Running health checks

DrQ is an extensible health check framework for QRadar®. Run DrQ health checks before major events, such as upgrades, to determine whether there are any issues that need to be addressed first. You can also run DrQ routinely to monitor the health of your system. You can run all health checks at once, an individual check, or a group of checks.

About this task

DrQ is independent of each host and can be run only by the root user. When you run DrQ, it only has access to the files on the current host. It does not have the ability to communicate to any other host in the deployment. Each health check is designed to only run on the appropriate host.

Procedure

To run health checks, type the following command. 
drq

This command runs all available checks in /opt/ibm/si/diagnostiq with the checkup mode, and with the summary output mode.

The following table shows the general parameters for DrQ.

Table 1. DrQ general parameters
Parameter Description
-h Shows the help information for DrQ.
-l Lists all tests and shows which are valid and which are not applicable to the system.

The following table shows the filtering parameters for DrQ.

Table 2. DrQ filtering parameters
Parameter Description
-d <directory> Run all checks in a directory.

You can include this flag more than once, to specify multiple directories.

drq -d <path/to/directory1> -d <path/to/directory2>
-f <filename> Run a check by filename.

You can include this flag more than once, to specify multiple checks.

drq -f <path/to/filename1> -f <path/to/filename2>
-m Run all checks in a mode. The default mode is checkup.
-r Recursively run all checks in a directory.

You can include this flag more than once, to specify multiple directories.

drq -r <path/to/directory1> -r <path/to/directory2>
-t <tag> Run a group of checks by tag.

You can include this flag more than once, to specify multiple tags.

drq -t <tag1> -t <tag2>

The following table shows the output parameters for DrQ. These parameters are mutually exclusive.

Table 3. DrQ output parameters
Parameter Description
-j Outputs json output of the check results.

You can pipe the content to the jq tool to parse and format the json output.

drq -j | jq
-q Runs in quiet mode. Outputs one of the following exit codes:
  • 0 for all success
  • 1 for checkups with failures
  • 2 for invalid lua files
-s Runs in summary mode. Outputs the number of successes and failures. This is the default output mode for DrQ.
-v Runs in verbose mode. Outputs success and failure messages for each check.