Chapter 4: Audit - Tavve zoneranger User Manual

Chapter 4: Audit

In order to provide a high level of reliability, the ZoneRanger appliance and the Ranger Gateway
software both incorporate a periodic self-audit process. The audit process in each case runs on a five-
minute interval, performing a series of pre-configured tests, verifying that services are configured
correctly, that components are able to communicate as required, and that the software is operating
properly. In the normal case, where no problems are detected, the audit will simply terminate, and
reschedule itself to run again five minutes later. If any problems are detected, the audit process will
inform the user in a variety of ways:
•
The ZoneRanger web interface can be used to view the results of the most recent audit for that
ZoneRanger (on the Information section of the ZoneRanger dashboard, and on the View >
System Audit page).
•
The Ranger Gateway Viewer can be used to view the results of the most recent Ranger Gateway
audit, and the results of the most recent audits for any joined ZoneRangers.
•
The auditResult command on the Ranger Gateway can be used to view the results of the
most recent Ranger Gateway audit, and the results of the most recent audits for any joined
ZoneRangers.
•
The audit process can be configured to send an SNMP trap whenever a problem is detected.
•
The audit process can be configured to send a Syslog message whenever a problem is detected.
When audit results are presented to the user, a description of the problem being reported is provided,
along with an assessment of the severity of the problem. Two severity categories are supported:
•
Major: The problem that has been detected is significant and may affect the ability of the
ZoneRanger or Ranger Gateway to provide necessary services. Corrective action should be
taken immediately.
•
Minor: The problem that has been detected may impair the operation of one or more services,
but does not necessarily require immediate attention.
In addition to informing the user, the audit process may, where appropriate, automatically perform one
or more corrective actions in an attempt to resolve the problem that has been detected. The ability to
automatically correct a problem fundamentally depends on the nature of the problem. For example, if a
ZoneRanger is unable to communicate with a Ranger Gateway, or if a service has been configured
incorrectly, the audit process will notify the user, as described above, but no automatic corrective action
will be taken. If an internal software error has been detected, on the other hand, the audit process will
perform an escalating series of corrective actions, typically beginning with restarting the affected
internal service, and potentially restarting the entire software application, or, in the case of ZoneRanger,
rebooting the appliance, if a problem persists across multiple audit cycles.
It should be noted that the Ranger Gateway Viewer, the ZoneRanger web interface, and the
listAuditResults
when a problem detected by the audit process is corrected, that problem will remain in the list of
detected problems until the next audit cycle. When the next audit cycle completes, the problem should
no longer be listed, provided that the corrective action was successful.
ZoneRanger 5.5 User's Guide
command all display the results of the most recent audit. As a result,
18