Skip to main content

 

 

Cisco Defense Orchestrator

Use Health Check to Learn the State of your Secure Event Connector

The Secure Event Connector (SEC) Health Check script provides information on the state of your SEC.

Follow this procedure to run Health Check:

  1. Open your VM hypervisor and start a console session for your Secure Device Connector (SDC). 
  2. Login to the SDC as "cdo" user.
  3. Switch to the "sdc" user:
[cdo@tenant]$sudo su sdc
  1. At the prompt, run the healthcheck.sh script and specify the tenant name:
[sdc@host ~]$ /usr/local/cdo/toolkit/healthcheck.sh --app sec --tenant CDO_[tenant_name]

For example:

[sdc@host ~]$ /usr/local/cdo/toolkit/healthcheck.sh --app sec --tenant CDO_example_tenant

The output of the script provides this kind of information: 

sec_health_checker_blurred.jpg

Values of Health Check output:

  • SEC Cloud URL: Displays the CDO cloud URL and whether or not the SEC can reach CDO.
  • SEC Connector: Will show "Running" if the SEC connector has been onboarded correctly and has started.
  • SEC UDP syslog server: Will show "Running" if the UDP syslog server is ready to send UDP events.
  • SEC TCP syslog server: Will show "Running" if the TCP syslog server is ready to send TCP events.
  • SEC Connector status: Will show Active if the SEC is running and onboarded to CDO.
  • SEC Send sample event: If at the end of the health check, all the status checks are "green," the tool sends a sample event. (If any of the processes are "Down," the tool skips sending the test event.) The sample event shows up in the Event Log as a policy named "sec-health-check."