View statistics in the KSS NG Dashboard
You can use the Dashboard in the Kiwi Syslog Server NG (KSS NG) web console to view syslog data such as severity distribution, message volume, stacked message volume, top hosts, events, and counters. KSS NG uses widgets to display the syslog data and statistics in the Dashboard.
You can add, edit, and customize the widgets that are displayed in the Dashboard. See Add and customize widgets for details.
Severity distribution
The Severity distribution widget contains a chart that displays the number of messages received for each severity level. The default severity levels include Emergency, Alert, Critical, Error, Warning, Notice, Info, and Debug values. The legend displays severity levels in order of priority, starting with Emergency as the highest severity level and descending to Debug, which are messages used for troubleshooting.
The number of messages is determined by the last time the KSS NG service was started. You can restart the service to reset the number of messages.
Message volume
The Message volume widget contains a chart that displays the total volume of collected syslog messages and their corresponding severity levels over a period of time. The default severity levels include Alert, Critical, Error, Warning, Notice, and Emergency values.
Stacked message volume
The Stacked message volume widget contains the same data and customization options as the Message volume widget. Additionally, the Stacked message volume widget displays message count data "stacked" on top of each other in the chart, sorted by severity level. This additional visual makes it easier to compare the number of messages between each severity level and trends over time.
Top hosts
The Top hosts widget contains a chart that displays the number of messages received for each host. This widget assists in identifying potential issues with devices if a particular host is generating a lot of traffic.
Events
The Events widget contains a customizable table that displays stored Event data. The Event table can be customized with columns from any of the default set of values included in KSS NG: Time, Message, Host Name, Host Address, Local Address, Inputsource, Facility, and RFC Hostname. See the table below for details.
Values in the Events widget
| Name of value | Description |
|---|---|
Time
|
The Time value shows the time the log message was forwarded to KSS NG. |
Message
|
The Message value shows the message text contained in the log message. |
Host Name
|
The Host Name value shows the name of the server that receives log messages, or the destination server. |
Host Address
|
The Host Address value shows the IP address of the server that receives log messages. |
Local Address
|
The The local address may change if you forward messages to another host. |
Inputsource
|
The Inputsource value shows the source of the log message sent to KSS NG. The input source includes protocols such as UDP, TCP, and TLS. |
Facility
|
The Facility value shows the Facility, a specific way of determining which server process created the syslog message. See Syslog Facilities for more information about Facilities. |
RFC Hostname
|
The RFC Hostname value shows the hostname as defined by the RFC 3164 standard. See Syslog RFC 3164 header format for more information about RFC hostnames. |
Counters
The Counters widget contains customizable tiles that display traffic and error statistics. The traffic and error statistics are based on a default set of values included in KSS NG: Total, Total1hour, Total24hour, Forwarded, Loggedtodisk, Loggedtodiskerrors, and Uptime. See the table below for details.
In KSS NG, the Counters widget does not currently clear all syslog data when restarting the service.
Values in the Counters widget
| Name of value | Description |
|---|---|
Total
|
The Total value shows the number of messages received since KSS NG started. To reset this value, you must restart KSS NG or service. |
Total1hour
|
The Total1hour value shows the number of messages received in the last full hour. The hours are counted from the time KSS NG was started. If the program has been running less than 60 minutes, this value will be 0. Once an hour has completed, the value will contain the total number of messages received for the last hour. The value will remain constant until the next hour rolls over. |
Total24hour
|
The Total24hour value shows the number of messages received during the last 24-hour period (from the current time of display). This value is a rolling count of the messages received in the last 23 hours, plus the messages received in the last hour. At the turn of each hour, the value will drop as the last 23 hours are shuffled. |
Forwarded
|
The Forwarded value shows the number of messages that have been forwarded to other syslog collectors or relays using the Forward message action. This counter is reset immediately after the stats report have been emailed out. |
Loggedtodisk |
The Loggedtodisk value shows the number of messages that have been logged to disk using the Log to file action. This counter is reset immediately after the stats report have been emailed out. |
Loggedtodiskerrors
|
The Loggedtodiskerrors value shows the number of internal program errors that have been logged to disk. Errors are usually caused when the log file cannot be accessed or if an internal program error has occurred. If the value is not 0, check the error logs for more details. |
Uptime
|
The Uptime value shows the number of hours KSS NG has been running without interruption since the service was last restarted. |