Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 5552 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Reports become useless after a few weeks, reporting 0's

niagarasys
Our Sophos UTM SG330 is configured to send us Daily Executive Reports that show the amount of traffic process, connections, console logins, etc., etc.

Unfortunately after about 10 - 15 days the reports are reporting 0's for everything:  


Network Usage:	 	 	WebAdmin Logins:	 

Traffic processed:	0	 	Successful:	0

Connections Handled:	0	 	Failed:	0

 	 	 	 	 

Network Protection:	 	 	Console Logins:	 

Packets blocked by Firewall:	0	 	Successful:	0

Attacks blocked by IPS:	0	 	Failed:	0

 	 	 	 	 

Web Filtering:	 	 	Up2Date:	 

Total Website requests:	0	 	Requests successful	0

URLs blocked	0	 	Requests failed	0

HTTP/S Viruses blocked	0	 	Firmware updates installed:	0

HTTP/S Malware blocked	0	 	Pattern updates installed:	0

 	 	 	 	 

Mail Filtering:	 	 	System:	 

Mails processed:	0	 	System Restarts:	0

Spam Mails blocked:	0	 	Uplink fail-overs:	0

Virus Mails blocked:	0	 	HA/Cluster fail-overs:	0

 	 	 	 	 

VPN:	 	 	 	 

VPN connections:	0	 	 	 

VPN traffic:	not accounted	 


The graphs for CPU and memory are showing data, even the graphs for concurrent connections and traffic are showing data, but the "TOP10 Clients" is 0, Services is 0, etc.

Basically anything with images show the graphs but the actual data reported is all 0.

To resolve this problem we have to restart the unit and this is less than ideal as this is a 24/7 operation that relies on the internet. 

Does anyone have any advice?


This thread was automatically locked due to age.
Parents
  • 0
    It could be corruption in one or more of the databases, where this information is stored, causing the collection process to barf.  The first thing to try is the sledgehammer method of clearing, then reinitializing the databases.  From shell, as root, run /etc/init.d/postgresql92 rebuild.  Obviously, this is going to wipe any current reporting data, but the archived raw logs will still be there.

    Based on the amount of data passing through and the size of the UTM (CPU and memory), you also may consider changing the retention length at Logging & Reporting > Reporting Settings > Settings.  Check the CPU and memory usage graphs in Logging & Reporting > Hardware > Monthly to see if it's scaling up steadily over time.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
Reply
  • 0
    It could be corruption in one or more of the databases, where this information is stored, causing the collection process to barf.  The first thing to try is the sledgehammer method of clearing, then reinitializing the databases.  From shell, as root, run /etc/init.d/postgresql92 rebuild.  Obviously, this is going to wipe any current reporting data, but the archived raw logs will still be there.

    Based on the amount of data passing through and the size of the UTM (CPU and memory), you also may consider changing the retention length at Logging & Reporting > Reporting Settings > Settings.  Check the CPU and memory usage graphs in Logging & Reporting > Hardware > Monthly to see if it's scaling up steadily over time.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
Children
No Data
Unfiltered HTML