Skip to main content

Managing Services

Services Status#

You can view the status of the Sensei-related services on the Home page of a node. It provides all critical system-level information you need to manage your node. The following services are listed here:

  • Engine
  • Reporting Database
  • Cloud Agent
  • Cloud Nodes Status

Services Status(Engine, Reporting DB, Cloud Agent)

Figure 1. Services Status(Engine, Reporting DB, Cloud Agent)

Services Status(Engine)

Figure 2. Services Status(Engine)

You can check whether one of the services is running or not by viewing the related pane on the Home page.

Engine Pane#

In this pane, you can view and manage the core packet engine which does all the heavy lifting and packet processing. It provides Start/Stop and Restart buttons for the engine as well as Start on Boot control to set the engine daemon status on a system restart.

Engine Pane

Figure 3. Engine Status Pane

This pane provides details about:

  • Status of the engine (Running/Stopped)
  • Installed engine version and installation time
  • Last update time and signature of the engine

Reporting Database#

The Reporting Database pane shows the database status, provides Start/Stop/Restart buttons for the database, and a Start on boot option to allow the database to run after a system restart. This pane provides details about:

  • Status of the reporting database (Running/Stopped)
  • Installed database type(Elasticsearch/MongoDB/SQLite)

Reporting DB Status Pane

Figure 4. Reporting Database Status Pane

info

We highly recommend keeping the ElasticSearch database running at all times since it is the primary database used by Sensei.

Cloud Agent Pane#

This pane provides details about:

  • Status of the cloud agent (Running/Stopped)
  • Installed agent version and installation time

Cloud Agent Pane

Figure 5. Cloud Agent Pane

Cloud Nodes Status Pane#

Cloud threat intelligence servers are used for querying real-time information on threat intelligence and web categorization. Web Categorization and The Cloud Threat Intelligence data are queried in real-time when a connection attempt is made through your network. It allows us to respond to malware and malicious connections quickly in real-time. Two Cloud Reputation servers with the best response times are automatically selected and configured by the engine according to their network response times during the installation and/or initial configuration.

Cloud Nodes Status panel provides detailed information about the followings:

  • Node Name: Name of the cloud reputation server such as US-West, US-Central, US-East, Europe, Australia, Asia, etc.
  • Node Status: Availability of the server (UP/Down)
  • Success Rate: The connection success rate for the server (uptime percentage)

Cloud Nodes Status

Figure 6. Cloud Nodes Status

Enabling Bypass Mode for Packet Engine#

For troubleshooting purposes, the packet engine may be run in Bypass Mode. In this mode, the engine does not apply any security controls for traffic and simply passes it through on the protected interfaces. In bypass mode, Sensei operates like a dummy L2 bridge.

This feature is useful when investigating incompatible network driver(s), troubleshooting a problem with the packet engine, or resolving issues with other system components such as netmap. If the problem still exists in bypass mode, that means the problem is not related to the packet engine. Rather, it may be a netmap or OS problem.

To enable Bypass mode, hover your mouse over the Engine Pane. This will display engine management buttons on the pane. Click the Enter Bypass button. (Figure 18.)

Engine is in Bypass Mode

Figure 7. Engine is in Bypass Mode

To exit Bypass mode, click the Exit Bypass button after hovering your mouse over the Engine pane.

Start/Stop/Restart of a Service#

You can start/stop/restart the Sensei-related services on the dashboard.

  • Hover your mouse over the service pane where you want to change the status.
  • To stop/start one of the services, click the Stop or Start button in the service pane.
  • To restart one of the services, click the Restart button in the service pane.

Enabling/Disabling Start on Boot#

Start on boot allows the packet engine or the database to start running after the firewall has been rebooted.

You can enable/disable the Start on boot option:

  • Hover your mouse over the service pane where you want to change the status.
  • Click the Start on boot button in the service pane.