What issues can Unified Manager fix
By using the automatic remediation feature of Active IQ Unified Manager, you can choose to resolve certain ONTAP issues or manage certain ONTAP features, such as anti-ransomware monitoring, effectively through Unified Manager.
This table describes these ONTAP issues or features that you can manage directly through the Fix It or Fix All button on the Unified Manager web UI.
Event Name and Description | Management Action | "Fix It" Operation |
---|---|---|
Volume Space Full The volume is almost out of space and it has breached the capacity full threshold. This threshold is set by default to 90% of the volume size. |
Enable volume autogrow |
Unified Manager determines that volume autogrow is not configured for this volume, so it enables this feature so the volume will grow in capacity when needed. |
Inodes Full This volume has run out of inodes and cannot accept any new files. |
Increase number of inodes on volume |
Increases the number of inodes on the volume by 2 percent. |
Storage Tier Policy Mismatch Detected The volume has lots of inactive data and the current tiering policy is set to "snapshot-only" or "none". |
Enable automatic cloud tiering |
Since the volume already resides on a FabricPool, it changes the tiering policy to "auto" so that inactive data is moved to the lower cost cloud tier. |
Storage Tier Mismatch Detected The volume has lots of inactive data, but it does not reside on a cloud-enabled storage tier (FabricPool). |
Change volumes' storage tier |
Moves the volume to cloud-enabled storage tier and sets the tiering policy to "auto" to move inactive data to the cloud tier. |
Audit Log Disabled The audit log is not enabled for the storage VM |
Enable audit logging for the storage VM |
Enables audit logging on the storage VM. Note that the storage VM must already have either a local or remote audit log location configured. |
Login Banner Disabled The login banner for the cluster should be enabled to increase security by making access restrictions clear. |
Set login banner for the cluster |
Sets the cluster login banner to “Access restricted to authorized users”. |
Login Banner Disabled The login banner for the storage VM should be enabled to increase security by making access restrictions clear. |
Set login banner for the storage VM |
Sets the storage VM login banner to "Access restricted to authorized users". |
SSH is Using Insecure Ciphers Ciphers with the suffix "-cbc" are considered insecure. |
Remove insecure ciphers from the cluster |
Removes the insecure ciphers — such as aes192-cbc and aes128-cbc — from the cluster. |
SSH is Using Insecure Ciphers Ciphers with the suffix "-cbc" are considered insecure. |
Remove insecure ciphers from the storage VM |
Removes the insecure ciphers — such as aes192-cbc and aes128-cbc — from the storage VM. |
AutoSupport HTTPS transport disabled The transport protocol used to send AutoSupport messages to technical support should be encrypted. |
Set HTTPS as the transport protocol for AutoSupport messages |
Sets HTTPS as the transport protocol for AutoSupport messages on the cluster. |
Cluster Load Imbalance Threshold Breached Indicates that the load is imbalanced among the nodes in the cluster. This event is generated when the performance capacity used variance is more than 30% between nodes. |
Balance cluster workloads |
Unified Manager identifies the best volume to move from one node to the other to reduce the imbalance, and then moves the volume. |
Cluster Capacity Imbalance Threshold Breached Indicates that the capacity is imbalanced among the aggregates in the cluster. This event is generated when the used capacity variance is more than 70% between aggregates. |
Balance cluster capacity |
Unified Manager identifies the best volume to move from one aggregate to another to reduce the imbalance, and then moves the volume. |
Performance Capacity Used Threshold Breached Indicates that the load on the node could become over utilized if you don't reduce the utilization by one or more highly active workloads. This event is generated when the node performance capacity used value is more than 100% for more than 12 hours. |
Limit high load on node |
Unified Manager identifies the volume with the highest IOPS and it applies a QoS policy using the historical expected and peak IOPS levels to reduce the load on the node. |
Dynamic Event Warning Threshold Breached Indicates that the node is already operating in an overloaded state due to the abnormally high load of some of the workloads. |
Reduce overload in node |
Unified Manager identifies the volume with the highest IOPS and it applies a QoS policy using the historical expected and peak IOPS levels to reduce the load on the node. |
Takeover is not possible Failover is currently disabled, so access to the node's resources during an outage or reboot would be lost until the node became available again. |
Enable node failover |
Unified Manager sends the appropriate command to enable failover on all nodes in the cluster. |
Option Cf.takeover.on_panic is Configured OFF The nodeshell option "cf.takeover.on_panic" is set to off, which could cause an issue on HA-configured systems. |
Enable takeover on panic |
Unified Manager sends the appropriate command to the cluster to change this setting to on. |
Disable nodeshell option snapmirror.enable The old nodeshell option "snapmirror.enable" is set to on, which could cause an issue during boot after upgrading to ONTAP 9.3 or greater. |
Set snapmirror.enable option to off |
Unified Manager sends the appropriate command to the cluster to change this setting to off. |
Telnet enabled Indicates a potential security issue because Telnet is insecure and passes data in an unencrypted manner. |
Disable Telnet |
Unified Manager sends the appropriate command to the cluster to disable Telnet. |
Configure storage VM anti-ransomware learning Periodically checks for clusters with licenses for anti-ransomware monitoring. Validates whether a storage VM supports only NFS or SMB volumes in such a cluster. |
Put storage VMs in a |
Unified Manager sets anti-ransomware monitoring to |
Configure volume anti-ransomware learning Periodically checks for clusters with licenses for anti-ransomware monitoring. Validates whether a volume supports only NFS or SMB services in such a cluster. |
Put volumes in |
Unified Manager sets anti-ransomware monitoring to |
Enable volume anti-ransomware Periodically checks for clusters with licenses for anti-ransomware monitoring. Detects whether the volumes are in the |
Put volumes in |
Unified Manager sets anti-ransomware monitoring to |
Disable volume anti-ransomware Periodically checks for clusters with licenses for anti-ransomware monitoring. Detects repetitious notifications during active anti-ransomware monitoring on the volumes (for example, multiple warnings of potential ransomware attacks are returned over 30 days). |
Disable anti-ransomware monitoring on volumes |
Unified Manager disables anti-ransomware monitoring on the volumes through the cluster management console. |