Genian |product_name| diagnosis Method
==========================================

This section provides an overview of the major processes used by Genian |product_name| that can be examined to troubleshoot issues. 

Genian |product_name| Process Description
-----------------------------------------------

Policy Server Processes
'''''''''''''''''''''''

.. code:: bash

	centerd: Policy and node management processes
	sensord: Network Sensor Process
	mysql: Node and policy information is stored in the database
	apache2: Web service Daemon
	java: As a Java process for running the WebUI, Interworking between Web and Database
	procmond: A process monitor daemon used by Genian ZTNA, Monitor abnormal termination and perform re-execution
	sshd: Daemon for providing SSH remote access
	syslog-ng: SYSLOG Daemon
	hbd: A daemon that performs actions (such as reboot) to normalize the system after a certain period of time if a hardware or software failure occurs
	mysqld_safe: Script to save restart and runtime information in Mysqld_error when mysqld server fails
	gnlogin: Providing services for executing CLI commands
	crond: A daemon that performs scripts and commands on a specified cycle
	

Network Sensor Processes
''''''''''''''''''''''''

.. code:: bash

	sensord: Network Sensor Process
	nmap: Scan tool that Network information of Node
	procmond: A process monitor daemon used by Genian ZTNA, Monitor abnormal termination and perform re-execution
	sshd: Daemon for providing SSH remote access
	syslog-ng: SYSLOG Daemon
	hbd: A daemon that performs actions (such as reboot) to normalize the system after a certain period of time if a hardware or software failure occurs


Agent Processes
'''''''''''''''

.. code:: bash

	Process name : GnAgent.exe
	Description : Genian Agent
	Function : Agent integrity check, node policy reception and GnPlugin run management
	Execution cycle: Always
	Execution condition: Always after Windows logon

	Process name: GnPlugin.exe
	Description: Genian Action Plugin
	Function: Perform action policy of node policy and send result
	Execution cycle: Always
	Execution condition: Always when an action policy exists in a node policy

	Process name: GnStart.exe
	Description: Genian Starter
	Function: Agent integrity check, GnAgent execution management, Keep Alive transfer
	Execution cycle: Always
	Execution condition: Always

	Process name: GnAccount.exe
	Description: Genian User Account Manager
	Function: when running the GnAgent process with a specific account instead of an OS logon account
	Execution cycle: When an event occurs
	Execution condition: Node Policy>Execution Account
	
	Process name: GnDump.exe
	Description: Genian Agent Dump Utility
	Function: Dump Agent Debug Logs
	Execution cycle: None
	Execution condition: Operates only when executed manually

	Process name: GnExLib.exe
	Description: Genian External Module
	Function: Register external authentication module (ex. dll)
	Execution cycle: None
	Execution condition: Works only when executed manually

	Process name: GnScript.exe
	Description: Genians Software Install Manager
	Function: Install Agent
	Execution cycle: None
	Execution condition: Performed only during agent installation

	Process name: GnUpdate.exe
	Description: Genian Updater
	Function: Update Genian Agent automatically
	Execution cycle: 6 hour
	Execution condition: None

	Process name: GnUtil.exe
	Description: Genian Agent Utility
	Funcfiton: Compute the SHA1 hash value of a specific file
	Execution cycle: None
	Execution condition: Works only when executed manually


System Log Description
----------------------

Policy Server Log
'''''''''''''''''

**Location:** ``/disk/data/logs``



Elasticsearch
'''''''''''''

.. code:: bash

	GENIAN.log: Elasticsearch process abnormal termination and restart error log, etc.


apache2
''''''

.. code:: bash

	Error_log: apache2 error log
	Mod_jk.log: Apache and Tomcat communicate using Apache JServ Protocol (AJP) to communicate with each other and configure it using a module called mod_jk
	- Apache and tomcat related error log


mysqld
''''''

.. code:: bash

	Initdb.log: Logs generated during database initialization
	Check whether the table is abnormal when driving

	Mysqld.error: error log during mysql operation
	Slowquery.log: SQL Query Log for long-running jobs
	- Refer to when a specific action takes a long time during ZTNA operation


system
'''''''

.. code:: 

	Agent: Agent log stored in PC is called from policy server and stored
	 - call command: centerd -dfg

	centerd: Logs of actions performed by the Policy Server
	 - Policy Server status, Node role status, Authentication, integration, Data sync etc

	sensord: Save the operation and error log performed by the network sensor
	 - Network Sensor status, Node detection, UP / Down, policy reception etc

	messages: Hardware status related messages like dmesg

	procmond: Process terminated abnormally and restart log
	scanraw: Network scan  information of Node for the platform's detection of the node
	updown: Agent Up / Down status log
	authsync: Database synchronization related logs
	dbmigration: Save database migration results
	gnlogin: console Login History Saving
	radius.log: Saving RADIUS Status and Node Authentication Logs


tomcat
'''''''

.. code:: 

	Catalina.out: The catalina.log file contains all log messages that are written to Tomcat's system.out and system.err streams. 
	The catalina.out file can include:
	 - Uncaught exceptions printed by java.lang.ThreadGroup.uncaughtException(..)
	 - Thread dumps, if you requested them via a system signal

System Inspection
-----------------

Check script for the status of the Genian |product_name| system.

- Follow the below steps, as shown in the code box:

 - Connect to the Policy Server Console directly or by SSH.
 - Enter configuration mode. 
 - Enter shell mode.
 - Use the ``sysinspect.sh`` command to check the system status. 

.. code:: bash

 genian> en

 genian# @shell

 Genians$ sysinspect.sh 


    ==========Regualr Inspection==========
    1) Check Server/Service infomation
    2) Check Service status
    3) Check Disk & Memory information
    4) Check Smartctl
    5) Check Slow Query
    6) Check Total Inspection
    9) Check Setup Config
    ======================================
    Enter Select Number : 
        

Check Server/Service information
''''''''''''''''''''''''''''''''

- ServerRole: Refer to the configuration of the server to indicate the role of the server.
- H/W duplication: Check if the server is redundant. If redundant, check if the server is master or slave.
- DB replication: Check if the DB is redundant

 - ALIVE: If DB replication status of Master / Slave server is normal, ALIVE
 - MISMATCH or result is broken: If DB replication state of Master / Slave server is abnormal

- System Uptime: Number of Users in Server, Server CPU Load
- Platform: The model name of the server
- Version: The version of the image installed on this server
- MAC Address List: MAC Address list output
- Service Version: The version of services used by the server
- Elasticsearch indices Health check: Check the status of ElasticSearch indexes

 - green: normal, Yellow / Red: abnormal

- Last 7 days Log Backup Check(Today Warning): Ensure Log backup is working properly
- Last 7 days DB Backup Check(Today Warning): Ensure Policy / Node backup is working properly

Check service status
''''''''''''''''''''

Verify that all necessary processes are running on Genian |product_name|.


Necessary processes by component:

.. code:: bash

    Policy Server: 
    Mysqld, elasticsearch, java, centerd, sensord, apache2, procmond, sshd, syslog-ng, radius (Need confirmation if using RADIUS server), vrrpd (Need confirmation if using HA configuration)  

    Network Sensor:
    sensord, procmond, sshd  

Check Disk & Memory information
'''''''''''''''''''''''''''''''

Check the server's hard disk capacity and memory.
If the hard disk is full or there is no free memory, Genian |product_name| may encounter the following problems.

- Genian |product_name| operation is slow or does not work
- When a backup file is not created

Check Smartctl
''''''''''''''

Check hard disk status
If the RAW_VALUE value of Reallocated_sector_ct is not 0, there is a problem with the hard disk.
Genian |product_name| operation may be defective, requiring hard disk replacement

Check Total Inspection
''''''''''''''''''''''

The server state described above is output at once

Check Setup Config
''''''''''''''''''

- Check for any missing basic settings
- How to check sensor and node status through CLI command

How to Check Network Sensor Status:

.. code:: bash

    genian# show enforcer
    interface | mode | active | local | request | strict | max
    bond0.100 |    2 |    OFF |    ON |     OFF |    OFF | 10
    bond0.101 |    2 |    OFF |    ON |     OFF |    OFF | 10

How to Check Node Status:

.. code:: bash

    genian# show nodeinfo filter [IP address]
	IP              | MAC               | device | sta | up |    age |   idle |     expire | noderole
	172.29.20.183   | 00:E0:4C:36:0D:F8 | eth0   |   1 |  1 | 1728088 |      5 |   -3118306 | Denied by IPAM(10)

    ARP Poisoning list
    genian# show nodeinfo poisoning [IP address]
    IP=172.29.111.55 MAC=00:05:1B:A3:E2:07 IF=bond0.111
    TARGET=172.29.111.56   ACTIVE=1 LASTREQ=832    DSTTOXIC=0
    TARGET=172.29.111.254  ACTIVE=1 LASTREQ=0      DSTTOXIC=0