Common Preflight & Health Failures
Preflight validation runs automatically before every export and import operation. It verifies that all prerequisites are satisfied — from administrator privileges and license status to configuration integrity, application definitions, manifest structure, and SIEM connectivity. The checks catch misconfigurations early, before any data is read or written.
How Preflight Works
In the GUI, preflight runs automatically when the user starts an export or import. If all checks pass, the operation proceeds silently. If there are warnings only, a dialog lists the issues and asks the user to confirm. If there are errors, a dialog lists the issues and the operation is blocked until the errors are resolved.
In the CLI, preflight runs as part of the operation startup. Errors cause the CLI to exit with the appropriate return code. Warnings are logged but do not block execution.
The full preflight report is serializable to JSON and logged with a summary line showing pass/warning/error counts and total duration.
Export Checks
The following checks run before an export, in order:
| Check ID | Category | Description |
|---|---|---|
ADMIN_RIGHTS |
System | Verifies the process runs with administrator privileges |
LICENSE_VALID |
License | Validates the license (signature, expiry, environment binding) |
SETTINGS_XML |
Configuration | Checks that settings.xml exists |
EVENTPIPELINE_CONFIG |
Configuration | Checks that eventpipeline.xml exists and is valid XML |
SCHEMA_FOLDER |
Configuration | Verifies the schema folder exists and contains .xsd files |
DEFINITIONS_FOLDER |
Definitions | Verifies the application definitions folder exists |
DEF_EXISTS:{app} |
Definitions | Checks that the definition XML exists for each selected application |
DEF_SCHEMA:{app} |
Definitions | Validates each definition file against the application schema (XSD) |
EXPORT_TARGET |
Paths | Tests that the export target directory is writable (creates and deletes a test file) |
DISK_SPACE |
Resources | Checks free disk space on the target drive (Error < 0.5 GB, Warn < 2 GB) |
SIEM_CONNECTIVITY |
SIEM | Tests SIEM connection if active (passes if SIEM not configured or inactive) |
Import Checks
Import preflight includes the same system, license, and configuration checks as export, plus manifest and mapping validation:
| Check ID | Category | Description |
|---|---|---|
ADMIN_RIGHTS |
System | (same as export) |
LICENSE_VALID |
License | (same as export) |
SETTINGS_XML |
Configuration | (same as export) |
EVENTPIPELINE_CONFIG |
Configuration | (same as export) |
SCHEMA_FOLDER |
Configuration | (same as export) |
MANIFEST_EXISTS |
Manifest | Checks that the manifest file exists at the given path |
MANIFEST_SCHEMA |
Manifest | Validates the manifest XML against the manifest schema (XSD) |
MANIFEST_APPS |
Manifest | Verifies that all requested application names are present in the manifest's <Entry> elements |
MANIFEST_DATA |
Manifest | Checks that the data folder referenced by <DataFolderName> exists alongside the manifest |
MAPPING_EXISTS |
Mapping | Checks that the mapping file exists (only if a mapping file path was provided) |
MAPPING_SCHEMA |
Mapping | Validates the mapping file against the mappings schema (XSD) |
SIEM_CONNECTIVITY |
SIEM | (same as export) |
Severity Levels
| Severity | Meaning | GUI Behavior |
|---|---|---|
Pass |
Check succeeded | Not shown in the dialog |
Warning |
Non-blocking issue (operation can proceed) | Shown with [WARN] prefix; user is asked to confirm |
Error |
Blocking issue (operation must not proceed) | Shown with [ERROR] prefix; operation is blocked |
The overall report result is Passed (no warnings or errors), PassedWithWarnings (warnings but no errors), or Failed (at least one error).
Preflight Report
The preflight report is a structured JSON object containing: operation mode (Export/Import), application names, manifest path, mapping path, machine name, user, OS version, application version, total duration, and all individual check results. Each check result includes the CheckId, description, category, severity, optional detail message, and execution duration in milliseconds.
The report is written to the application log as a summary line (e.g. "Export preflight Passed: 11 passed, 0 warnings, 0 errors (45ms)"). For automation scenarios, the full JSON report can be serialized via report.ToJson() or saved to a file via report.SaveJson(path).
Special Handling: License
The license check during preflight differentiates between three outcomes: Pass (valid and not expiring soon), Warning (expiring within 30 days or in grace period), or Error (expired beyond grace, missing, or invalid). A license in the grace period does not block operations — it produces a warning that allows the user to continue.
Special Handling: Event Pipeline Config
The EVENTPIPELINE_CONFIG check goes beyond file existence — it also parses the XML to verify it is structurally valid. A corrupt eventpipeline.xml file reports as Error rather than silently disabling event forwarding, which ensures that pipeline misconfiguration is caught before any data operations take place.