OPERATIONS
      Back to home
      1. KNOWLEDGE BASE
      2. OPERATIONS

      Collection Status

      DNIF library has extractors ready to ingest data from all types of devices. It auto detects devices sending logs to DNIF and the extractors associated with them, this information is listed on the device management screen. It lists the devices that are sending logs to the console along with the IP addresses, extractors and streams associated for informational purposes. In addition, A provision has been made to manually add devices when it is required for the rare case where one needs to make a specific parser mapping for a particular device.

      • Extractors are used to extract information from the incoming logs.
      • Streams are the logical partitions into which different log types are distributed.

      How to view Collection Status?

      • Click Streams icon on the left navigation bar of the Home Screen and then click on Collection Status, to view all the devices sending logs to console.

      image 1-Dec-01-2023-08-17-51-8847-AM

      The Collection Status screen displays the following details:

      Field Name 

      Description
      Source

      Displays the IP Address/ name of the Connector sending logs to console

      Note: Hover on the details in this column and a copy icon will be displayed, you can copy the details of this column and use it for any further analysis as required.
      Extractors Display the extractors mapped to the device
      Stream Displays the stream category of the logs
      Status Displays the status of the device, active/inactive. You can apply the following filters:
      • Active: Lists only the Active collection sources
      • Inactive: Lists only the Inactive collection sources
      • Show All: Lists all the active and inactive collection sources
      Edit You can override the auto detected extractors by manually adding an extractor from the drop down. The overridden extractors can also be rolled back to its original auto detected value. Refer below How to manually override and rollback an extractor?
      • Click Export, to download the collection status.
      • Click Refresh icon on the right corner above the list to refresh the list. On successful update the following message will be displayed on screen.
        Device List Fetched Successfully

      How to manually override and rollback an extractor?

      To manually override an extractor:

      image 2-Dec-01-2023-08-18-41-0604-AM

      • Click the Edit icon against the required device. The extractor column of the device will be changed into edit mode.

      image 3-Dec-01-2023-08-19-04-4488-AM

      • Select the radio button to manually override the selected extractor.

      image 4-Dec-01-2023-08-19-20-3957-AM

      • Select the required extractor from the dropdown and click Save. The Device will be updated with the new extractor as shown below

      image 5-Dec-01-2023-08-19-52-3438-AM

      •  This Blue icon in the above screen indicates that the extractor has been overridden

      To rollback an overridden extractor

      image 6-Dec-01-2023-08-20-36-9846-AM

      • Click the edit icon against the overridden device.

      image 7-Dec-01-2023-08-21-09-2249-AM

      • Select the radio button, to rollback the extractor to the original auto detected value. The following screen is displayed

      image 8-3

      • Click Save. The Device will rollback to its original autodetected value as shown below

      image 9-2