Check Status of Probe Nodes

This procedures explains how a LogRhythm Admin or Analyst checks the status of probe nodes to determine if the platform is operating correctly. 

Requirements

• To view the Probe Node Status screen, you must have Administrator, Analyst, or Analyst (Read Only) access.

  

  When a Node goes down, Administrators receive an alert notification in the upper-right corner of the Main Dashboard. When a Node is brought back up, the UI status will change and the Last Contact is updated.

  

  Users cannot bring a Node back up from the Admin UI.

• The maximum number of Nodes supported is 50 (1-2 Nodes is typical).

Check Status of Probe Nodes

1. Log in to the LogRhythm NDR UI as an Administrator, Security Analyst, or Read-Only Security Analyst .
2. Click the System tab, then click Probe Node Status.
   The Probe Node Status screen appears.  
   The following information is displayed in tabular format:
   
   • Time
   • Site Name
   • Node Name
   • Status 
   • Data Acquisition Rate
   • Last Contact
   

   When a Node is down, the entire row is highlighted in red.

View System Status Log - Notifications

1. Log in to the LogRhythm NDR UI as an Administrator.

2. In the upper-right corner, click the Notification icon.

   

   Only the Administrator has access to the Notification icon.

   The System Status Log - Notifications table appears in the top half of the screen.