The following article provides answers to common questions around the Alert Logic Health Console and its Network health view, including how to access these capabilities and the value they can provide.
What is the Health Console?
The Alert Logic Health Console gives you several ways to group and sort problems that Alert Logic has diagnosed in your environment. These include issues like misconfigured agents, missing appliances, and cloud configuration problems. These health issues are similar to the vulnerabilities and configuration issues presented in the Exposures section of the Alert Logic console, but they reflect the ability of Alert Logic to assess and protect your environment rather than inherent problems in your environment. You can find the Health Console within the Alert Logic console at (navigation menu) > Respond > Health.
What is a network?
Alert Logic represents each connected group of well-connected hosts in your environment as a network—a useful grouping for configuration and reporting. Amazon Web Services (AWS) VPCs are Networks, as are Azure VNETs and the networks you manually define for data center deployments. Alert Logic appliances protect all the hosts in a network, performing tasks like vulnerability scanning and network traffic analysis.
How can I use the Network health view in the Health Console?
One of the ways you can group health issues is by network. In this view, all issues in the network will be summarized and grouped by corrective action, or remediation. Because appliances protect on a network level by default, looking at all problems in a network is a good way to focus on a related set of tasks: Where are there missing appliances? Which hosts have agents that cannot communicate with any appliance in the same network? What hosts in the network haven’t been vulnerability scanned recently?
In particular, addressing appliance problems will often resolve many of the other issues that appear in a network. This makes the network view a powerful tool for breaking down health issues into work items, to be addressed according to priority or passed to the team that manages that network.
What kinds of problems are included in the Network health view?
All discovered problems that occur “inside” the network will be grouped together, including those not directly associated with an agent or appliance. Examples of problems you may encounter within this view include, but are not limited to:
- Appliance issues
- Agent issues, including missing agents
- Unscanned hosts
- Cloud configuration issues that affect the whole network, such as missing internet access in an AWS VPC