Skip to main content

Health And Updates Configuration

Zenarmor (Sensei) performs health and update checks according to your preferences, which can be customized in detail. Update checks are performed for the Zenarmor packages and for the Application & Threat Intelligence Database. To configure these features,

In the OPNsense GUI, navigate to Zenarmor โ†’ Configuration โ†’Updates & Health Tab.

Configuration for Health & Update Features of Zenarmor

Figure 1: Configuration for Health & Update Features of Zenarmor

Health Check Panel#

Any system information shared by users to the product team is priceless for the improvement of the product. Therefore, the team asks you to enable the following features in the Health Check Panel. Sunny Valley Networks would be grateful for your help. Click to view Privacy Policy

Health Check#

The Health Check feature enables the application to check continuously once in an hour the utilization of the following system resources:

  • Swap

  • Memory

  • CPU

  • Disk

If disk usage percentage is more than %90 and/or swap usage percentage is more than the value specified by the user (default %30), the engine is stopped and the user is warned by displaying an error message on the screen.

Also, the status of the reporting database is checked periodically if any problem is determined, the user is warned by displaying a message on the screen. This feature provides the deletion of the application logs older than 15 days automatically.

To enable the Health Check feature, switch on the toggle button next to the Enabled option.

And then, click Save Changes at the end of the page.

Heartbeat#

Engine heartbeat health check is an internal health check mechanism that continuously checks the state of packet processing worker processes. Every worker process sends a heartbeat message at least once a second. If a worker fails to send several heartbeat messages in a row, the worker process is considered unhealthy and restarted immediately. This option enables or disables this behavior.

Sharing Statistics#

This option is to share some statistics such as Log files(error logs, crash logs), interface information, and unique local IP address, with Sunny Valley Networks.

To enable this feature, switch on the toggle button next to the Help Sunny Valley Networks improve its products and services by sharing health and system utilization statistics: option.

And then, click Save Changes button at the end of the page.

Updates and Support Panel#

Check For Updates Automatically#

Zenarmor can automatically check for product updates. To enable this feature, switch on the toggle button next to the Check For Updates Automatically option.

And then, click Save Changes button at the end of the page.

The time of the last Check operation for Updates is also displayed with light grey color under the Check For Updates Automatically option.

Displaying Time of the last Check operation for Updates

Figure 2: Displaying Time of the last Check operation for Updates.

When updates are available, the user is notified with a notification message about the update on the dashboard.

Automatically Update Application Database:#

Zenarmor can automatically update the Application Database.

To enable this feature switch on the toggle next to the Automatically Update Application Database option.

And then, click Save Changes at the end of the page.

The time of the last Application Database Update operation is also displayed with light grey color.

Displaying Last Update Time of Application Database

Figure 3: Displaying Last Update Time of Application Database.

tip

It is strongly recommended that you enable both the Automatic Check For Updates and the Automatically Update of Application Database options.

After the Application Database is updated automatically, an information message about the status of the update is displayed on top of the page.

A message indicating that Application Database has been updated

Figure 4: A message indicating that Application Database has been updated

Enable Engine "Core File" Generation:#

For troubleshooting purposes, Zenarmor can generate a core file that can help the Zenarmor team to pinpoint the root causes of engine problems.

caution

This may temporarily cease network connectivity for the Zenarmor-protected interface for about 30 seconds to up to a minute during core file creation.

To enable this feature switch on the toggle button next to the Enable Engine Core File Generation option.

And then, click Save Changes button at the end of the page.

If any engine error occurs, a core dump file will be generated under the /usr/local/sensei/support/crash_dumps folder. This file can be shared with Sunny Valley Networks Support team to get the issue analyzed and resolved.

Max Swap Utilization#

This is the maximum SWAP usage threshold, that Zenarmor considers the overall system memory consumption state is healthy and you can safely run Zenarmor.

Important

Please note that this is not Zenarmor` SWAP usage; rather it is the overall system SWAP usage and may be the result of other memory-intensive applications that are running on the system. To see which processes are using the resident memory, you can use the following command:

top -ao res

By default, %30 of total swap usage is considered safe for Zenarmor operation. To adjust this value, select any value given in the dropdown list besides the Max Swap Utilization (% of total SWAP) option.

Changing Maximum Allowed Swap Size For Zenarmor

Figure 5: Changing Maximum Allowed Swap Size For Zenarmor.

And then, click Save Changes button at the end of the page.