The Secure Event Connector (SEC) Health Check script provides information on the state of your SEC.
Follow this procedure to run Health Check:
Procedure
Step 1 | SSH to your host using the admin account, typically cdo. |
Step 2 | Switch to the SDC user using the command sudo su - sdc |
Step 3 | Run the command sdc eventing healthcheck and, if applicable, select the tenant when prompted.
Values of Health Check output:
-
SEC Cloud URL: Displays the Security Cloud Control cloud URL and whether or not the SEC can reach Security Cloud Control.
-
SEC Connector: Will show "Running" if the SEC connector has been onboarded correctly and has started.
-
SEC UDP syslog server: Will show "Running" if the UDP syslog server is ready to send UDP events.
-
SEC TCP syslog server: Will show "Running" if the TCP syslog server is ready to send TCP events.
-
SEC Connector status: Will show Active if the SEC is running and onboarded to Security Cloud Control.
-
SEC Send sample event: If at the end of the health check, all the status checks are "green," the tool sends a sample event. (If any of the processes are "Down," the tool skips sending the test event.) The sample event shows up in the Event Log as a policy named "sec-health-check."
|
