Starting on July 8, numerous enhancements will be available in the Health Console for Managed Detection & Response customers to provide a more streamlined process to manage asset health. These enhancements include the addition of asset metadata, configuration exposures and remediations, access to application registry collectors, and more. Read on for information on each enhancement and how these enhancements can help you improve your overall asset health.
Easily Accessible Asset Metadata
When reviewing the health of your assets in the Health Console – which can be found in the Alert Logic console at main menu () > Respond > Health – you can now access asset metadata directly within the Health Console. Previously, asset metadata was accessed through the Topology page, requiring you to navigate away from the Health Console for additional asset information. Now, you can view asset metadata by simply expanding the card view when an asset is selected.
Inclusion of Application Registry Collectors and Connection Filter
Additionally, a new asset type of “Collectors” has been added to the Health Console. Using this new asset type, you can view the health of SaaS collectors you have set up using the Application Registry.
To view these collectors, click the new View drop-down to display a list of asset types and select Collectors.
You can also filter your list of unhealthy assets to view connection issues. The new Connection option is available in the Category filters. When the Connection category is selected, you can view hosts that are offline, hosts with SSL certificate issues, and Application Registry collector issues.
Access to Configuration Exposures and Remediations
To enhance the Health Console as a single source for resolving asset health issues, configuration issues that generate exposures and remediations are now available directly in the Health Console. Previously, configuration exposures and remediations were only available on the Exposures page. With this enhancement, you can more effectively use the Health Console to remediate many kinds of asset health issues.
Note: Configuration exposures and remediations are still also accessible on the Exposures page.
Exposures and remediations can be viewed in multiple ways in the Health Console. To view a list of exposures or remediations, select Unhealthy in the filters bar, then click the View drop-down and select Exposures or Remediations.
Using this list view, you can manage configuration exposures and remediations just as you would on the Exposures page, such as filtering the list as needed and opening the exposures and remediations for more detail.
Additionally, detailed remediation and exposure information now displays when viewing unhealthy assets. When you expand a card for an unhealthy asset, such as a network, in the Health Console, the new Remediations and Exposures section provides a summary of any related remediations and exposures. You can then simply click one of these items to drill down to additional detail about the remediation or exposure.
New Exposures and Remediations for SSL Certificate Expiration Issues
With these enhancements, new exposures for SSL certificates have also been introduced. Using the Health Console, you can now identify SSL certificates that:
- Are in danger of expiring within 30 days
- Are already expired
- Are not valid until a later date
With the addition of the Dashboards experience in the Alert Logic console, the Coverage and Health Dashboard was introduced. This Dashboard has been enhanced to include the new SaaS Collectors asset type.
Note: The Summary page previously available in the Health Console when not using the Dashboards experience has been deprecated. The Coverage and Health dashboard provides access to the same information previously available on the Summary page.