Abstract

This technical note addresses concerns about the potential for private content in health reports.

Health Report Purpose

The health reports transmitted from Swarm clusters to DataCore are intended to provide the ability for DataCore Support to rapidly assess the health and status of customer clusters. DataCore has no interest in the content stored in that cluster which remains the property of the customer operating the cluster, and DataCore has gone to significant effort to guarantee that none of that content is revealed by health reports. If your cluster is sending health reports, and if it has a defined cluster settings UUID (this will be true if you have ever changed any settings on your cluster), and if the cluster name has been set, then you will be able to view the summary analysis reports using the link on your Swarm console, so these reports provide direct benefit to our customers as well as to DataCore Support.

Health Report Mechanism

Each individual Swarm node sends a health report once during each 24 hour period. Nodes don’t report at the same time so as to minimize impact on the cluster and the network. The information is encrypted and sent back to DataCore via SSL, where each report is stored in a Swarm cluster. Periodically (currently every 2 hours), an analysis of the data is updated to extract data relevant to understanding what is happening in the cluster.

In order for your cluster to successfully send health reports to DataCore, it must have outbound public internet access. If that is in place, sending is automatic. It is possible to configure Swarm to route to the internet via a proxy if that is necessary to reach the public internet from your cluster.

Health Report Contents

The information transmitted by each Swarm node is essentially the same information that would be retrieved by an SNMP dump. This information includes software versions, license information, capacity, load, along with system and network configuration including IP addresses. No user data of any kind that is stored in your cluster is transmitted. Any information that could reveal the organization of your data (such as the list of domains) is omitted. No passwords or credentials are transmitted. No personally identifiable information (PII) is transmitted with this exception: if you have provided system admin contact information by setting snmp.sysContact, that information is transmitted. While setting snmp.sysContact is optional, it is extremely useful so that DataCore Support will know who to contact if health reports reveal a developing problem.

If your security staff still has concerns about the content of health reports, it is easy to view the exact content of the health report being transmitted by any of your Swarm nodes at any time. Assuming that a Swarm node in your cluster is named http://node24.example.com, simply access:

http://node24.example.com:90/health_report

with any browser. The data is packaged with JSON, so the content will be much easier to understand if you install any of the available JSON viewer extensions for Chrome or Firefox.