Enabling and disabling the Investigation Dashboard
This topic describes how to enable and disable the Investigation Dashboard.
Before you begin
- 64-bit architecture
- 24 GB RAM
- 4-core CPU
- Investigation Dashboard functionality opens ports 8983 and 9983 on both central managers and collectors. The ports are opened when the Investigation Dashboard is enabled and closed when it is disabled. To use the Investigation Dashboard, ensure that bidirectional communication between Central managers and collectors on ports 8983 and 9983 is not blocked by any firewall.
- Central managers and managed units must be able to reach each other via host name and IP address: ensure that DNS is configured to resolve IP addresses and host names in both forward and reverse lookup. If DNS cannot be used, use the support store hosts command to manually add IP-host name combinations. For more information, see support store hosts.
- Log in to the Guardium® system as a user or administrator with the CLI role.
Enable the Investigation Dashboard with the GuardAPI command:
grdapi enable_quick_search schedule_interval=2 schedule_units=MINUTETo enable the Investigation Dashboard on all managed units of an environment, use the all=true parameter:
grdapi enable_quick_search schedule_interval=2 schedule_units=MINUTE all=trueNote: This GuardAPI executes many configuration scripts and, depending on the current unit status, can take a few minutes.By default, violations are not included in search results. To include violations, set the includeViolations parameter to
grdapi enable_quick_search schedule_interval=2 schedule_units=MINUTE includeViolations=true
To enable outlier detection, see Outliers detection.
Additional parameters may be specified, such as the search index update interval. For more information, see Investigation Dashboard APIs.
Use the following GuardAPI command to disable the Investigation Dashboard function at any
After you have enabled the Investigation Dashboard, see Accessing the investigation dashboard to learn more and begin using the investigation dashboard.