, see Monitor Service Details.

The lower section consists of the Collection and Event Processing tabs that display generic statistics for the service.

Collection Tab

Displays the event collection statistics for each Log Collection protocol you have implemented in NetWitness (see "Log Collection Getting Started Guide" in the Log Collection Guides).

Event Processing Tab

Displays statistics for the NetWitness internal event processing protocol (that is, the Log Decoder) for Log Collection.

Parameter Description
Transport Protocol NetWitness protocol use for Log Collections (that is, the Log Decoder).
Status

Status of the Log Decoder. Valid values are:

  • starting - Starting data capture (not capturing data yet).
  • started - Capturing data.
  • stopping - Stopping data capture (received request to stop data capture, but not have not stopped capturing data yet).
  • stopped - Not capturing data.
  • disabled - Not configured as a Decoder service.
EPS Rate (events per second) at which this the Log Decoder is processing events from the Log Collector.
Total Events Total events processed by the Log Decoder.
Errors Number of errors encountered.
Warnings Number of warnings encountered.
Byte Rate Current throughput in bytes per second.