Skip to content

Latest commit

 

History

History
197 lines (125 loc) · 8.07 KB

README.md

File metadata and controls

197 lines (125 loc) · 8.07 KB
Raw

Summary

The ITSI Content Pack for NetScaler from Kinney Group is specifically designed to monitor the health and performance of NetScaler systems. It leverages Splunk ITSI to provide in-depth analysis and visualization of logs for NetScaler, ensuring critical systems are operating optimally. This content pack is an essential tool for IT professionals looking to enhance the reliability and performance of their NetScaler infrastructure.

  • Comprehensive System Health Monitoring: Offers detailed insights into the overall health and performance of the NetScaler system, including software, hardware, and network interfaces.
  • Enhanced Security and Observability: Monitors security incidents, patch compliance, and intrusion detection alerts, while ensuring effective logging and observability.
  • Optimized Load Balancing and High Availability: Ensures efficient traffic distribution and system availability during failures, enhancing the resilience of the NetScaler system.

This ITSI Content Pack is open source and available for community collaboration and enhancement on GitHub.

For more information about Kinney Group's Splunk Products, visit our website.

Details

The ITSI Content Pack for NetScaler contains service definitions and KPIs ready to import to ITSI. The KPI Thresholds and importance values are set to defaults so that they can be tuned manually for your use case. After configuration, this content pack provides a comprehensive view of the NetScaler system's health, performance, and security.

Kinney Group ITSI Content Pack Blog

For more information about Kinney Group's Splunk Products, visit our website.

Services

NetScaler monitoring encompasses several specialized services, each targeting specific aspects of system performance:

  1. NetScaler System Health

    • Description: Represents the comprehensive health of the entire NetScaler system, encompassing all other services to provide a holistic view.

  2. Software Health

    • Description: Focuses on the software aspect of the NetScaler system, monitoring KPIs like service response time, error rates, and memory usage.

  3. Security

    • Description: Dedicated to monitoring security-related KPIs such as the number of security incidents, patch compliance, and intrusion detection alerts.

  4. Observability & Logging

    • Description: Focuses on the logging and observability aspects, ensuring that logs are generated, retained, and analyzed effectively.

  5. Network Interfaces

    • Description: Monitors the network interfaces, tracking KPIs like interface throughput, packet loss, and latency.

  6. Load Balancing

    • Description: Ensures that traffic is balanced across servers, monitoring KPIs such as request distribution and server response time.

  7. High Availability

    • Description: Focuses on high availability aspects, tracking KPIs like failover time and cluster node availability.

  8. Hardware Health

    • Description: Dedicated to the hardware health, monitoring KPIs such as CPU utilization, disk usage, and temperature.

KPIs

Each service utilizes specific KPIs to measure its effectiveness:

  1. Service Response Time

    • Description: Measures the time taken for the software to respond to requests.

  2. Error Rates

    • Description: Tracks the number of errors or failed transactions.

  3. Application Throughput

    • Description: Monitors the amount of data processed by the software.

  4. Memory Usage

    • Description: Keeps track of the memory consumption by the software processes.

  5. Service Availability

    • Description: Measures the uptime and availability of critical software services.

  6. Number of Security Incidents

    • Description: Tracks the number of security breaches or incidents.

  7. Patch Compliance

    • Description: Measures the percentage of systems that are up-to-date with security patches.

  8. Intrusion Detection Alerts

    • Description: Monitors alerts generated by intrusion detection systems.

  9. Firewall Rule Violations

    • Description: Tracks the number of violations against firewall rules.

  10. Authentication Failures

    • Description: Measures the number of failed login attempts.

  11. Log Volume

    • Description: Measures the amount of log data generated.

  12. Log Latency

    • Description: Tracks the time taken for logs to be recorded and available for analysis.

  13. Event Correlation

    • Description: Measures the effectiveness of correlating events from different sources.

  14. Alert Accuracy

    • Description: Tracks the accuracy of alerts generated from logs.

  15. Log Retention Compliance

    • Description: Ensures logs are retained as per compliance requirements.

  16. Interface Throughput

    • Description: Measures the amount of data transmitted and received.

  17. Packet Loss

    • Description: Tracks the number of lost packets.

  18. Latency

    • Description: Measures the time taken for data to travel across the network.

  19. Error Rates

    • Description: Monitors the number of errors on network interfaces.

  20. Interface Availability

    • Description: Measures the uptime of network interfaces.

  21. Request Distribution

    • Description: Measures how evenly requests are distributed across servers.

  22. Server Response Time

    • Description: Tracks the response time of servers behind the load balancer.

  23. Session Persistence

    • Description: Monitors the effectiveness of session persistence mechanisms.

  24. Load Balancer Throughput

    • Description: Measures the amount of data processed by the load balancer.

  25. Health Check Success Rate

    • Description: Tracks the success rate of health checks on backend servers.

  26. Failover Time

    • Description: Measures the time taken to switch to a backup system.

  27. Cluster Node Availability

    • Description: Tracks the uptime of nodes in a high-availability cluster.

  28. Replication Lag

    • Description: Measures the delay in data replication between nodes.

  29. Heartbeat Interval

    • Description: Monitors the frequency of heartbeat signals between nodes.

  30. Redundancy Level

    • Description: Ensures there are sufficient backup systems in place.

  31. CPU Utilization

    • Description: Measures the percentage of CPU capacity being used.

  32. Disk Usage

    • Description: Tracks the amount of disk space used and available.

  33. Temperature

    • Description: Monitors the temperature of hardware components.

  34. Power Supply Status

    • Description: Tracks the status of power supplies.

  35. Fan Speed

    • Description: Measures the speed of cooling fans to ensure proper cooling.

Relationships

Dependencies:

Services are interconnected; for instance, NetScaler System Health is dependent on Software Health, Security, Observability & Logging, Network Interfaces, Load Balancing, High Availability, and Hardware Health.

Hierarchical Structure:

Some services form a hierarchy, such as Software Health depending on KPIs like Service Response Time and Error Rates, illustrating a layered approach to performance monitoring where base metrics support broader performance indicators.

Installation

Installation prerequisites:

Splunk Addon for NetScaler

Splunk App for Content Packs

Splunk ITSI

Troubleshooting

Kinney Group ITSI Content Pack Blog

Github and Readme

support@kinneygroup.com

Contact

To provide feedback, visit our Github and Readme for our content packs.

support@kinneygroup.com

For more information about Kinney Group's Splunk Products, visit our website

Version History

Version Date Description
0.0.1 05/29/24 Initial Preview Release

Considerations:

Kinney Group ITSI Content Pack Blog