Alert Logic® Threat Manager™ customers can view the status of their protected hosts in the Alert Logic user interface (UI). This article describes how to access the status of your protected hosts, what each status means, and actions that can be taken to resolve certain statuses.
Accessing Protected Host Statuses
Use the following procedure to access the log source statuses in the Alert Logic UI:
- At the top of the Alert Logic UI, from the drop-down menu, click Threat Manager.
- In the left navigation area, under Detection, click Protected Hosts.
A table displays that lists each protected host. The status of each protected host displays in the Status column.
What Protected Host Statuses Mean
|NEW||The agent is newly registered and online but not yet configured to send traffic via an assignment policy.||You must assign the protected host to an appliance using the assignment policies in the Alert Logic UI.|
|OK||The agent is functioning as designed. It is collecting traffic without issue and is able to transport data from the host to the appliance.||No action is required.|
|WARNING||The agent has encountered an issue, but it does NOT prevent data collection.||Contact Alert Logic support - they will be able to determine the issue by looking at the type of warning and provide the next step of action required.|
|ERROR||The agent has encountered an issue that DOES prevent data collection. If you hover over the error, you should be able to see a better description of the error.||
Common errors are due to the Firewall Rules not being set up correctly. Check them against our Firewall Rules documentation.
If this does not resolve the issue, contact Alert Logic support. They will be able to determine the issue by looking at the type of error and provide the next step required.
|OFFLINE||The machine may be turned off or something may have changed in the Firewall Rules to stop Alert Logic from getting the correct status of the agent.||If the Offline status is not intended, the first action is to restart the agent. Also, check that the Firewall Rules are correct by checking them against our Firewall Rules documentation. Contact Alert Logic support if the Offline status persists.|