-
Notifications
You must be signed in to change notification settings - Fork 13
/
parliament.html
437 lines (420 loc) · 17 KB
/
parliament.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
---
title: Parliament
---
<!DOCTYPE html>
<html lang="en">
<head>
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-137788272-1"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag () { dataLayer.push(arguments); }
gtag('js', new Date());
gtag('config', 'UA-137788272-1');
</script>
<title>Parliament</title>
<!-- Required meta tags always come first -->
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
<meta http-equiv="x-ua-compatible" content="ie=edge" />
<meta name="description" content="Arkime Parliament is a grouped list of your Arkime clusters." />
<!-- facebook open graph tags -->
<meta property="og:url" content="http://arkime.com" />
<meta property="og:description" content="Arkime Parliament is a grouped list of your Arkime clusters." />
<meta property="og:image" content="assets/Arkime_Logo_FullGradientBlack@2x.png" />
<!-- twitter card tags additive with the og: tags -->
<meta name="twitter:card" content="summary" />
<meta name="twitter:domain" value="arkime.com" />
<meta name="twitter:description" value="Arkime Parliament is a grouped list of your Arkime clusters." />
<meta name="twitter:image" content="assets/Arkime_Logo_FullGradientBlack@2x.png" />
<meta name="twitter:url" value="http://arkime.com" />
<!-- fontawesome http://fontawesome.io/ -->
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css">
<!-- Bootstrap CSS https://getbootstrap.com/ -->
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css">
<!-- custom index page styles -->
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body id="viewport">
<div class="container-fluid full-width-page">
<!-- navbar -->
{%- include navbar.html -%}
<!-- info -->
<div class="primary-theme-background p-nav-lg mb-5">
<div class="row pb-5">
<div class="col-md-6 offset-md-3">
<h1 class="display-3 text-center">
Arkime Parliament
</h1>
<p class="lead lead-lg text-thin text-center">
Parliament contains a grouped list of your Arkime clusters with
links, Elasticsearch/OpenSearch health, and issues for each.
You can use Parliament as a landing page for all of your Arkime
clusters and as a status page to monitor the health of your clusters.
</p>
<p class="lead lead-lg text-center">
As of v5 of Arkime, Parliament requires a configuration file.
See <a href="settings#parliament" class="no-decoration">Parliament Settings</a> for details.
</p>
<p class="lead lead-lg text-center">
<a href="https://github.com/arkime/arkime/tree/main/parliament#arkime-parliament" class="no-decoration">
View the Parliament README on GitHub!
</a>
</p>
<p class="lead text-thin text-center">
<img class="arkime-logo black-arkime d-none d-sm-none d-md-none d-lg-inline mr-2" height="50px" />
Did you know that a Parliament is a group of owls?
<img class="arkime-logo black-arkime d-none d-sm-none d-md-none d-lg-inline ml-2" height="50px" />
</p>
</div>
</div>
</div> <!-- /info -->
<hr>
<!-- screenshots -->
<div class="mt-5">
<!-- dashboard -->
<div class="container-fluid mb-5">
<div class="row d-flex align-items-end">
<div class="col-lg-8 col-md-7 align-self-start">
<h1 class="display-4 mb-3 dark-primary-theme-text">
Parliament Dashboard
</h1>
<p class="lead mb-3">
The Parliament Dashboard displays a grouped list of your configured
Arkime Clusters. Here you can navigate to any cluster and view
stats and health.
</p>
<img
alt="Parliament Dashboard screenshot"
class="screenshot-img parliament-dashboard"
width="50px"
/>
</div>
<div class="col-lg-4 col-md-5 small mt-3">
<h5>
<span class="primary-theme-text fa fa-search fa-fw fa-lg">
</span>
Search
</h5>
<p>
Search for clusters in your Parliament by their name.
</p>
<h5>
<span class="primary-theme-text fa fa-check fa-fw fa-lg">
</span>
Acknowledge Issues
</h5>
<p>
Acknowledge issues in your clusters by clicking the check box.
You can acknowledge them one at a time or all in each cluster.
Acknowledged issues will not show up on the dashboard, but will
remain on the issues page.
<br>
<strong>Note:</strong> only logged in users can acknowledge issues.
</p>
<h5>
<span class="primary-theme-text fa fa-eye-slash fa-fw fa-lg">
</span>
Ignore Issues
</h5>
<p>
Ignore issues in your cluster for a certain amount of time by
clicking the eye dropdown. Ignored issues will not send alerts
until the ignore time has expired and the issue still persists.
You can un-ignore them on the Issues page.
<br>
<strong>Note:</strong> only logged in users can ignore issues.
</p>
<h5>
<span class="primary-theme-text fa fa-hand-o-up fa-fw fa-lg">
</span>
Navigate to a Cluster
</h5>
<p>
You can click the cluster's name to navigate to the Arkime
sessions page of that cluster. You can also navigate to the
Arkime main stats page by clicking the bar graph icon and the
Elasticsearch/OpenSearch Nodes stats page by clicking on the Elasticsearch/OpenSearch status indicator.
</p>
</div>
</div>
</div> <!-- /dashboard -->
<!-- edit -->
<hr>
<div class="container-fluid mt-5 mb-5">
<div class="row d-flex align-items-end">
<div class="col-lg-8 col-md-7 align-self-start">
<h1 class="display-4 mb-3 dark-primary-theme-text">
Configure Parliament
</h1>
<p class="lead mb-3">
When logged in, you can create, update, and delete Parliament
groups and clusters.
</p>
<img
alt="Configure Parliament screenshot"
class="screenshot-img parliament-edit"
/>
</div>
<div class="col-lg-4 col-md-5 small mt-3">
<h5>
<span class="primary-theme-text fa fa-toggle-on fa-fw fa-lg">
</span>
Toggle Edit
</h5>
<p>
To edit your Parliament, click the toggle button at the top right.
</p>
<h5 class="mt-4">
<span class="primary-theme-text fa fa-plus fa-fw fa-lg">
</span>
New Groups and Clusters
</h5>
<p>
Create new groups to organize your clusters.
Add clusters to groups at any time.
</p>
<h5 class="mt-4">
<span class="primary-theme-text fa fa-trash-o fa-fw fa-lg">
</span>
Delete Groups and Clusters
</h5>
<p>
Delete groups and clusters as you remove Arkime clusters.
</p>
<h5 class="mt-4">
<span class="primary-theme-text fa fa-pencil fa-fw fa-lg">
</span>
Edit Groups and Clusters
</h5>
<p>
Edit groups and clusters as your Parliament changes.
</p>
<h5 class="mt-4">
<span class="primary-theme-text fa fa-th fa-fw fa-lg">
</span>
Reorder
</h5>
<p class="mb-0">
Drag and drop groups and clusters where you want them.
</p>
</div>
</div>
</div> <!-- /edit -->
<!-- issues -->
<hr>
<div class="container-fluid mb-5">
<div class="row d-flex align-items-end">
<div class="col-lg-8 col-md-7 align-self-start">
<h1 class="display-4 mb-3 dark-primary-theme-text">
Parliament Issues
</h1>
<p class="lead mb-3">
You can view and interact with all of the issues that the clusters
in your Parliament are experiencing.
</p>
<img
alt="Parliament Issues screenshot"
class="screenshot-img parliament-issues"
/>
</div>
<div class="col-lg-4 col-md-5 small mt-3">
<h5>
<span class="primary-theme-text fa fa-fw fa-search fa-lg">
</span>
Search Issues
</h5>
<p>
Search for issues within your Parliament by name cluster name,
node name, and issue type.
</p>
<h5>
<span class="primary-theme-text fa fa-fw fa-filter fa-lg">
</span>
Filter Issues
</h5>
<p>
Use the filter dropdown to filter out issues you don't want to view.
</p>
<h5>
<span class="primary-theme-text fa fa-fw fa-sort fa-lg">
</span>
Sort Issues
</h5>
<p>
Sort the issues by field to display the issues relevant to you.
</p>
<h5>
<span class="primary-theme-text fa fa-check fa-fw fa-lg">
</span>
Acknowledge Issues
</h5>
<p>
Acknowledge issues in your clusters by clicking the check box.
Acknowledged issues will remain on the issues page (grayed out)
but will not be visible on the Parliament dashboard. Acknowledged
issues will be removed after 15 minutes (or your configured
setting) or can be removed at any time via the trashcan button.
<br>
<strong>Note:</strong> only logged in users can acknowledge issues.
</p>
<h5>
<span class="primary-theme-text fa fa-eye-slash fa-fw fa-lg">
</span>
Ignore Issues
</h5>
<p>
Ignore issues in your cluster for a certain amount of time by
clicking the eye dropdown. Ignored issues will remain on the
issues page (grayed out) but will not be visible on the parliament
dashboard. Ignored issues will not send alerts until the ignore
time has expired and the issue still persists. You can un-ignore
issues here as well to begin receiving alerts again.
<br>
<strong>Note:</strong> only logged in users can ignore issues.
</p>
</div>
</div>
</div> <!-- /issues -->
<!-- settings -->
<hr>
<div class="container-fluid mb-4">
<div class="row d-flex align-items-end">
<div class="col-lg-8 col-md-7 align-self-start">
<h1 class="display-4 mb-3 dark-primary-theme-text">
Parliament Settings
</h1>
<p class="lead mb-3">
When logged in, you can configure the alert thresholds, password,
and notifiers (services that send alerts).
</p>
<img
alt="Parliament Settings screenshot"
class="screenshot-img parliament-settings"
/>
</div>
<div class="col-lg-4 col-md-5 small mt-3">
<h5>
<span class="primary-theme-text fa fa-gear fa-fw fa-lg">
</span>
General Settings
</h5>
<p>
<ul>
<li>
The capture nodes must check in this often setting controls
how behind a node's cluster's timestamp can be from the
current time. If the timestamp exceeds this time setting, an
Out Of Date issue is added to the cluster. The default for
this setting is 30 seconds.
</li>
<li>
The OpenSearch/Elasticsearch query timeout setting controls the maximum
OpenSearch/Elasticsearch status query duration. If the query exceeds this
time setting, an Elasticsearch/OpenSearch Down issue is added to the cluster. The
default for this setting is 5 seconds.
</li>
<li>
The Low Packets Threshold setting controls the minimum number
of packets that the capture nodes must receive. If a capture
node is not receiving enough packets, a Low Packets issue is
added to the cluster. You can set this value to -1 to ignore
this issue altogether. This setting also includes a time range
for how long this problem must persist before adding an issue
to the cluster. The default for this setting is 0 packets for
10 seconds.
</li>
<li>
The remove all issues after setting controls when an issue is
removed if it has not occurred again. The issue is removed
from the cluster after this time expires as long as the issue
has not occurred again. The default for this setting is 60
minutes.
</li>
<li>
The remove acknowledged issues after setting controls when an
acknowledged issue is removed. The issue is removed from the
cluster after this time expires (so you don't have to remove
issues manually with the trashcan button on the issues page).
The default for this setting is 15 minutes.
</li>
</ul>
</p>
<h5>
<span class="primary-theme-text fa fa-bell fa-fw fa-lg">
</span>
Notifiers
</h5>
<p>
Configure services to send alerts here. Currently, you can
configure Slack, Email, and Twilio (SMS) alerts. You can select
which type of alerts each notifier alerts on. Update, delete, or
test an alert at any time.
<br>
<strong>Note:</strong> If you configure a Parliament hostname and
enable Parliament dashboard links, every alert will contain a
link to the Parliament Dashboard
</p>
</div>
</div>
</div> <!-- /settings -->
<!-- users -->
<hr>
<div class="container-fluid mb-4">
<div class="row d-flex align-items-end">
<div class="col-lg-8 col-md-7 align-self-start">
<h1 class="display-4 mb-3 dark-primary-theme-text">
Parliament Users
</h1>
<p class="lead mb-3">
You can configure users and roles for access to Parliament, Arkime, Cont3xt, and WISE here.
</p>
<img
alt="Parliament Users screenshot"
class="screenshot-img parliament-users"
/>
</div>
<div class="col-lg-4 col-md-5 small mt-3">
<h5>
<span class="primary-theme-text fa fa-user fa-fw fa-lg">
</span>
Users
</h5>
<p>
<strong>New to v5!</strong>
<br>
This is the same page that is available within both Arkime and Cont3xt.
<br>
Here, you can create, update, and delete users and roles.
</p>
</div>
</div>
</div> <!-- /users -->
</div> <!-- /screenshots -->
<!-- contribute -->
<hr>
<div class="row text-center mb-5 mt-5">
<div class="col">
<p class="mb-0">
Want to contribute to Parliament?
Found an issue?
</p>
<p>
<span class="fa fa-github-alt fa-lg">
</span>
Parliament is open source.
<a href="https://github.com/arkime/arkime/blob/main/CONTRIBUTING.md"
class="no-decoration"
rel="nofollow">
Please contribute!
</a>
<span class="fa fa-github-alt fa-lg">
</span>
</p>
</div>
</div> <!-- /contribute -->
</div> <!-- /container -->
<!-- footer -->
{%- include footer.html -%}
</body>
</html>