It is common for customers to need to make changes to what they have configured in their Alert Logic® Managed Detection & Response (MDR) deployments, or even completely start the configuration process over. When doing so, customers often delete the networks and subnets that they have configured for a given deployment.
For data center deployments, this creates an undesirable condition where all underlying agents and appliances associated with the agent or appliance gets orphaned. In addition, if the agent’s IP address does not match any subnet CIDR in any of the data center deployments, the agent or appliance remains orphaned.
This issue can be avoided if a subnet is created that matches the agent’s IP address before deleting the network, and there is no CIDR intersection across the data center subnets. By doing so, the agent or appliance can reclaim automatically without any further intervention.
For more information on configuring data center deployments and creating subnets, refer to our Data Center Deployment Configuration (Essentials Subscription) and Data Center Deployment Configuration (Professional Subscription) documents.
For more information on Orphaned Agents and Appliances, refer to the following document.