Monitor Cortex XSOAR system health.
Cortex XSOAR provides several tools to monitor your system’s health. For self-hosted instances, use your organization's standard system health monitoring tools to monitor the performance of your server's disk, CPU, and RAM.
Verify That The Server Is Up and Running
To check that the server is up and running, navigate to the following URL: https://<your.demisto.hostname>/health
. If the server is up and running, the system returns HTTP status code 200 OK
.
Integration Fetch Error Notifications
You can specify a comma-separated list of users to notify when an integration fails to fetch events.
Monitor Engine Hosts
For all instances, in addition to monitoring your Cortex XSOAR server, it is important to monitor the health of your engine hosts. You should ensure that the service is up and running, and that the disk, CPU, and RAM are not being over-utilized. For additional ways to monitor and manage your engine hosts, see the following sections in Manage Engines:
Get Engine Logs
Notify Users When an Engine Disconnects
Monitor Elasticsearch
For Elasticsearch deployments, we recommend installing the Elasticsearch Monitoring content pack from the Cortex XSOAR Marketplace. This pack includes the Elasticsearch and OpenSearch monitoring dashboard and widgets that track statistics and cluster status.
We also recommend configuring notifications through Elasticsearch or other services that monitor Elasticsearch resource management, especially if there will be high traffic volume.
Post-Installation Health Checks
After you install Cortex XSOAR, we recommend that you run several health checks, for content, integrations, Docker images, and so on, to verify that your environment is working as expected. For more information, see Server Post-Installation Health Check.
If you experience issues with any of these health checks, contact the Cortex XSOAR support team.