Setting Timing for Monitoring

From the Timing screen, you can configure:

  • Timing values for policy retrieval, device polling, and database updating
  • SSH host key mismatch handling where you can choose to replace SSH host key automatically when a new SSH host key is detected for a device

Warning: Automatic replacement of the SSH host key can expose your server to security risks and is not recommended.

This page is available only to Administrators. For changes to take effect, you must click Save.

By default, the settings on this page affect all devices that are monitored in the relevant monitoring mode (real time, periodic polling, or OS monitoring). The settings can be overridden for each specific monitored device, in the properties for that device (Monitoring > Devices > select device > Edit configuration). In some cases the monitoring mode itself can be set there as well.

Here on the Timing page, the available settings are:

Timing

  • Real-Time Monitoring: Applies to Cisco, Fortinet, and Juniper devices that have been configured to send syslogs to SecureTrack (unless in the device's properties real-time monitoring has been disabled), and to Check Point management servers:

    • 'Save policy' interval (Applies only to Check Point management servers): When a Save Policy event is followed within this time interval by an Install Policy event for the same policy, SecureTrack tries to combine the two events into a single revision. The default value is 60 seconds.

      • 'Install policy' interval: When two or more Install Policy events for the same policy occur within this time interval, SecureTrack combines the events into a single Install Policy revision (Default: 60 seconds)

    • Automatic fetch frequency: Frequency (in minutes) for automatic fetch

  • Periodic Polling: Applies to TOP and Palo Alto devices, and to Cisco, Fortinet, and Juniper devices that do not send syslogs or that have had real-time monitoring disabled (in the device properties):

    • Polling frequency: How often SecureTrack will fetch the configuration from each device. To select an exact time for daily polling, set the polling frequency specifically for each device, in the device's properties.

  • Session timeout: How long SecureTrack will wait for a response from device before giving up. This setting is used in case a device is down or too busy. Applies to Automatic fetch (for real-time monitored devices) and to periodic polling.

  • OS Monitoring:

    • Polling frequency: How often SecureTrack will fetch the configuration from each device.

    • Timeout: Controls how long SecureTrack will wait for a response from device before giving up. This setting is used in case a device is down or too busy.

    • Retries: The number of attempts SecureTrack will make.

  • Database Update:

    • Write to database every: Dictates the frequency with which SecureTrack updates its database. The default is every 3600 seconds (1 hour), but this can be changed. When you increase this time, you increase the amount of memory used, but have fewer write actions to the database, which in turn means a smaller amount of disk is required to store the same amount of data. Changing the default database update frequency may adversely affect the responsiveness of your system. Contact Tufin Support before making any changes to the default value.

How Do I Get Here?

In SecureTrack, go to Monitoring > Timing.