Use Health Check to Learn the State of your Secure Event Connector

The Secure Event Connector (SEC) Health Check script provides information on the state of your SEC.

Follow this procedure to run Health Check:

Procedure


Step 1

Open your VM hypervisor and start a console session for your Secure Device Connector (SDC).

Step 2

Login to the SDC as "Security Cloud Control" user.

Step 3

Switch to the "sdc" user:

[cdo@tenant]$sudo su sdc

Step 4

At the prompt, run the healthcheck.sh script and specify the tenant name:

[sdc@host ~]$ /usr/local/cdo/toolkit/healthcheck.sh --app sec --tenant CDO_[tenant_name]

For example:

[sdc@host ~]$ /usr/local/cdo/toolkit/healthcheck.sh --app sec --tenant CDO_example_tenant

The output of the script provides this kind of information:

Values of Health Check output:

  • SEC Cloud URL: Displays the Security Cloud Control cloud URL and whether or not the SEC can reach Security Cloud Control.

  • SEC Connector: Will show "Running" if the SEC connector has been onboarded correctly and has started.

  • SEC UDP syslog server: Will show "Running" if the UDP syslog server is ready to send UDP events.

  • SEC TCP syslog server: Will show "Running" if the TCP syslog server is ready to send TCP events.

  • SEC Connector status: Will show Active if the SEC is running and onboarded to Security Cloud Control.

  • SEC Send sample event: If at the end of the health check, all the status checks are "green," the tool sends a sample event. (If any of the processes are "Down," the tool skips sending the test event.) The sample event shows up in the Event Log as a policy named "sec-health-check."