Alert Logic® Threat Manager™ customers can view the status of their protected hosts in the Alert Logic console. This article describes how to access the status of your protected hosts, what each status means, and actions that can be taken to resolve certain statuses.
Accessing Protected Host Statuses
Use the following procedure to access the log source statuses in the Alert Logic console:
If you are using the Classic Alert Logic console, complete the following steps:
- At the top of the Alert Logic console, click the Threat Manager page.
- In the left navigation area, under Detection, click Protected Hosts.
A table displays that lists each protected host. The status of each protected host displays in the Status column.
If you are using the new Alert Logic Console, complete the following steps:
- On the Alert Logic console homepage, click Threat Manager from the list of tabs near the top of the screen.
- In the Threat Manager sub-menu, click Deployments, then click All Deployments.
- In the left-side menu, click Networks and Hosts, then click Protected Hosts.
A table displays that lists each protected host. Click on the protected host to view its status.
What Protected Host Statuses Mean
|NEW||The agent is newly registered and online but not yet configured to send traffic via an assignment policy.||You must assign the protected host to an appliance using the assignment policies in the Alert Logic UI.|
|OK||The agent is functioning as designed. It is collecting traffic without issue and is able to transport data from the host to the appliance.||No action is required.|
|WARNING||The agent has encountered an issue, but it does NOT prevent data collection.||Contact Alert Logic support - they will be able to determine the issue by looking at the type of warning and provide the next step of action required.|
|ERROR||The agent has encountered an issue that DOES prevent data collection. If you hover over the error, you should be able to see a better description of the error.||
Common errors are due to the Firewall Rules not being set up correctly. Check them against our Firewall Rules documentation.
If this does not resolve the issue, contact Alert Logic support. They will be able to determine the issue by looking at the type of error and provide the next step required.
|OFFLINE||The machine may be turned off or something may have changed in the Firewall Rules to stop Alert Logic from getting the correct status of the agent.||If the Offline status is not intended, the first action is to restart the agent. Also, check that the Firewall Rules are correct by checking them against our Firewall Rules documentation. Contact Alert Logic support if the Offline status persists.|