Monitor Components - Administrator Guide - 6.11 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.11
Creation date
2022-12-12
Last date published
2024-03-28
Category
Administrator Guide
Abstract

Monitor Cortex XSOAR system health. Monitor components and perform health checks.

Cortex XSOAR provides several tools to monitor your system’s health. For self-hosted instances, use your organization's standard system health monitoring tools to monitor the performance of your server's disk, CPU, and RAM.

Verify That The Server Is Up and Running

To check that the server is up and running, navigate to the following URL: https://<your.demisto.hostname>/health. If the server is up and running, the system returns HTTP status code 200 OK.

Integration Fetch Error Notifications

You can specify a comma-separated list of users to notify when an integration fails to fetch events.

Monitor Engine Hosts

For all instances, in addition to monitoring your Cortex XSOAR server, it is important to monitor the health of your engine hosts. You should ensure that the service is up and running, and that the disk, CPU, and RAM are not being over-utilized. For additional ways to monitor and manage your engine hosts, see the following sections in Manage Engines:

  • Get Engine Logs

  • Notify Users When an Engine Disconnects

Monitor Elasticsearch

For Elasticsearch deployments, we recommend installing the Elasticsearch Monitoring content pack from the Cortex XSOAR Marketplace. This pack includes the Elasticsearch and OpenSearch monitoring dashboard and widgets that track statistics and cluster status.

We also recommend configuring notifications through Elasticsearch or other services that monitor Elasticsearch resource management, especially if there will be high traffic volume.

Post-Installation Health Checks

After you install Cortex XSOAR, we recommend that you run several health checks, for content, integrations, Docker images, and so on, to verify that your environment is working as expected. For more information, see Server Post-Installation Health Check.

If you experience issues with any of these health checks, contact the Cortex XSOAR support team.