File:Ap-mm-capture-capture-simple-2.png and Longterm DB: Difference between pages
(Martin.gutsche uploaded a new version of File:Ap-mm-capture-capture-simple-2.png) |
No edit summary |
||
| Line 1: | Line 1: | ||
==Description== | |||
The Long-term DB feature (in firmware >= 4.3) uses an attached storage devices to store traffic information of IP addresses and Layer 7 protocols with low resolution for a much longer time than the live statistics. | |||
The elements stored in the long-term DB are as follows, graph data is available in 5 minute resolution: | |||
* IP addresses | |||
*# activity time | |||
*# traffic graph in 5 minute resolution | |||
* Layer 7 protocols | |||
*# traffic graph in 5 minute resolution | |||
The storage is used similar to a swap file mechanism so the long-term data is not kept between restart unless the [[DB persistence]] feature is enabled too, which is recommended when using the long-term feature. To reduce the amount of time to dump/restore, the DB persistence configuration allow to skip storing live data. | |||
==Usage== | |||
[[File:Longterm DB dashboard.png|alt=Long-term DB activated dashboard|thumb|Long-term DB activated dashboard]]If this feature is enabled, a view toggle button appears in the top menu bar. This button allows to switch between the real time "RT" view and the long-term ("LT") view. | |||
In the long-term view, the IP address information contain only information about the traffic amount in 5 minute resolution. | |||
The navigation menu in the long-term view only contains those modules which are available in this view. | |||
If the long-term view is activated on module pages which do not support long-term data, a corresponding info box is shown. | |||
==Setting== | |||
The configuration can be found in the global settings page in the "Long-term DB and persistence" tab. | |||
To enable this feature, select a storage device to be used, enable the feature and enter a file size. | |||
It is recommended to also enable the [[DB persistence]] feature to be able to save and restore the long-term DB data during restarts. | |||
Once enabled, the utilization of the file is shown and the [[System Info Page]] contains information about how long the data can be kept. | |||
Tip: Since the amount of information stored in the long-term DB is limited by the graph resolution, the file size usually don't need to be similar sized as the main memory. 10 GByte is a good starting point. | |||
The size can be increase but it requires a restart of the packet processing. | |||
[[File:DB persistence settings.png|thumb|Long-term DB settings]] | |||
== Notes == | |||
Recommended storage device types: | |||
{| class="wikitable" | |||
|+ | |||
!Storage device | |||
!Note | |||
|- | |||
|NMVe based SSD | |||
|recommended | |||
|- | |||
|SATA based SSD | |||
|can be used for moderate traffic, check system load for high system utilization | |||
|- | |||
|USB based SSD | |||
|not recommended, but might be useful for small systems (Allegro 200/500) | |||
|- | |||
|HDD | |||
|not recommended, should not be used | |||
|} | |||
It is also not recommended to place the long-term DB on the same storage device that is used a packet ring buffer as it will deteriorate the performance of both features. | |||
== Limitations == | |||
# The data in the long-term DB is limited to a selected subset of the data in the In-Memory-DB. See above for an exact list of elements available. | |||
# The data is written into the long-term DB in variable intervals depending on traffic and system load. It takes up to 10 minutes (two graph intervals) until the data appears in the graph. Therefore, the last 5-10 minutes appear empty or with less traffic than in live view. | |||
Revision as of 12:20, 11 February 2025
Description
The Long-term DB feature (in firmware >= 4.3) uses an attached storage devices to store traffic information of IP addresses and Layer 7 protocols with low resolution for a much longer time than the live statistics.
The elements stored in the long-term DB are as follows, graph data is available in 5 minute resolution:
- IP addresses
- activity time
- traffic graph in 5 minute resolution
- Layer 7 protocols
- traffic graph in 5 minute resolution
The storage is used similar to a swap file mechanism so the long-term data is not kept between restart unless the DB persistence feature is enabled too, which is recommended when using the long-term feature. To reduce the amount of time to dump/restore, the DB persistence configuration allow to skip storing live data.
Usage
If this feature is enabled, a view toggle button appears in the top menu bar. This button allows to switch between the real time "RT" view and the long-term ("LT") view.
In the long-term view, the IP address information contain only information about the traffic amount in 5 minute resolution.
The navigation menu in the long-term view only contains those modules which are available in this view.
If the long-term view is activated on module pages which do not support long-term data, a corresponding info box is shown.
Setting
The configuration can be found in the global settings page in the "Long-term DB and persistence" tab.
To enable this feature, select a storage device to be used, enable the feature and enter a file size.
It is recommended to also enable the DB persistence feature to be able to save and restore the long-term DB data during restarts.
Once enabled, the utilization of the file is shown and the System Info Page contains information about how long the data can be kept.
Tip: Since the amount of information stored in the long-term DB is limited by the graph resolution, the file size usually don't need to be similar sized as the main memory. 10 GByte is a good starting point.
The size can be increase but it requires a restart of the packet processing.
Notes
Recommended storage device types:
| Storage device | Note |
|---|---|
| NMVe based SSD | recommended |
| SATA based SSD | can be used for moderate traffic, check system load for high system utilization |
| USB based SSD | not recommended, but might be useful for small systems (Allegro 200/500) |
| HDD | not recommended, should not be used |
It is also not recommended to place the long-term DB on the same storage device that is used a packet ring buffer as it will deteriorate the performance of both features.
Limitations
- The data in the long-term DB is limited to a selected subset of the data in the In-Memory-DB. See above for an exact list of elements available.
- The data is written into the long-term DB in variable intervals depending on traffic and system load. It takes up to 10 minutes (two graph intervals) until the data appears in the graph. Therefore, the last 5-10 minutes appear empty or with less traffic than in live view.
File history
Click on a date/time to view the file as it appeared at that time.
| Date/Time | Thumbnail | Dimensions | User | Comment | |
|---|---|---|---|---|---|
| current | 08:54, 18 February 2025 |  | 1,654 × 450 (56 KB) | Martin.gutsche (talk | contribs) | |
| 11:51, 5 December 2024 |  | 1,654 × 450 (56 KB) | Martin.gutsche (talk | contribs) | ||
| 12:50, 3 February 2021 |  | 1,642 × 472 (41 KB) | Simon (talk | contribs) | ||
| 12:40, 27 March 2020 |  | 1,124 × 493 (35 KB) | Soumar (talk | contribs) |
You cannot overwrite this file.
File usage
The following page uses this file:
