Following are the feature updates made in this release:
A new tab volumeGroups is added
The Collector output exported as an XLSX includes an additional tab for Volume Groups
List. This allows you to look at the individual volume groups in case of AHV and their
properties when the data is gathered via Prism.
ONTAP CIFS shares - Search Path column added
The Collector output exported as an XLSX includes a new column "Search Path" within
the CIFS Share Info tab. This column shows the search paths that are configured for
the home directory share.
Prism, Hyper-V, and v-Center - New columns added in vDisk tab
The following new columns are added in the vDisk tab:
Volume Group Name - This column shows the name of Volume Group if the disk belongs
to it.
Volume Group Disk - This column shows whether the disk is part of the volume
group.
Volume Group Shared - This column shows whether the volume group is shared across
VMs
Disk UUID - This column shows the unique identifier of the disk.
Volume Group UUID - This column shows the unique identifier of the volume group.
Prism, Hyper-V, and v-Center - New columns added in vmList tab
The following new columns are added in vmList tab:
Volume Group Attached - This column shows whether the VMs has volume groups
attached to it.
Volume Group Capacity (MiB) - This column shows the number of vDisks capacities
that are part of the volume group.
Volume Group Consumed (MiB) - This column shows the number of vPartition
capacities that are part of the volume group.
Prism, Hyper-V, and v-Center - New column added in vPartition tab
The following new column is added in the vPartition tab:
Volume Group Partition - This column shows whether the partition is part of the
volume group.
Multiple NIC support for Prism Element
If a VM supports multiple Network Interface Cards (NICs), the Collector output (except
for ONTAP CIFS shares) exported as an XLSX shows all the supported NICs in the vNetwork
tab.
Provisioned Capacity
The provisioned capacity has been made to a default storage while exporting the
compute workload through Prism, vCenter, Hyper-V and ONTAP CIFS shares.
Enhancements
The following features are available in the release:
In the project view screen of ONTAP projects, the user interface has been updated
to let the users know that the option
Export to Sizer
is
available only from Collector 4.1 and later versions.
In case of powered off VMs, the Prism now shows the performance data value as
'null' instead of 0 and the histogram chart is updated accordingly in the VMs
Summary.
A specific error message is displayed in cases when someone registered to
Collector but not to Sizer, tries to export the collected data to Sizer.
In the Collector Portal, optimized the process of fetching VM information for
larger projects.
Resolved Issues
The following issues are resolved in this release:
The data center name is now correctly identified by the Collector for the Prism Element
clusters.
Improved the time taken to collect the information via Prism when Collector is unable to
collect the Guest OS information.
For Prism instances, Collector can now collect the cluster performance data even if
there are intermittent errors when gathering the performance metrics.
Resolved an issue in collecting the vNetwork data for AOS 5.20.2.1 (AHV - 20201105.2244)
and higher versions.
Collector can now collect the data for multiple network interface cards that are
associated with a single VM.
Resolved an issue where the Collector Portal was unable to generate XLSX file when
NetApp ONTAP Volume did not report Consumed Capacity and Snapshot Reserved Capacity.
Resolved the cluster connection issue when trying to collect the data via Prism version
AOS 5.15.4.
Resolved an issue where the data collection for Prism clusters get stuck while retrying
the failed APIs.
Resolved an issue where the thin provisioning status shows inconsistent values in vDisk
and vmList tabs.
Known Issues
This section describes the issues found in this or recent releases that you might
encounter:
In case of vPartition entries, the datastores are not considered.
The Nutanix Collector fails to run when the executable files are flagged or deleted by
firewall or anti-virus setting.
VM Summary values appear as NaN in the collection file.
Collector fails to gather the information when there is only one Prism Element cluster
under the Prism Central.
Collector 4.1.1 Open Source Software
Collector 4.1.1
Product Release Date: 2022-08-02
Last updated: 2022-08-02
Open Source Software In This Release
For more information about Collector open source licensing details, see Open Source Licenses for Collector.
Following are the feature updates made in this release:
Performance Improvements
The data collection and output generation for Prism, vCenter, Hyper-V clusters,
hosts, and VMs, and ONTAP CIFS shares is improved by 2x to 3x.
The progress bar of the data collection for Prism, vCenter, and Hyper-V VMs
provides more granular and better information on the progress being made.
Rerunning data collection from different datacenters or clusters registered with
the same vCenter, Prism, and ONTAP CIFS shares instances are faster due to
caching.
Prism, Hyper-V, and v-Center - New column added in vPartition tab
A new column
Collector vPartition UUID
is added in the
vPartition tab to account only unique entry for calculating the storage capacity and
consumed storage.
Improved Logs Collection for Troubleshooting
For the Nutanix Collector desktop application, you can configure the log levels
such as info, debug, error, critical, and warning based on the logs you want to
collect for troubleshooting.
A new file
collector-client.log
has been added in the Nutanix
Collector bundle to collect the logs for troubleshooting.
Configure Port Number
If the listener port's default port number is in use, you can configure the port that
is unused to establish a connection.
Resolved Issues
The following issues are resolved in this release:
Fixed the instances for which the VM Summary value appeared as NaN in the output
collection file.
For Prism, the storage capacity is now captured for the volume groups that are
associated with File Server VMs.
For vHosts, fixed the 95th percentile value of the IOPS, number of read, and number of
write operations that appeared empty in the output collection file.
The VM level provisioned and consumed storage now accounts only unique partitions.
Nutanix Collector supports data collection from the servers that has more number of VMs
due to performance enhancements.
Data collection failure due to the unsupported delimiter formats is resolved.
Known Issues
This section describes the issues found in this or recent releases that you might
encounter:
In case of vPartition entries, the datastores are not considered.
Collector fails to gather the information when there is only one Prism Element cluster
under the Prism Central.
For the workaround, see the section Troubleshooting of the
Collector User
Guide
.
Open Source Software In This Release
For more information about Collector open source licensing details, see Open Source Licenses for Collector.
Important:
Data created with an early access (EA) version of Data Lens will be removed with the completion of the EA program. The data will not be available in
the general availability (GA) versions.
Nutanix Data Lens™ (Data Lens) provides a cloud-hosted analytics and
monitoring service for all of your file servers hosted on Nutanix Files. Data Lens
centralizes data from all of your clusters connected to Pulse, across various data center
locations. Cloud resources reduce scaling constraints, as the Cloud is not dependent on the
file server resources, letting you have near-real-time analytics and alerts even for
load-heavy file servers of more than 250 million files and over 500 TB of storage. Hosting
File Analytics on premises limits the service to local file servers only. In contrast, Data
Lens functions on a global level, in a cluster-neutral environment, without being tied to a
single Nutanix cluster.
Requirements
Meet the requirements for running Data Lens.
Configure a MyNutanix account to access the Data Lens console.
In Prism, enable Pulse health monitoring. See "Pulse Health Monitoring" in the
Prism Central Guide
.
Getting Started With Data Lens
Perform the tasks described in this chapter to get started with
Data Lens
.
Do the following:
Ensure that you have registered for Data Lens from the My Nutanix portal, see, Creating a My Nutanix Account.
Launch
Data Lens
, see Onboarding into Data Lens. The first admin to launch
Data Lens
becomes the account admin and
can
invite other users that are associated with the account ID.
Enable
Data Lens
for Nutanix Files file servers, see
Data Lens Global Dashboard. You can monitor the enablement in
the Tasks view.
Creating a My Nutanix Account
You must have a My Nutanix Account to access the Data Lens
console.
About this task
Perform the following procedure to create a My Nutanix account.
Procedure
In the address bar of a web browser, type
https://my.nutanix.com
and click
Enter
.
Click
Sign up now
.
Enter the details such as
First Name, Last Name, Company name, Job
title, Phone number, Country, Email,
and
Password
.
Follow the specified password complexity requirements when you are creating
the password.
Click
Submit
.
A confirmation page is displayed and you receive an email from
mynutanix@nutanix.com after you successfully complete the sign-up
process.
Following is an example of the email.
Hi First Name,
Welcome to the My Nutanix portal!
To get started, confirm your email by clicking on the link below. If clicking the link does not work, you can copy and paste the link into your browser's address window.
https://my.nutanix.com/#/verify?username=your_email_address_ &confirmation=
If you run into any issues, please email portal-accounts@nutanix.com to speak with a Nutanix Portal representative. Please do not reply to this email directly.
Best Regards,
Nutanix Team
Click the link in the email to verify your email address.
A confirmation message briefly appears and you are directed to the Nutanix
Support portal.
Log on to the portal by using the credentials you specified during the sign-up
process.
The Welcome Back page appears.
Click
My Nutanix
to go to the My Nutanix
dashboard.
Onboarding into Data Lens
Before you
sign
up for a paid plan to use
Data Lens
, you can start a
60-day
free trial. To continue to use
Data Lens
after the
trial period ends, you must upgrade your plan to one of the paid plans.
About this task
Perform the following procedure to subscribe to a free trial of
Data Lens
.
Procedure
Log on to https://my.nutanix.com by using your My Nutanix credentials.
On the My Nutanix dashboard, scroll down to Cloud Services, and under
Data Lens
,
click
Get Started
. Subsequent users click
Launch
.
The
Global Dashboard
appears displaying the file
servers and object stores associated with your account.
Tip:
If you do not see the
Global
Dashboard
, enable Pulse Health Monitoring. See "Pulse Health
Monitoring" in the
Prism Central Guide
Port Requirements
The Port Reference provides detailed port information
for Data Lens and other Nutanix products and services, including port sources and
destinations, service descriptions, directionality, and protocol requirements.
Unsupported Features
Lists the unsupported features for Data Lens.
Data Lens does not support cloned file server.
Data Lens Global Dashboard
The
Global Dashboard
details all registered file
servers.
Global Dashboard View
The Data Lens
Global Dashboard
is the landing page after launching
Data Lens. The
Global Dashboard
includes a table that lists all file
servers across all of your registered clusters.
Figure.
Data Lens Global Dashboard
Click to enlarge
The
Global Dashboard
consists of the following elements.
An
Anomaly Status
pane summarizes the number of file servers with
anomaly alerts, no anomaly alerts, and no rules configured.
A
Capacity and Shares
pane summarizes the total number of shares
and total capacity analyzed on all file servers with Data Lens enabled (excluding
snapshots). You can view the details of the shares of a particular file server by clicking
the link on the total number of shares. (See "Share Details View" below). Total capacity
analyzed is calculated and updated every hour.
A
Data Summary
pane summarizes the number of users, directories,
and files across all file servers with Data Lens enabled.
A
File Server
pane displays region-wise file servers. Clicking
the table icon in the top right corner switches to a
List of File
Servers
, see the "List of File Servers Table" for details.
Note:
File
servers do not appear for clusters with Pulse Health Monitoring disabled.
Table 1.
List of File Servers
Column
Description
Status
Indicates if Data Lens is enabled or disabled.
Vendor
Indicates the file server vendor.
File Server Name
Indicates the name of the file server.
Number of Shares
Indicates the number of shares and exports on the file server.
File Server Version
Indicates the Files version of the file server.
Data Retention
Indicates the data retention period of Data Lens
data.
Three-Dot Menu
Provides options to enable or disable Data Lens on the file
server.
Share Details View
In the
Data Summary
pane, clicking the number of
Shares
displays
Share Details
view.
Figure.
Share Details
Click to enlarge
The
Share Details
view consists of the following elements.
A
File Server drop-down
lets you select a file server of the
logged in account. Based on the selected file server, the total capacity, current usage,
and the share details appear in the table.
Total Capacity
indicates the total capacity for the file
server.
Current Usage on Primary (includes system files)
indicates the
current usage of the file server.
Note:
Tiered data is excluded for calculating the
current usage.
The
List of Shares
lists all of the shares on the selected file
server, including all active shares and deleted shares for which Data Lens retains audit
data. The list is ordered by the highest percentage of used and max capacity of the share.
See the "Shares Table" for details.
Note:
Data Lens updates used capacity for shares on an hourly basis, not in
real-time.
The list does not include nested shares (active or deleted).
The list does not include deleted shares for which Data Lens does not retain audit
data.
Table 2.
Shares Table
Column
Description
Share Name
Indicates the name of the share.
File Server
Displays the name of the file server of that share.
Used Capacity
Indicates the capacity used by the share.
Max Size
Indicates the quota assigned to a share, and it is the max capacity a share can
use.
If value of max size is not defined,
Undefined
value is
displayed in the table.
Dashboard
The
Dashboard
tab displays data on the operational trends of an
entity (file server, object, or share).
Dashboard View
The
Dashboard
tab is the opening screen that appears after launching
Data Lens for a specific entity. The
scope selector
indicates the
entity for which the dashboard displays data using various widgets. By default the
scope selector
displays data for the file server (all shares). To
have the widgets display data for a specific, select a single share from the
scope selector
. See the "Dashboard Widgets" table for a description
of each widget.
Note:
Widgets refresh hourly.
Figure.
Data Lens Dashboard
Click to enlarge
Table 1.
Dashboard Widgets
Tile Name
Description
Values and Intervals
Data Growth Trend
Displays data growth trends for the entity including the data added, data
removed, and net changes.
Clicking an event period widget displays the
Data Growth Trend Details
view.
Clicking the
View Forecast
displays the data growth forecast for a time
period.
7 days, the last 30 days, or the last 1 year
Data summary by age and storage tier
Displays the percentage of data by age. Data age determines the data heat,
including: hot, warm, and cold.
Includes an option to open the
Smart
Tiering Dashboard
to configure tiering and to configure cost savings,
see Configuring Cost Savings.
To edit the heat
levels, see Configuring Data Heat Levels.
Default intervals are as follows:
Hot data – accessed within the last week.
Warm data – accessed within 2 to 4 weeks.
Cold data – accessed 4 weeks ago or later.
Permission denials
Displays users who have had excessive permission denials and the number of
denials. Clicking a user displays audit details, see Audit Trails - Users View for more.
[user id], [number of permission denials]
File distribution by size
Displays the number of files by file size. Provides trend details for top 5
files.
Less than 1 MB, 1–10 MB, 10–100 MB, 100 MB to 1 GB, greater than 1 GB)
File distribution by type
Displays the space taken up by various applications and file types. The file
extension determines the file type. See the
File types
table for more
details.
MB or GB
File distribution by type details view
Displays a trend graph of the top 5 file types. File distribution details include
file type, current space used, current number of files, and change in space for the
last 7 or 30 days.
Clicking
View Details
displays the
File Distribution by Type
view.
Daily size trend for top 5 files (GB), file type (see the "File Type" table),
current space used (GB), current number of files (numeric), change in last 7 or 30
days (GB)
Potential duplicate files
Displays a summary of potential duplicate files based on their name, size, and
extension for files larger than 1MB.
Integers for total files with duplicates and total count of duplicates. MB, GB,
or TB for total size of duplicates
Top 5 active users
Lists the users who have accessed the most files and number of operations the
user performed for the specified period. When there are more than 5 active users, the
more
link provides details on the top 50 users. Clicking the
user name displays the audit view for the user, see Audit Trails - Users View for more.
24 hours, 7 days, 1 month, or 1 year
Top 5 accessed files
Lists the 5 most frequently accessed files. Clicking
more
provides details on the top 50 files.
Clicking the file name displays the audit view
details for the file, see Audit Trails - Files View for
more.
24 hours, 7 days, 1 month, or 1 year
Files operations
Displays the distribution of operation types for the specified period, including
a count for each operation type and the total sum of all operations.
Clicking an
operation displays the
File Operation Trend
view.
24 hours, 7 days, 1 month, or 1 year
Data Growth Trend Details View
Clicking an event period in the
Data Growth Trend
widget displays
the
Data growth trend details
view for that period. The view includes
the
Share/Export
and
Category
tabs (only the
Category
tab appears when viewing the details for a share). Each
tab includes columns detailing entity details such as, Name, Net Capacity Change, Data
Added, and Data Removed.
Figure.
Data Growth Trend Details View
Click to enlarge
Table 2.
Data Growth Trend Details
Column
Description
Name
Name of share/export or category
Net capacity change
The total difference between capacity at the beginning and the end of the
specified period
Data added
Total data added for the specified period
Data removed
Total data removed for the specified period
Data Growth Forecast View
Clicking the
View Forecast
for the
Data Growth
Trend
widget displays the data forecast for an entity over a time period.
The data forecast is based on the historical data of the last 90 days. From the drop-down
option, select a forecast period of 3 months, 6 months, 9 months, or 1 year.
Figure.
Data Growth Forecast Details
Click to enlarge
Table 3.
Capacity Runway Details
Usage
Description
Low Usage
The number of days in which the entity reaches the maximum capacity as per the
low usage.
Medium Usage
The number of days in which the entity reaches the maximum capacity as per
medium usage.
High Usage
The number of days in which the entity reaches the maximum capacity as per high
usage.
File Distribution by Type Details View
Clicking
View Details
for the
File Distribution by
Type
widget displays granular details of file distribution, see the
File Types
table for details.
Figure.
File Distribution by Type
Click to enlarge
Table 4.
Details of File Distribution Parameters
Column
Description
File type
Name of file type
Current space used
Space capacity occupied by the file type
Current number of files
Number of files for the file type
Change (in last 30 days)
The increase in capacity over a 30-day period for the specified file type
Clicking
View Duplicates
displays the
Potential Duplicate
Files
view. The following table describes the information found on each pane
in the view.
Figure.
Potential Duplicates View
Click to enlarge
Table 6.
Potential Duplicate Files
Pane
Summary
Overall Summary
Provides three high level metrics:
Total Files with
Duplicates
,
Total Count of Duplicates
, and
Total Size of Duplicates
.
Files With Duplicates
Includes an option to search by file name and a table that lists potential
duplicate files. The table is organized with the file names, a link to
View All Instances
, and the following columns:
original creation date
,
duplicate
count
,
size of duplicates
, and
number of duplicate file owners
.
Clicking
View All Instances
displays a table with
information about the file organized by the following columns:
Path
,
Owner
,
Share
,
Date Created
, and
Date Modified
.
Filters
Lets you filter by
original creation date
,
duplicate count
,
size of duplicates
,
number of duplicate file owners
,
data
type
,
owners
and
shares
.
File Operation Trend View
Clicking an operation type in the
File Operations
widget displays
the
File Operation Trend
view. The
File Operation
Trend
view breaks down the specified period into smaller intervals, and
displays the number of occurrences of the operation during each interval.
Figure.
Operation Trend
Click to enlarge
Table 7.
File Operation Trend View Parameters
Element
Description
Operation type
A drop-down option to specify the operation type. See
Files
Operations
in the
Dashboard Widgets
table for a list of
operation types.
Last (time period)
A drop-down option to specify the period for the file operation trend.
File operation trend graph
The x-axis displays shorter intervals for the specified period. The y-axis
displays the number of operations trend over the extent of the intervals.
Anomalies
Data panes in the
Anomalies
view display data and trends for
configured anomalies.
The
Anomalies
view provides options for creating anomaly policies
and displays dashboards for viewing anomaly trends.
You can configure anomalies for the following operations:
Creating files and directories
Deleting files and directories
Permission changes
Permission denials
Renaming files and directories
Reading files and directories
Define anomaly rules by the specifying the following conditions:
Users exceed an operation count threshold
Users exceed an operation percentage threshold
Meeting the lower operation threshold triggers an anomaly.
Consider a scenario where you have 1 thousand files, the
operation count
threshold
defined as 10, and the
operation percentage
threshold
defined as 10%. The count threshold takes precedence, as 10% of 1
thousand is 100, which is greater than the count threshold of 10.
Figure.
Anomalies Dashboard
Click to enlarge
Table 1.
Anomalies Data Pane Descriptions
Pane Name
Description
Values
Anomaly Trend
Displays the number of anomalies per day or per month.
Last 7 days, Last 30 days, Last 1 year
Top Users
Displays the users with the most anomalies and the number of anomalies per
user.
Last 7 days, Last 30 days, Last 1 year
Top Folders
Displays the folders with the most anomalies and the number of anomalies per
folder.
Last 7 days, Last 30 days, Last 1 year
Operation Anomaly Types
Displays the percentage of occurrences per anomaly type.
Last 7 days, Last 30 days, Last 1 year
Anomaly Details
Clicking an anomaly bar in the
Anomaly Trend
graph displays the
Anomaly Details
view.
Figure.
Anomaly Details View
Click to enlarge
Table 2.
Anomalies Details View Total Results Table
Column
Description
Anomaly Type
The configured anomaly type. Anomaly types not configured do not show up in the
table.
Total User Count
The number of users that have performed the operation causing the specified
anomaly during the specified time range.
Total Folder Count
The numbers of folders in which the anomaly occurred during the specified time
range.
Total Operation Count
Total number of anomalies for the specified anomaly type that occurred during
the specified time range.
Time Range
The time range for which the total user count, total folder count, and total
operation count are specified.
Indicates the entity for the operation count. Selecting the
Users
tab indicates operation count for specific users, and
selecting the
Folders
tab indicates the operation count for
specific folders.
Operation count
The total number of operations causing anomalies for the selected user or
folder during the time period for the bar in the
Anomaly
Trend
graph.
Configuring Anomaly Detection
Steps for configuring anomaly rules.
About this task
To create an anomaly rule, do the following.
Procedure
In the Data Lens web console, click the
gear icon
>
Define Anomaly Rules
.
In the
Anomaly Email Recipients
field, enter a
comma-separated list of email recipients for all anomaly alerts and data.
Note:
Data Lens sends anomaly alerts and data to recipients whenever Data Lens
detects an anomaly.
To configure a new anomaly, do the following in the indicated fields:
Events
: Select a rule for the anomaly from one
of the following:
Permission changed
Permission denied
Delete
Create
Rename
Read
The event defines the scenario type for the anomaly.
Minimum Operations %
: Enter a percentage value
for the minimum threshold.
Data Lens calculates the minimum operations percentage based on the
number of files. For example, if there are 100 files, and you set the
minimum operations percentage to 5, five operations within the scan
interval would trigger an anomaly alert.
Minimum Operation Count
: Enter a value for a
minimum operation threshold.
Data Lens triggers an anomaly alert after meeting the threshold.
User
: Choose if the anomaly rule is applicable
for
All Users
or an
Individual
user.
Type:
the type determines the interval.
The interval determines how far back Data Lens monitors the
anomaly.
Interval
: Enter a value for the detection
interval.
(optional)
Actions
: Click the
pencil
icon
to update an anomaly rule. Click the
x
icon to delete an existing rule.
Figure.
Anomaly Configuration Fields
Click to enlarge
Use audit trails to look up operation data for a specific user, file, folder, or
client.
The
Audit Trails
view includes
Files
,
Folders
,
Users
, and
Client
IP
options for specifying the audit type. Use the search bar for specifying the
entity for the audit (user, folder, file, or client IP).
The results table presents details for entities that match the search criteria. Clicking the
entity name (or client IP number) takes you to the details for the target entity.
Performing Audits
Audit a user, file, client, or folder.
About this task
Follow the steps as indicated.
Procedure
Go to
collapse menu
>
Audit Trails
.
Select the
Files
,
Folders
,
Users
, or
Client IP
option.
(optional) In the shares field, check or un-check target
shares.
Enter the audit trails target into the search bar.
Click
Search
.
To display audit results in the
Audit Trails
window,
click the entity name (or client IP number).
Audit Trails - Users View
Details for the user audit trails view.
Audit Trails Search - Users
When you search by user in
Audit Trails
, search results display the
following information in a table:
User Name
Domain
Last Operation
Last Operation On
Share Name
Operation Date
Action
Figure.
Users Search Results
Click to enlarge
Audit Details Page - Users
Clicking
View Audit
displays the
Audit
Details
page, which shows the following audit information for the selected
user.
A
User Events
graph displays various operations the user
performed during the selected period and the percentage of time each operation has
occurred per total operations during the specified period.
The
Filter by operations
dropdown contains operation filters,
which you can use to filter the audit by operation type. Operations include:
Create File
Delete
Make Directory
Permission Changed
Permission Denied
Read
Remove Directory
Rename
Set Attribute
Write
Symlink
The
filter bar
, above the User Events graph, displays the
filters in use.
Use the
From
and
To
fields to filter
by date.
The
Results
table displays operation-specific information. See
more details below.
The
Reset Filters
button removes all filters.
Figure.
User Audit Details - Events
Click to enlarge
The
Results
table provides granular details of the audit results.
The following data is displayed for every event.
User Name
User IP Address
Operation
Operation Date
Target File
Click the
gear icon
for options to download the data as an xls, csv,
or JSON file.
Figure.
Results Table
Click to enlarge
Audit Trails - Folders View
Details for the folder audit trails view.
When you search by folder name in
Audit Trails
, search results
display the following information in a table:
Folder Name
Folder Owner Name
Share Name
Parent Folder
Last Operation
Last Operation By
Last Operation Date
Action
Figure.
Folders Search Results
Click to enlarge
The
Audit Details
page shows the following audit information for the
selected folder.
A
Folder Events
graph displays various operations performed on
the file during the selected period, and the percentage of time each operation has
occurred per total operations during that period.
The
Filter by operations
dropdown contains operation filters,
which you can use to filter the audit by operation type. Operations include:
Select All
Make Directory
Permission Changed
Permission Denied
Remove Directory
Rename
Set Attribute
A
filter bar
, above the File Events graph displays the
filters in use.
Use the
From
and
to
fields to filter
by date.
The
Results
table displays operation-specific details.
The
Reset Filters
button removes all filters.
The
Results
table provides granular details of the audit results.
Data Lens
displays the following data for every event.
User Name
Client IP
Operation
Operation Date
Click the gear icon for options to download the data as a CSV file.
Audit Trails - Files View
Dashboards details for the files audit trails view.
Audit Trails for Files
When you search by file name in
Audit Trails
, search results display
the following information in a table:
File Name
File Owner Name
Share Name
Parent Folder
Last Operation
Last Operation By
Last Operation Date
Action
Figure.
Files Search Results
Click to enlarge
Note:
Data Lens
does not support regular expression (RegEx) based
search.
The
Audit Details
page shows the following audit information for the
selected file
A
File Events
graph displays various operations performed on the
file during the selected period, and the percentage of time each operation has occurred
per total operations during that period.
The
Filter by operations
dropdown contains operation filters,
which you can use to filter the audit by operation type. Operation types include:
Close File
Create File
Delete
Make Directory
Open
Read
Rename
Set Attribute
Write
Symlink
A
filter bar
, above the File Events graph displays the
filters in use.
Use the
From
and
to
fields to filter
by date.
The
Results
table displays operation-specific details.
The
Reset Filters
button removes all filters.
Figure.
Files Audit Details - Events
Click to enlarge
The
Results
table provides granular details of the audit results.
Data Lens
displays the following data for every event.
Username
Client IP
Operation
Operation Date
Click the gear icon for options to download the data as a CSV file.
Figure.
Results Table
Click to enlarge
Audit Trails - Client IP View
Details for the client IP audit trails view.
Audit Trails Search - Client IP
When you search by client IP in
Audit Trails
, search results display
the following information in a table:
Client IP
User Name
Domain
Last Operation
Last Operation On
Share Name
Operation Date
Action
Figure.
IP Search Results
Click to enlarge
The
Audit Details
page shows the following audit information for the
selected client.
A
User Events
graph displays various operations performed on the
client during the selected period, and the percentage of time each operation has occurred
per total operations during that period.
The
Filter by operations
dropdown contains operation filters,
which you can use to filter the audit by operation type. Operation types include:
Create File
Delete
Make Directory
Permission Changed
Permission Denied
Read
Removed Directory
Rename
Set Attribute
Write
Symlink
Permission Denied (File Blocking)
A
filter bar
, above the File Events graph displays the
filters in use.
Use the
From
and
to
fields to filter
by date.
The
Results
table displays operation-specific details.
The
Reset Filters
button removes all filters.
Figure.
Files Audit Details - Events
Click to enlarge
The
Results
table provides granular details of the audit results.
Data Lens
displays the following data for every event.
User Name
Operation
Target File
Operation Date
Click the gear icon for an option to download the data as a CSV file.
Ransomware Protection
Protecting your file server against 0-day ransomware detection and
protection.
Caution:
Ransomware protection helps detect potential ransomware. Nutanix does not
recommend using the Data Lens ransomware feature as an all-encompassing
ransomware solution.
Data Lens scans file audit events for ransomware in near real time and notifies you in the
event of a ransomware attack once you configure email notifications. Ransomware protection
includes signature-based and event-pattern-based ransomware detection.
Signature Detection
Signature-based detection uses the Nutanix Files ransomware file blocking mechanism to
identify and block file renames whose extension and file names match ransomware signatures
carrying out The blocking of file renames helps to identify file malicious activity by
containing the ransomware attack from further infecting
 the files . The ransomware file
blocking mechanism uses a dynamically curated list of signatures that frequently appear in
ransomware files. The curated list is dynamically updated as new ransomware signatures are
available. You can also modify the list by manually adding or removing signatures.
Event Pattern Detection
Event-pattern-based ransomware protection looks for audit events in near real time to
identify potential ransomware attacks. Configuring auto-remediation allows you to block
malicious clients from accessing all shares. In addition to that customers will also have
the option to put the files in Read-Only mode where no clients will be able to do any write
operations to the shares . Customers are recommended to upgrade to Files 4.2 to use advanced
auto-remediation features as described above containing the ransomware attack from further
infecting the files.
Note:
Customers are recommended to upgrade to Files 4.2 to use advanced auto-remediation
features.
Data Lens also monitors shares for self-service restore (SSR) policies
and identifies shares that do not have SSR enabled in the ransomware dashboard. You can
enable SSR through the ransomware dashboard.
Ransomware Protection Dashboard
The Ransomware dashboard includes panes for viewing threats summary and its details,
managing and configuring ransomware protection, managing recovery settings, viewing blocked
clients (users or client IP addresses), and viewing and updating blocked file signatures.
The
Ransomware
dashboard includes the following sections:
The
Threats Summary
pane displays the highlighted threats and its
details (impacted shares, users, client IP address, and impacted files). You can view the
threat summary for last 24 hours, last 7 days, last 30 days, and last one year. By
default, last 24 hours summary is selected. Click the
View Details
link to see the threat details and impacted files.
The
Recovery (SSR) Enablement by Shares
pane for viewing and
enabling Self Service Restore (SSR). SSR snapshots are used for data recovery. To protect
the shares with configured SSR policy, enable SSR for the shares, see Enabling SSR.
The
Blocked Entities
pane for viewing the blocked IP addresses
and users suspected to be the source of ransomware attack.
The
Blocked Files Signatures
pane for viewing the number of
blocked ransomware signatures configured on the subscribed file server. Click
Download List (.csv)
to download a list of blocked ransomware
signatures. To update blocked signature list, click
Update Blocked Signature
List
or click
Settings
>
Update Signature List
. See
Updating Signature List
Click
Unblock
to revert access of File Server from
Read Only
mode to
Read Write
mode.
To enable or disable, and configure ransomware protection, click
Settings
. See Enabling Ransomware Protection
and Configuring Ransomware Protection Policy.
Figure.
Ransomware Dashboard
Click to enlarge
Viewing Threat Details and Impacted Files
The
Threats Summary
pane of the ransomware dashboard displays
the highlighted threats and its details (impacted shares, users, client IP address, impacted
files, and Recover).
About this task
To view the threat details and the impacted files, do the following:
Procedure
Click
All Threats
.
A list of all threats appears.
Click
View Files
in the
Details
column or click
Impacted Files
tab on the top.
Figure.
All Threats Tab View
Click to enlarge
The impacted files are listed.
In the impacted files tab view, you can do the following:
Select the scope and apply the filter to view the filtered list of
impacted files. You can filter based on the
Share
Name
.
Client IPs
, and
Client Username
.
Enter the file name, and then click
Search
to
search for a file name from the list.
Click the file name to view the audit details of the file. A graph
displaying the operations performed on the file, and the audit details of
the operations of the file (user name, client IP address, operation,
operation date) are listed in a table.
Note:
You can filter audit details
based on date of audit and operations.
Click
Recover
to view the recommended snapshot to
recover from the selected share. You must see a pop-up window with the
snapshot details, steps for recovery, and a download link to get a script
which helps automate the recovery of the selected share .
Figure.
Impacted Files Tab View
Click to enlarge
Figure.
Steps to Recover Impacted files
Click to enlarge
Enabling Ransomware Protection
Enable ransomware protection on your file server.
About this task
Procedure
Go to
collapse menu
>
Ransomware Protection
.
Click
Enable Ransomware Protection
. See Configuring Ransomware Protection Policy for configuration steps.
Click
Enable
.
The ransomware dashboard is now displayed.
(optional) To disable the ransomware protection, on the ransomware dashboard,
click
Settings
>
Disable Ransomware Protection
.
The ransomware protection is now disabled.
Configuring Ransomware Protection Policy
Configure ransomware protection policies on file servers.
About this task
Do the following to configure a ransomware protection policy on a file server.
Procedure
In the Global Dashboard, go to
collapse menu
>
Data Source
>
File Servers
and select the file server.
The file server dashboard appears.
Go to
collapse menu
>
Ransomware Protection
.
(optional) Click
Settings
>
Edit Policy Configuration
, to set policy to prevent ransomware attacks.
The
Ransomware Protection Policy Configuration
appears.
In the
Ransomware Protection Policy Configuration
page, do
the following:
(optional) Click
Download List (.csv)
, to
download a list of blocked ransomware signatures.
From Files 4.2, in
Remediation of Malicious
clients
select the
Block clients on all shares
to
block specific clients from accessing all the share in the event of
a ransomware attack.
select the
Make files Server Read -only
to make file servers read only for all the clients.
select
No Action
send a notification email but
take no action on the entity.
Note:
Clients can be unblocked after you analyze the threat.
The default remediation action will be to
Block
clients on all shares
.
Figure.
Ransomware Protection Policy Configuration
Click to enlarge
Under
Email Recipients
, add email addresses separated by
comma.
Note:
Data Lens sends a notification to the specified email addresses when a
ransomware attack happens.
Click
Save
.
The ransomware protection policy is configured.
(Optional) To disable the ransomware protection policy, click
Settings
>
Disable Ransomware Protection
.
Updating Signature List
Searches, adds or removes a signature from the ransomware protection
list.
About this task
Note:
Nutanix does not recommend manipulating the blocked signatures through Nutanix
Files.
Do the following to add or remove a signature from the protection list.
Procedure
Go to
collapse menu
>
Ransomware Protection
.
Click
Settings
>
Update Signature List
.
You can also click
Update Blocked Signature List
in the
Blocked Files Signatures
pane of the ransomware
dashboard.
The
Update Blocked Signature List
window
appears.
In the
Update Blocked Signature List
window, do the
following:
(optional) Click
Download List (.csv)
, to
download a list of blocked ransomware signatures.
Enter the file signature in the
Search for
signatures
field, and then click the search icon to
search for a signature.
Note:
Add one or more comma separated signatures which may have wildcard
characters (* or ?) if required. For example, *file_name.doc*,
*file_name?.doc*, filename.docx, *.docx.
(Optional) Click
Add
to add a new signature to
the list.
(Optional) Click
Remove
to delete an existing
signature from the list.
Figure.
Update Blocked Signature List
Click to enlarge
Click
Close
.
Enabling SSR
Enable self-service restore (SSR) on shares identified by Data Lens.
About this task
Data Lens scans shares for SSR policies. Do the following to protect the shares with
the configured SSR policy.
Procedure
Click
collapse menu
>
Ransomware Protection
.
Click
Settings
>
Manage Recovery Settings
.
The
Enable SSR for Shares
window appears.
Click the
Enable
button next to the share for which you
need to enable SSR.
Figure.
Manage Recovery Settings
Click to enlarge
Click the close icon to close the window.
Unblocking Client IP Addresses
Unblocks the client IP addresses.
About this task
Do the following to unblock the blocked entities, such as client users and client IP
addresses, on a file server.
Procedure
From the
Global Dashboard
, click
collapse menu
>
Ransomware Protection
.
The
Ransomware Protection
page
appears.
From the
Blocked Entities
widget, click
View
Details
.
The
Blocked Entities
page appears with the following tabs:
Client IP Addresses
—Lists the blocked client IP
addresses.
Share with Restricted Access
—Lists the names of
blocked shares .
Blocked Time
-lists the time at which the client
was blocked on the share.
A list of blocked entities appears.
Figure.
Blocked Entities in 4.2 server
Click to enlarge
Figure.
Blocked Entities in 4.1 server
Click to enlarge
Check
Shares with Restricted access
to see the name of
blocked shares .
From the
Blocked Entities
widget, click
View
Details
and select the
Client IP
Addresses
and
Client users
to
Unblock
.
Select an entity from the list and click
Unblock
.
The
Unblock Client IP Addresses and Client User
window appears.
Figure.
Unblock Entities
Click to enlarge
Note:
When the unblock task is in progress, you cannot unblock another
entity from the same share.
You can select multiple entities from the same share and unblock
them.
You can also click
Filters
, enter the share
name, and then click
Search
to search filter
the blocked entities from the share.
Click the
Unblock
button to unblock the entity.
Note:
After you unblock an entity, the entity gets access to the file system and
can resume operations. Make sure that you have cleared the entity from all
malicious software before you unblock an entity.
(Optional) Click the gear icon, and select
Export CSV
or
Export JSON
to download a list of blocked entities to
a file in CSV or JSON format.
Smart Tiering
Manage hot, warm, and cold file server data.
Use Smart Tiering to maximize the available file server space by moving cold data from the
file server to an object store. Nutanix supports using Nutanix Objects, AWS Standard, AWS IA,
or Wasabi (S3 compatible storage) as the object storage, which you must configure before
setting up a tiering profile, for details on setting up Nutanix Objects, see the
Objects
User Guide
.
Tiered storage does not contain the full data set. The full metadata and pointers to tiered
data remain on the primary storage. However, tiering cold data to an object store does provide
storage cost benefits, which you can calculate using the cost savings widget in the
Data Tiering
tab. You can recall tiered data from the object store by
configuring an auto-recall policy during tiering policy creation, or by recalling data
manually. You can also specify retention policies that indicate how long deleted data remains
in secondary storage prior to permanent deletion.
Note:
If you have Files version 4.2.0 and above you will be able to create a tiering profile
with AWS Glacier storage class in addition to Object Store, AWS, and S3 compliant storage
classes.
Do the following to enable tiering on the file server:
Ensure that you have enabled the file server in Data Lens, see
Data Age Dashboard.
Review the "Limitations" section.
Review the Smart Tiering Requirements and Recommendations section.
Configure the tiering location and profile, see Configuring a Tiering Location.
Configure the tiering capacity threshold, see Setting a Capacity Threshold.
Configure a tiering criteria policy, see Creating a Tiering Policy.
Limitations
You can only have one tiering profile and tiering location per file server.
You can initiate
only
one tier and one recall job at a time.
You cannot evict tiered file data from the primary storage until all snapshots
containing the file expire.
You cannot tier files that are smaller than 64 KiB or larger than 5 TiB.
You cannot write to tiered (offline) files.
You can only configure tiering at the file-server level.
You can only manually recall a maximum of 100 files at a time.
After re-enabling versioning, tiering operations need a minimum of 10 minutes to
resume.
Files cannot compress data while tiering data to the object store.
Files does not tier sparse files.
The manual tier and recall operations have a timeout of 10 days, after which Data Lens
terminates the operation. To continue the tier or recall operation for the remaining
files, restart the operations.
Terminology
Capacity threshold
– The percentage of file server capacity you must reach
to trigger tiering operations.
Object store
– Secondary storage service.
Recall
– Migrating data from secondary to primary storage manually or
through an auto-recall policy.
Tiering
– Migrating cold data from primary to secondary storage.
Tiering profile
– The secondary storage location configuration, which
includes the object store, security keys, the storage bucket, and other details.
Smart Tiering Requirements and Recommendations
Meet the indicated requirements to configure and administer tiering.
General Requirements
Enable versioning on the object store bucket.
Meet the compatibility requirements as described in the
Data Lens Release
Notes
.
Network Requirements
All file server VMs (FSVMs) need to access
insights.nutanix.com
through Pulse.
All FSVMs need to use DNS to resolve the name
insights.nutanix.com
.
AWS Simple Storage Service (S3) Requirements
Have the following AWS IAM user permissions.
s3:GetBucketObjectLockConfiguration
s3:PutObject
s3:GetObject
s3:GetLifecycleConfiguration
s3:AbortMultipartUpload
s3:PutLifecycleConfiguration
s3:CreateBucket
s3:GetObjectTagging
s3:ListBucket
s3:PutObjectTagging
s3:GetBucketVersioning
s3:GetObjectVersion
s3:DeleteObject
Ensure that the security keys have the following permissions on the S3 bucket:
Set LifeCycle policy
Read and write
Set tags on object
List and write on object
Nutanix Objects Object Store Requirements
Use the bucket owner secret and access for tiering.
Ensure the owner has read and write permissions.
Security Recommendations
Nutanix recommends using the following security best practices:
Implement security best practices for AWS S3 as described on the AWS documentation
portal.
Do not use the same bucket for storing non-Nutanix Files data.
Do not manually delete or overwrite any object in the bucket, as this results in data
loss.
Disable the object lock.
Enable encryption on the bucket.
Have the permissions to query the
bucket location.
Do the following when changing security keys:
Ensure that both keys are valid when changing from key1 to key2.
Retire key1 from s3 only after updating key2 on the file server.
On AWS, Files sets the life-cycle rule on the bucket to garbage collect deleted objects.
Do not overwrite or remove the rule from S3. Do not apply another life-cycle rule to the
bucket.
For Nutanix Objects, provide security keys of the owner of the bucket.
Data Age Dashboard
The
Data Age
dashboard consists of the
Smart
Tiering
and
Explore
tabs.
Smart Tiering Tab
The
Smart Tiering
dashboard includes tools for managing the tiering
configuration of a file server and consists of the following primary elements:
The
Tiering Configuration
pane includes options to configure the
tiering location, configure the capacity threshold, and configure tiering policies.
The
Capacity Summary
pane provides an overview of data
distribution on the file server.
Tiering Summary
pane provides an activity monitor of tiering
operations.
Recall Summary
pane provides an activity monitor of recall
operations.
Figure.
Smart Tiering Tab
Click to enlarge
The following table provides a detailed description of the features of each pane in the
dashboard.
Table 1.
Smart Tiering Tab
Pane
Feature
Description
Tiering configuration
Tiering location
Indicates the name of the tiering profile and the object store type. Provides an
option to configure or edit the tiering location.
Capacity threshold
Indicates the configured capacity threshold and whether tiering is manual or
scheduled. Provides option to configure the capacity threshold, edit the capacity
threshold, and to set up a tiering schedule.
Tiering policy
Indicates the configured tiering policy. Provides option to define files for
tiering.
Capacity summary
File server and capacity
Indicates the name of the file server, the capacity used, and the total capacity
configured for the file server.
Data distribution on primary storage
Indicates the distribution of data on the file server by the space used, the
space planned for tiering, and the free space.
Note:
The widget refreshes
hourly.
Total tiered data
The amount of data that has been moved to tiered storage.
Current cost savings
The approximate amount of money saved from tiering data.
Configure cost model option
See Configuring Cost Savings.
Manual recall option
See Manually Recalling Tiered Data.
Tier data option
See Tiering Data Manually.
Tiering summary
Number of files tiered
Indicates the total number of files recalled for the specified interval.
Data tiered
Indicates the total amount of data tiered for the specified interval.
Data tiered graph
Displays the number of files tiered over time. Hovering over the data displays
the value for the time specified on the horizontal axis.
Recall summary
Number of files recalled
Indicates the total number of files recalled for the specified interval.
Data recalled
Indicates the total amount of data recalled for the specified interval.
Data recalled graph
Displays the number of files recalled over time. Hovering over the data displays
the value for the time specified on the horizontal axis.
Explore Tab
The explore tab consists of the following elements:
A
Filters
pane lets you filter entities by data age (heat).
A
Summary
tab displays a breakdown of data by heat for the
selected scope.
A
Trend
tab displays heat trends for a specified period (7 days,
1 month, or 1 year).
An
Edit Data Age Configuration
link lets you edit heat level
settings.
A
Data Distribution By Shares
table provides share-level details
for the selected entity or entities.
Configuring a Tiering Location
To tier data, configure a secondary storage object store.
About this task
A tiering profile includes the tiering location and defines the secondary storage
target, which is the object store.
Follow the steps as indicated to configure a
tiering profile:
Procedure
In the
Dashboard
for the file server, click
Smart Tiering Dashboard
in the
Data
Summary by Age and Storage Tier
pane.
Figure.
Set Up Tiering
Click to enlarge
In the
Tiering Configuration
pane, under
Tiering Location
, click
Add Tiering
Location
.
Update the fields in the tab with the indicated information.
Note:
Some fields may be unavailable for updates.
Name
: Enter a name of the tiering profile.
Store type
: Select a store type.
Service host
: Enter a URL of the tiering service
host.
Access key
: Enter the S3 access key ID for the
object store.
Secret key
: Enter the secret access key for
accessing the object store.
Bucket configuration
Bucket name
: Enter a name of the bucket
in the object store (you cannot change the name).
Retention period
: Enter a period for data
retention after deletion from the file server. (The default
retention period is 5 years and the minimum is 6 months).
Certificate
Certificate
: Upload a secure sockets
layer (SSL) certificate file.
Validate certificate
: Check this box to
enforce SSL certificate verification during tiering operations
after profile creation.
Setting a Capacity Threshold
Specify when to tier data.
About this task
Follow the steps as indicated.
Procedure
In the
Dashboard
for the file server, click
Smart Tiering Dashboard
in the
Data
Summary by Age and Storage Tier
pane.
In the
Tiering Configuration
pane, click
Set
a Capacity Threshold
.
To tier data based on a threshold of occupied capacity, check the
Set a Capacity Threshold
box.
In the
% of Primary Storage
field, enter an
integer that indicates the capacity percentage to trigger tiering
(minimum 1%).
Under
When to tier
, choose an option.
To trigger tiering manually after crossing the capacity threshold,
select the
Manual
option.
To configure a schedule for tiering data, choose
On a
Schedule
option.
Note:
If you choose the
Manual
option, follow the steps
in Tiering Data Manually to initiate tiering after
you observe that the file server reaches the configured capacity
threshold.
If you chose the
On a Schedule
option, do the following
in the indicated fields (otherwise, continue to the next step).
Note:
Data Lens sends tier requests to
the file server until the scheduled time. However, due to bandwidth, the
actual tiering operation on the file server can begin and end shortly after
the scheduled time.
Frequency
: Use the
every
day
option and do the following (or click
set
a custom window for each day
).
Start time
: Specify when to start tiering
operations.
End time
: Specify when to end tiering
operations.
(Optional) to customize the tiering schedule, click
set a
custom window for each day
, and do the following:
Select the desired tiering days.
For each day, specify the schedule for tiering operations in the
start time
and
end
time
fields.
Click
Save
.
Creating a Tiering Policy
Add a policy that defines when to tier cold data to object storage.
About this task
To create a tiering policy, do the following:
Procedure
In the
Dashboard
for the file server, click
Smart Tiering Dashboard
in the
Data
Summary by Age and Storage Tier
pane.
In the
Tiering Configuration
pane, under
Tiering Policy
, click
Define a Tiering
Policy
.
Under
Filters for Data to be Tiered
, do the
following:
Data Access Age (older than)
:
Enter an integer to specify the data age.
In the dropdown, select the unit of measurement (days, weeks,
months, years).
File Size (greater than)
:
Enter an integer for the minimum tiering file size (minimum 64
KB).
In the dropdown, select the unit of measurement (KB, MB,
GB).
File Type
:
In the dropdown, choose either the
is not
(exclude)
or the
is
(include)
option.
Enter a file extension and click the space bar (do not include a
period or forward slash). For example
jpg
,
png
, or
mpeg
.
File Owner
:
In the dropdown, choose either the
is not
(exclude)
or the
is
(include)
option.
Enter a user name and click the space bar. For example
UID:13199
or
nutanix\user
.
(Optional) under
Shares
, do the following:
To specify shares excluded from tiering, check the
Exclude
Shares
box.
Check the box next to shares to exclude.
To specify an auto recall policy, check the
Enable
Auto-Recall
box, and do the following in the indicated
fields.
In the
Times
field, specify the number of
times Files can retrieve a file from the object store, based on
inline reads, before triggering recall.
Note:
With inline read
events, a file server retrieves content from the object
store, rather than the read cache. You might read a file
multiple times from the read cache before retrieving it as
an inline read from the object store.
In the period field, specify an integer and unit of measurement
(days, weeks, months, years).
Click
Save
.
If you set a schedule for the capacity threshold, Data Lens
automatically triggers the tiering operation in Nutanix Files according to the
policy and threshold configuration. If you chose to manually trigger tiering,
you must trigger the operation after the file server meets the criteria in the
threshold and policy configuration.
Manually Recalling Tiered Data
Manually recall data from secondary to primary storage.
About this task
You can configure auto recall of data during tiering policy setup, see Creating a Tiering Policy. Otherwise, follow the steps as
indicated to manually recall data.
Procedure
In the
Dashboard
for the file server, click
Smart Tiering Dashboard
in the
Data
Summary by Age and Storage Tier
pane.
In the
Capacity Summary
pane, click
Manual
Recall
.
Select one of the following search options:
Files
Folder Path
Shares
Enter the name of the search target into the search bar.
Click
Search
.
In the action column, click
Recall
.
You can monitor the operation in the
Tasks
tab.
(Optional) Click
Cancel Recall
to cancel the recall
task.
Note:
You can also cancel the recall task from the
Tasks
tab. For more information see, Tasks Dashboard.
Tiering Data Manually
Manually initiate tiering.
About this task
If you did not choose to tier data on a schedule in the capacity threshold
configuration, tier data manually.
Procedure
In the
Dashboard
for the file server, click
Smart Tiering Dashboard
in the
Data
Summary by Age and Storage Tier
pane.
In the
Capacity Summary
pane, click
Tier
Data
.
An unavailable
Tier Data
button indicates that Data
Lens has not found enough tiering candidates on the file server and that the
file server has not reached the capacity threshold.
A dialogue window asks you to confirm the action.
Click
Confirm
.
Data Lens triggers the tiering operation in Nutanix Files. You can
monitor the operation in the
Tasks
tab.
(Optional) Click
Cancel Tiering
to cancel the tiering
task.
Note:
You can also cancel the tiering task from the
Tasks
dashboard. For more information see, Tasks Dashboard.
Updating a Tiering Configuration
Edit an existing tiering configuration.
About this task
Follow the steps as indicated.
Procedure
To update a tiering configuration, go to
Data Summary by Age and Storage Tier
>
Smart Tiering Dashboard
.
In the
Tiering Configuration
section, do one or more of
the following.
To update the tiering profile configuration, click
Edit
under
Tiering
Location
. Update one or more fields as described in
Configuring a Tiering Location. You can only
update the access key, secret key, profile name, or the
certificate.
To update the capacity threshold, click
Edit
under
Capacity Threshold
. Update one or more
fields as described in Setting a Capacity Threshold.
To update the tiering policy, click
Edit
under
Tiering Policies
. Update one or more fields
as described in Creating a Tiering Policy
Configuring Data Heat Levels
Update the values that constitute different data heat levels.
Procedure
In the
Data Age
widget, click
Explore
.
Click
Edit Data Age Configuration
.
Do the following in the
Hot Data
section:
In the entry field next to
Older Than
, enter an
integer.
In the dropdown, choose a value for
Week(s)
,
Month(s)
, or
Year(s)
.
Do the following in the
Warm Data
section to configure
two ranges :
In the first entry field, enter an integer to configure the first
range.
In the dropdown, choose a value for
Week(s)
,
Month(s)
, or
Year(s)
.
In the second entry field, enter an integer to configure the second
range.
In the dropdown, choose a value for
Week(s)
,
Month(s)
, or
Year(s)
.
Do the following in the
Cold Data
section to configure
four ranges :
In the first entry field, enter an integer to configure the first
range.
In the dropdown, choose a value for
Week(s)
,
Month(s)
, or
Year(s)
.
In the second entry field, enter an integer to configure the second
range.
In the dropdown, choose a value for
Week(s)
,
Month(s)
, or
Year(s)
.
In the 3rd entry field, enter an integer to configure the 3rd
range.
In the dropdown, choose a value for
Week(s)
,
Month(s)
, or
Year(s)
.
(optional) In the 4th entry field, enter an integer to configure the
4th range.
In the dropdown, choose a value for
Week(s)
,
Month(s)
, or
Year(s)
.
Click
Apply
.
Note:
The new values do not affect the already calculated heat statistics.
Data Lens uses the updated values for future heat
calculations.
Configuring Cost Savings
Configure the cost savings widget.
About this task
Configuring cost savings helps you estimate the amount of money saved by tiering
data.
Procedure
In the
Dashboard
for the file server, click
Smart Tiering Dashboard
in the
Data
Summary by Age and Storage Tier
pane.
In the
Capacity Summary
pane, click
Configure
Cost Model
.
Figure.
Configure Cost Savings
Click to enlarge
Do the following in the
Cost Model
window.
Under
On Premises File Storage
, enter a number
that indicates the on premises storage cost per year.
Under
Tiered Storage
, enter a number that
indicates the object storage cost per year.
Click
Save
.
The
Cost Savings
widget periodically updates and
displays the approximate cost savings from tiering.
Reports
Generate a report for entities on the file server.
Create a report with custom attribute values or use one of the Data Lens pre-canned report
templates. To create a custom report, specify the entity, attributes (and operators for some
attributes), attribute values, column headings, and the number of columns, see Creating a Custom Report. Pre-canned reports define most of the
attributes and headings based on the entity and template that you choose, see Creating a Pre-Canned Report. To schedule a report, see Scheduling a Report.
You can also rerun existing reports rather than creating new ones. After running a report,
you can download it as a JSON or CSV file.
Reports Page
The reports page provides options to create, schedule, and download
reports.
The
Reports
page consists of the following elements:
Instant Reports
and
Scheduled Reports
tabs
display reports in a tabular view.
Each report tab includes the following columns:
Report name
Status
Last run
Actions
In the
Actions
column, you can do the following:
Download reports as a JSON or as a CSV
Rerun reports
Delete reports.
The
Create a new report
button takes you to the
New
Report
view where you can create a custom report, create a report from a
template, and schedule reports.
Figure.
Reports Page
Click to enlarge
Clicking
Create a new report
takes you to the
New
Report
view, which includes
Report builder
and
Pre-canned Reports Templates
tabs.
The
Report builder
and
Pre-canned Reports
Templates
tabs include the following elements:
The
Define Report Type
section includes an
Entity
drop-down menu to select an entity.
The
Define Filters
section includes an
Attribute
drop-down menu and an option to add more attributes by
clicking
+ Add filter
.
The
Add/remove columns in this report
section displays the
default columns. Clicking the columns field lets you add additional columns. Clicking the
x
next to the column name removes it from the report.
The
Define number of maximum rows in this report
section includes
a
Count
field to specify the number of rows in the report.
A
Schedule Report
option lets you schedule future reports.
Table 1.
Report Builder – Filter Options
Entity
Attributes (filters)
Operator
Value
Column
Events
event_date
equal_to
greater_than
greater_than_equal_to
less_than
less_than_equal_to
(date)
audit_path (object path)
audit_objectname (object name)
audit_operation (operation)
audit_machine_name (source of operation)
audit_event_date (event date in UTC)
audit_username (user name)
Event_operation
N/A
file_write
file_read
file_create
file_delete
rename
directory_create
directory_delete
SecurityChange (permission change)
set_attr
sym_link
Files
Category
equal_to
greater_than
greater_than_equal_to
less_than
less_than_equal_to
(date)
object_name (file name)
share_UUID (share name)
object_owner_name (owner name)
object_size_logical (size)
file_type (extension)
object_creation_date (creation date in UTC)
last_event_date (access date in UTC)
share_UUID (share name)
fileserver_protocol
object_ID (file id)
object_last_operation_name (last operation)
audit_username (last operation user
object_last_operation_name (last operation)
file_path (file path)
Extensions
N/A
(type in value)
Deleted
N/A
Last (number of days from 1 to 30) days
creation_date
equal_to
greater_than
greater_than_equal_to
less_than
less_than_equal_to
(date)
access_date
equal_to
greater_than
greater_than_equal_to
less_than
less_than_equal_to
(date)
Size
equal_to
greater_than
greater_than_equal_to
less_than
less_than_equal_to
(number) (file size)
File size options:
B
KB
MB
GB
TB
Folders
Deleted
N/A
Last (number of days from 1 to 30) days
object_name (Dir name)
object_owner_name (owner name)
object_creation_date (creation date in UTC)
last_event_date (access date in UTC)
share_UUID (share name)
object_last_operation_name (last operation)
audit_username (last operation user)
File server protocol
object_ID (file id)
file_path (Dir path)
creation_date
equal_to
greater_than
greater_than_equal_to
less_than
less_than_equal_to
(date)
Users
last_event_date
equal_to
greater_than
greater_than_equal_to
less_than
less_than_equal_to
(date)
user_login_name (user name)
Last operation
last_event_date (access date in UTC)
last_operation_audit_path
Table 2.
Pre-Canned Reports – Filters
Entity
Pre-canned report template
Columns
Events
Permission denied events
Permission denied (file blocking) events
audit_path (object path)
audit_objectname (object name)
audit_operation (operation)
audit_machine_name (source of operation)
audit_event_date (event date in UTC)
audit_username (user name)
Files
Largest files
Oldest files
Files not accessed for last 1 year
Files accessed in last 30 days
object_name (file name)
share_UUID (share name)
object_owner_name (owner name)
object_size_logical (size)
file_type (extension)
object_creation_date (creation date in UTC)
last_event_date (access date in UTC)
share_UUID (share name)
fileserver_protocol
object_ID (file id)
object_last_operation_name (last operation)
audit_username (last operation user
object_last_operation_name (last operation)
file_path (file path)
Users
Top owners with space consumed
Top active users
All users
user_login_name (user name)
Last operation
last_event_date (access date in UTC)
last_operation_audit_path
Creating a Custom Report
Create a custom report by defining the entity, attribute, filters, and
columns.
About this task
Follow the steps as indicated.
Procedure
Go to
collapse menu
>
Reports
.
Click
Create a new report
.
In the
Report Builder
tab, do the
following:
In the
Define Report Type
section, select an
entity from the drop-down menu.
In the
Define Filters
section, select an
attribute from the attributes drop-down menu.
Under
Value
, specify the values for the
attribute (some attributes also require to specify an operator in the
Operator
field).
(optional) click
+ Add filter
to add more
attributes.
In the
Add/Remove column in this report
section,
click the field to display column options and select desired columns for
the report. You can also click
x
for the columns
you want to remove.
In the
Define maximum number of rows in this
report
section, specify the number of rows in your
report. This value indicates the number of records in the report.
Click
Run Preview
.
The
Report Preview
section
populates.
Click
Generate report
. (Or schedule a report, see Scheduling a Report.)
Select either the
CSV
or
JSON
option.
Creating a Pre-Canned Report
Use one of the pre-canned Data Lens templates for your report.
Procedure
Go to
collapse menu
>
Reports
.
Click
Create a new report
.
In the
Pre-Canned Reports Templates
tab, do the
following:
In the
Define Report Type
section, select an
entity from the drop-down menu.
In the
Define Filters
section, select an
attribute from the attributes drop-down menu.
In the
Add/Remove column in this report
section,
click the field to display column options and select desired columns for
the report. You can also click
x
for the columns
you want to remove.
In the
Define maximum number of rows in this
report
section, specify the number of rows in your
report. This value indicates the number of records in the report.
Click
Run Preview
.
The
Report Preview
section
populates.
Click
Generate report
. (Or schedule a report, see Scheduling a Report.)
Follow the steps as indicated to schedule a report.
Procedure
Follow the procedure for creating a report and
Run
Preview
, but do not generate the report. See Creating a Custom Report or Creating a Pre-Canned Report.
Click
Schedule Report
.
In the
Schedule Report
dialog box, do the following in
the indicated fields:
Time Zone
: Select a time zone in which to
schedule the report.
Report
Frequency
: Select the report
frequency from
Daily
,
Weekly
, or
Monthly
.
This also defines the interval for which Data Lens collects data.
Choose Recipients
: In the
Email
Recipients
field, enter a comma-separated list of report
recipients.
Click
Next
.
Under
Define the report format
, select either
JSON
or
CSV
.
Under
Define the title for your report
, enter a report
title.
Click
Schedule Report
.
The scheduled report appears in the
Scheduled
Reports
tab on the
Reports
page.
Tasks
View the tasks on the file server.
The
Tasks
dashboard displays a table with the status and other details
of the tasks.
Tasks Dashboard
The Tasks dashboard displays the tasks that are in queue, in-progress, canceled, or in
failed status.
The
Task
dashboard lists the following options. You can filter the
tasks based on these options.
Queued—The tasks in the queue.
Running—The tasks currently in progress. Hover over this status to view the total number
of files tiered or recalled so far until the task is complete.
Successful—The tiering or recall request task to Files is complete.
Failed—The tasks that did not complete successfully.
Canceled—The tasks that are cancelled.
Cancel Requested—The tasks that are requested for cancellation.
Canceling—The tasks that are currently being cancelled.
Figure.
Tasks Dashboard
Click to enlarge
The tasks table lists the following details:
Operation—The type of operation the task performs. For example, tier request, recall
request, create tiering location, enable ransomware, and so on.
Status—Task status such as, successful, canceled, and canceling. Hover over the status to
view the details.
Creation Time—The time when the task was created.
Last Updated Time—The time when the task was last updated.
Submitted By—The name of the task submitter.
Action—A
Cancel
button appears for user recall tasks and tiering
operations (operation type is tier request or recall request). You can click the
Cancel
button to cancel these tasks before it completes. After the
cancel request is complete, the task status changes to canceled. You can cancel tasks with
queued or running status.
Note:
Account administrators can cancel tasks submitted by any user. Data Lens
administrators can cancel the tasks they submitted. However, Data Lens Users (if the
user is a viewer), cannot cancel any tasks.
Hover over the
Cancel
button to view the total number of
tiered or recalled files and the name of the user who canceled the task.
Data Lens Options
You can get more insight into the usage and contents of files on your system by configuring
and updating
Data Lens
features and settings. Some options include scanning
the files on your file server on demand, updating data retention, and configuring data
protection.
Updating Data Retention
The data retention period determines how long Data Lens retains event
data.
About this task
Follow the steps as indicated to configure data retention.
Procedure
In Data Lens, click
gear icon
>
Update Data Retention
.
In the
Data Retention Period
drop-down, select the
period for data retention.
Click
Update
.
Scanning the File System
Once enabled, Data Lens scans the metadata of all files and shares on the system. You
can perform an on-demand scan of shares in your file system when new shares are created
after the initial scan.
About this task
Note:
Enabling Data Lens for a file server triggers scan for all shares as part of
the enablement process and triggers the metadata collection. Triggering subsequent
scans interferes with and overwrites the collected metadata and is not recommended
unless initial scan has some issue or if any new shares are created.
To scan
shares, perform the following task.
Procedure
In Data Lens, click the
gear icon
.
In the drop-down list, click
Scan File System
.
In the list of shares, select the target shares for the scan.
Figure.
Select Scan Targets
Click to enlarge
Click
Scan
.
The status of the share is
In Progress
. Once the
scan is complete, the status changes to
Completed
. You
can view the number of files scanned with the scan date and time.
Managing File Categories
Data Lens uses the file category configuration to classify file extensions.
About this task
The capacity widget in the dashboard uses the category configuration to calculate
capacity details.
Procedure
Click
gear icon
>
Manage File Category
.
To create a category, click
+ New Category
. (Otherwise,
move on to step 3).
In the
Category
column, name the category.
In the
Extensions
column, specify file
extensions for the category.
To delete an existing category, click the
x icon
next to
the category. (Otherwise, move on to step 4)
To modify an existing category, click the
pencil icon
next to the category and modify the specified file extensions.
Click
Save
.
Deleting Audit Data
Delete file server audit data or clean up the analyzed data of already deleted files
and folders.
About this task
Follow the steps as indicated.
Procedure
Click
gear icon
>
Manage Data
.
Caution:
The deleted File Server data cannot be
retrieved.
(optional) To delete audit data for the entire file server, go to the
File Server
tab, and then click the
delete the audit data
>
Delete
.
The deletion of File Server data can be used to reduce the usage from the
allocated license capacity.
Note:
Delete option is only available for disabled File Server.
(optional) To delete data for one or more shares, go to the
Manage
Share/Export Audit Data
tab.
Caution:
The deleted audit data cannot be
retrieved.
Select one or more share or exports.
To delete a single share or export, click
Delete
in the row for that
share.
To delete multiple shares or exports, select the shares to be
deleted, and then click
Delete
above the
table.
Caution:
The deleted data cannot be
retrieved.
(optional) To clean up the analyzed data of already deleted files and folders,
go to the
Manage Files/Folders Deleted Data
tab, and then
click the
delete the files/folders data
>
Delete
.
The clean up of the analyzed data of already deleted files and folders can be
done to reduce the usage from the allocated license capacity.
Note:
The
Manage Files/Folders Deleted Data
tab will only
be enabled if any deleted files or folders are available for that particular
File Server.
Once you have triggered for data deletion, you will be redirected to the
dashboard page.
Isilon Integration
Use Data Lens as a lightweight analytics solution for file servers on Dell EMC Isilon,
a third-party file server software.
Note:
The Dell EMC Isilon integration is a technical preview feature and
should not be used in a production environment. You might not be able to retain audit data or
upgrade file servers from technical preview to general availability (GA) versions.
The Data Lens integration with Isilon deploys an agent VM in the third-party environment of
the Isilon file server. The agent VM combines the capabilities of a syslog server and Isilon's
incremental scan to receive audit events, scan data, and send the heartbeat of the container
for health monitoring. Nutanix also collects insights data from your Isilon file server using
Pulse. Before enabling the Isilon file server on Data Lens, you must consent to insights data
collection, refer to "Nutanix Insights" in Support Portal Help.
As a lightweight analytics and monitoring solution, Data Lens for Isilon currently does not
include a full feature set, see Isilon Technical Preview for a list
of unsupported features. As a result, the Data Lens UI for Isilon includes fewer widgets. Some
of the supported features include audit trails, capacity trends, and heat monitoring. UI
updates include a column listing the vendor in the file server table on the Global Dashboard
and a new
Registered Agents
view for monitoring all registered agents.
If the agent VM is down for 24 hours, an automated alert goes out to Nutanix Support.
Deploying and managing Data Lens for Isilon requires the following:
Installing an agent VM, see Installing an Agent VM.
Enabling the Isilon server and accepting the license agreement, see Enabling a File Server.
Monitoring the registered agent VM in the
Registered Agents
view,
see Isilon Technical Preview.
Configuring a syslog server in the Isilon environment. See the
EMC Isilon Auditing
Guide
for steps to configure a syslog server.
Isilon Technical Preview
Technical preview of the Data Lens integration with Dell EMC Isilon.
This document describes the user experience for Data Lens with Isilon.
Lightweight Feature Set
Data Lens for Isilon provides general storage capacity reporting and audit visibility.
The Isilon
integration does not include the following elements and features:
Share-level details in the main dashboard
Smart Tiering
Anomaly detection
Ransomware protection
The agent VM has the following limitations and restrictions:
You cannot change the name of the agent VM.
You cannot clone the agent VM.
If you delete the agent VM, any files or directories on the VM are also deleted.
The Data Lens UI does not register changes to the agent VM IP address. Re-run the
registration command to display the updated IP address.
A backward slash in a file name causes the name and parent directory of a file to
display incorrectly in audit trails.
Registered Agents View
Clicking the
gear icon
>
Registered Agents
displays a tabular view of all the agents in
Registered Agents
view. The following describes the columns in the table of the
Registered Agents
view:
Table 1.
Registered Agents View
Column
Description
Name
Agent VM name
IP address
IP address of the host where the agent VM is registered.
ID
Unique identifier for the agent VM.
No. of file servers served
Number file servers on the host that the agent VM supports.
Active and offline agents
Red and green icons indicate if the agent VM is on line (green) or off line
(red).
Installing an Agent VM
Install a Data Lens agent VM in your third-party environment.
About this task
Follow the steps as indicated:
Procedure
In the
File Server
section of the Global Dashboard,
click
+Add a File Server
.
In the drop-down menu following
Isilon
, select
Install a new agent
.
Download and configure the agent VM:
To download the agent VM image, click the link in the
Download an agent VM image from here
line.
Create an agent VM with the following minimum requirements.
Note:
The newly created VM has default Nutanix
credentials. Make sure to update the credentials.
(See "Creating a VM" in the
Prism Self Service Administration
Guide
.)
1 vCPU
4 cores
12 GB RAM
Minimum 120 GiB storage
Allow HTTPS traffic from the agent VM to
insights.nutanix.com
.
Register the VM with Data Lens using the provided token in the
Add File Server
view of the
Global
Dashboard
.
Replace
add_server
with the name of the file
server. Replace
IP/Host-name
with the IP address of
the host. Replace
REST-api-port
with the port number
for REST API communication. Replace
Isilon-server-user
with your user name. Replace
password-file-name
with the name and path to your
password file.
Once the task completes, the server displays in the Data Lens
File Server
view.
What to do next
Configure a syslog server in the EMC Isilon environment to communicate with the
agent VM. For steps to configure a syslog server, see the
EMC Isilon Auditing
Guide
.
Next, enable the Isilon file server, see Enabling a File Server.
Replace
add_server
with the name of the file server.
Replace
IP/Host-name
with the IP address of the Isilon
management host. Replace
REST-api-port
with the port number
for REST API communication. Replace
Isilon-server-user
with
your user name. Replace
password-file-name
with the name and
path to your password file.
After adding the file servers, run a full scan on
all of the added file servers.
Once the task completes, the server displays in the Data Lens
File Server
view.
What to do next
Perform a full scan, see Scanning the File System.
