To enable event visualization:
Log in to the Sentinel server as the novell user.
Open the /etc/opt/novell/sentinel/config/configuration.properties file.
(Conditional) If you are using Sentinel in High Availability (HA) mode, ensure that the sentinel.ha.cluster property is set to true for all the nodes on the cluster.
Set the eventvisualization.traditionalstorage.enabled to true.
Refresh the user interface after few minutes to view event visualizations.
You should now see all the dashboards enabled in the My Sentinel user interface. Launch any dashboard, the Threat Hunting dashboard for example, and click Search. The dashboard displays all the events generated in the last 1 hour.
(Optional) Event visualization dashboards display only the events processed after you enabled event visualization. To view existing events present in file-based storage, you must migrate data from file-based storage to Elasticsearch. For more information, see Section 35.0, Migrating Data to Elasticsearch.
NOTE:Enabling or disabling event visualization generates an exception, as it restarts Sentinel indexing services. This exception is expected and you can ignore this exception.