7.3.2 Reset
Resetting the automatic analysis database can significantly impact the results seen from future analysis.
In rare cases, you may by asked to reset the automatic analysis database as part of troubleshooting an operational problem with SEA. Be aware that resetting the database erases all active callouts and stored analysis data. After resetting, the database only retains the following:
- FRU configuration data for the hardware present
- A scavenging marker indicating the last event read from the system binary event log
Follow these steps to reset the automatic analysis database. For the procedure to work, the database must be uncorrupted and functioning properly:
- Stop the Director (see Section 3.8).
- Issue the wsea reset command (only available in the new common syntax).
- Restart the Director (see Section 3.7).
Why a Reset Affects Future Analysis
A reset clears all active problem reports and storage units. Storage units are records of past events that some rules use for thresholding and multiple event analysis. After a reset, the lack of these records can significantly change analysis results.
For example, SEA can accumulate storage units that count toward satisfaction of a threshold filter. When a reset erases the units, problem reports that occur at the threshold may be delayed (because the count started over) or even completely suppressed.
The scenario usually involves correctable events. SEA generally reports uncorrectable faults when they occur, but correctable events such as intermittent disk read errors may be subject to threshold filtering. In other words, SEA only sends a problem report when enough correctable events occur within a specified time frame. This allows SEA to signal that a device is suspect even though a hard fault has not happened yet.
To reduce the impact of resetting, first review recent events (the minimum recommendation is to review the past 24 hours). During the review, look for recurring events, typically correctable errors, that involve any device that has not already been called out in problem reports. These events can indicate suspect devices.