Breadcrumbs

Check Status of Probe Nodes

This procedures explains how a LogRhythm Admin or Analyst checks the status of probe nodes to determine if the platform is operating correctly. 

Requirements

  • To view the Probe Node Status screen, you must have Administrator, Analyst, or Analyst (Read Only) access.

    When a Node goes down, Administrators receive an alert notification in the upper-right corner of the Main Dashboard. When a Node is brought back up, the UI status will change and the Last Contact is updated.

    Users cannot bring a Node back up from the Admin UI.



  • The maximum number of Nodes supported is 50 (1-2 Nodes is typical).

Check Status of Probe Nodes

  1. Log in to the LogRhythm NDR UI as an Administrator, Security Analyst, or Read-Only Security Analyst .

  2. Click the System tab, then click Probe Node Status.
    The Probe Node Status screen appears.  
    The following information is displayed in tabular format:

    • Time

    • Site Name

    • Node Name

    • Status 

    • Data Acquisition Rate

    • Last Contact

    When a Node is down, the entire row is highlighted in red.


View System Status Log - Notifications

  1. Log in to the LogRhythm NDR UI as an Administrator.

  2. In the upper-right corner, click the Notification icon.

    Only the Administrator has access to the Notification icon.

    The System Status Log - Notifications table appears in the top half of the screen.