Xperteyes Architecture

Xperteyes consists of three base programs. The collector, the checker and the viewer. Furthermore, a separate environment is available for setting up an automated collect-check cycle for your critical servers.


The collector reads the configuration of a system.
It is a read-only program, running in user space. It is operating-system dependent. The collected data is not interpreted, except to guide the collector. The collected data is saved into one file, called a collection.

The collector will read all well-known objects on the system. This includes the file system, the users and groups, the network configuration, the directory (registry, active directory, ldap, open directory, /etc). X|support will continue to expand the collectors to read more sources. However, the configurations of specific applications that are not stored in a well-known place are not collected in the standard version. Support for these items can of course be added as special requests. In our experience, support for a simple new source is usually available within a day.


The checker applies the requirements to a collection.
Each requirement contains several tests that should be applied on one or more objects. The objects can be simple objects (one file, one user, etc.) or collections of objects. For the file system and other hierarchical collections, subtrees can be described simply: the requirement that the home directory of a user contains only objects that belong to that user is easily stated. The result of the check is an enriched collection, again saved in a file.

In our experience, each server in each organisation is unique in several ways. In order to prevent false negatives (failures that are not incorrect) and false positives (no failure where one should occur), each requirement set needs tuning to the client-specific server. X|support has developed sets of basic requirements for several system configurations. The user can build a complete requirement set adding his own local requirements to these basic sets. X|support can of course provide additional support creating this requirement set.


The graphical browser makes it easy to view and interpret any collection.
Its basic window shows the data in a tree-content view, for many familiar from the Windows Explorer. If the collection is the result of a check, the test failures will be highlighted. A failures window will pop up too. This window contains a list of the failures that can be grouped and sorted. But it contains also an abstract view of the failures within the data, called a tree map. This tree map view shows in which parts of the data the failures occur. See the screen shots for a tree map and its explanation.

This tree map view is based on research by Van Ham and Van Wijk

Xperteyes: have an expert look at your system, and see the results.