Data Sources Status

Working with Data source status feature

To verify all data collection status from all sources that send events to CYBERQUEST or sources collected by CYBERQUEST, the tool provides a dedicated status screen.

In Web Interface select Settings > Data source status. Data Sources Status page opens, listing all data sources collected by CYBERQUEST.

Alt Image

The collection status is shown in color code for each data source. Available statuses are:

Disabled
Collecting
Stopped or critical error
Waiting for next collection

An Alt Image icon present signifies that collection is scheduled to execute at defined time intervals, while all others are executing in real time. At any time, you can sort the list by any of the columns, or you can export the list by pressing button.

It is important to note here that due to the large number of data collections CYBERQUEST can support, the collection status list can grow very long.

You can choose to display up to 100 entries per status page. Please remember not to combine a large number of entries with automated page refresh, to avoid a decrease in performance. The columns menu at the top of the page allows you to choose which columns are displayed for all entries in list. These are described in the table below:

Field	Description
Computer Name	Source name (network IP address or resolved FQDN)
Log Name	Name of the log source
Type	Log type
Messages	Number of collected events
Last Received Time	Last current time when data was received from source
Last Local Time	Last device time when data was received from source
Last Update Time	Last time a modification was made for data source
Last Message	Last message from data collector
Last Error	Last error message from data collector
Next Collection	Date and time when next collection will start
Producer	Module or agent that collected the events
Producer Uptime	Uptime of module or agent that collects events
Extra Data	Comments
Alert Interval Minutes	Time interval to check source status