Enabling and disabling the Investigation Dashboard
This topic describes how to enable and disable the Investigation Dashboard.
Before you begin
- 64-bit architecture
- 24 GB RAM
- 4-core CPU
- Investigation Dashboard functionality opens ports 8983 and 9983 on both Central managers and collectors. The ports are opened when the Investigation Dashboard is enabled and closed when it is disabled. To use the Investigation Dashboard, ensure that bidirectional communication between Central managers and collectors on ports 8983 and 9983 is not blocked by any firewall.
Restriction: The Investigation Dashboard and Data Level Security cannot be enabled
concurrently.
Procedure
Results
Once enabled, see Accessing the investigation dashboard to learn more and begin using the investigation dashboard.
Attention: Indexed search data is retained for 3 days. Use the purge object Guardium CLI
command to change the retention period. For example, the following command changes the retention
period to 5 days: store purge object age 36 5. Note that
36 is the default object identification number associated with the search
index. For additional information, see Configuration and Control CLI Commands reference information.