Skip to main content

SafeTitan

Troubleshooting the Orchestrator

The On-Premise Orchestrator facilitates the parsing of messages from the SIEM/Monitoring tool to the SafeTitan cloud infrastructure to be processed. This process happens in the background without user input, so it is useful to verify that processing has taken place and that no failure has occurred.

To ensure that Orchestrator has received requests and has parsed and processed them successfully, you can check a a log that Orchestrator generates. The log tracks all requests made as well as debug information on the processing. The log file is generated and placed in the same folder as the Orchestrator installation and is in the format log-{date}.txt. An example of a log sequence is shown below:

2020-09-09 19:07:32.853 +01:00 [Information] Processing message with type dtex and trigger alert

2020-09-09 19:07:33.121 +01:00 [Information] OrchestratorConfigurationService:GetSettings: Making request to CRA API for settings

2020-09-09 19:07:36.963 +01:00 [Information] OrchestratorConfigurationService:GetSettings: API request returned success.

2020-09-09 19:07:37.370 +01:00 [Information] Username found: CraOrchestrator.Services.DTO.UserDetail

2020-09-09 19:07:37.440 +01:00 [Information] OrchestratorConfigurationService:GetSettings: Making request to CRA API for settings

2020-09-09 19:07:38.087 +01:00 [Information] OrchestratorConfigurationService:GetSettings: API request returned success.