8.2. Configuring the NDR

8.2.1. Introduction

8.2.1.1. The `Assets and users tracking` and `Relationship tracking` functions

The NDR database stores information about:

Alerts displayed in the `Alerts` dashboard (for more information on the dashboard, see Web UI `Alerts` screen)
Alerts displayed in the `Alerts` dashboard (for more information on the dashboard, see Web UI `Assets` screen)
The users displayed in the `Users` dashboard (for more information on the dashboard, see Web UI `Users` screen)

The `Assets and users tracking` and ` Relationship tracking` functions include:

Function	Status	Description	See
`Assets and users tracking`	Activable	Synchronization between the NDR web UI's `Assets` and `Users` dashboards with the data available in Elasticsearch	See Procedure to enable the `Assets and users tracking` and `Relationship tracking` functions.
`Assets and users tracking`	Can disable	The NDR `Assets` and `Users` dashboards are disabled. Data is no longer stored in Elasticsearch.	See Procedure to disable the `Assets and users tracking` and `Relationship tracking` functions.
`Relationship tracking	Activable	synchronization between the NDR `Relations` dashboard in the web UI and the data available in Elasticsearch	See Procedure to enable the `Assets and users tracking` and `Relationship tracking` functions.
`Relationship tracking`	Can disable	The NDR `Relations` dashboard is disabled. Data is no longer stored in Elasticsearch.	See Procedure to disable the `Assets and users tracking` and `Relationship tracking` functions.

The configuration interface is described in the Web UI `Assets` screen.

8.2.1.2. Elasticsearch retention period

The retention time of Elasticsearch depends on the maximum space allocated (in Gb) to store the logs (see the ../../05_GUI_presentation/05_7_web_interface_menu/05_7_3_administration/8_data/1_retention_policy).
Therefore, the data retention period in Elasticsearch depends on the amount of logs generated by the GCaps.
The retention period of Elasticsearch can be changed: see the Procedure to configure the Elasticsearch retention time.

8.2.2. Prerequisites

User : member of Administrator group

8.2.3. Preliminary operations

Login to GCenter via a browser (see Connecting to the GCenter web interface via a web browser).

8.2.4. Procedure to access the `Data Exports` window for an administrator account

In the navigation bar, successively click on:

The `Admin` button

The `NDR configuration` command

The `NDR configuration` window is displayed.

8.2.5. Procedure to enable the `Assets and users tracking` and `Relationship tracking` functions

Click on the `FEATURES` button (3).
Use the `Assets and users tracking` selector (1) to enable tracking of active assets (`Assets`) and users (`users`).

The functions visible by pressing the `Assets` and `users` buttons in the web UI are now accessible if the license enables it.
Use the `Relationship tracking` selector (2) to enable tracking relations between active devices and view these relations.

The functions visible by pressing the `Relations` button are now accessible if the license enables it.

8.2.6. Procedure to disable the `Assets and users tracking` and `Relationship tracking` functions

Click on the `FEATURES` button (3).
To disable the tracking of relations only, use the `Relationships tracking` selector (2).

The functions visible by pressing the `Relations` button are now inaccessible.
To disable all the functions of the `Assets and users tracking` (1) and `Relationship tracking` (2), use the `Assets and users tracking` selector (1).

The functions visible by pressing the `Assets` and `users` buttons in the web UI are now inaccessible.

8.2.7. Procedure to configure the Elasticsearch retention time

Click on the `RETENTION PERIOD` button (4).
Use the `Synchronize NDR boards with elasticsearch retention` selector to enable synchronizing NDR dashboards with data in Elasticsearch.
Use the `Retention period` field to specify how long data such as alerts, users, and equipment should be retained on disk.