Comments (1)
kevinlog
commented on June 26, 2024
@jmikell821
Currently, the Endpoint will reflect whichever status the parent Agent has, so these are from an Agent perspective. It still gives Security users insight into their Endpoint in the Administration tab
Possible Host statuses:
- Online, Green. This indicates that the Agent is online and communicating with Kibana
- Unenrolling, Yellow. This indicates that the Agent is currently unenrolling and will soon be removed from Ingest and the Endpoint will follow.
- Grey, Offline. This indicates that the Agent is still enrolled, but may be on a machine that is shutdown or doesn't have internet access currently. In this state, the Agent is no longer communicating with Kibana on a regular interval
- Red, Error. This indicates an Error in the Agent and means something has gone wrong. The user should look at the Agent logs in Fleet to find out more. This can also mean that the Endpoint is unable to find the parent Agent or that is it missing the Agent ID. This is also a problem and the user should investigate Endpoint or Agent logs.
FYI @caitlinbetz
from security-docs.
Related Issues (20)
- D4C docs for 8.8
- 8.8 Data Quality dashboard updates
- Filter alerts from Entity Analytics dashboard HOT 1
- The max_signals field for rules can support up to 1000 alerts HOT 7
- Add a note that in 8.8 rule's APIs (create, update, bulk, get, find) won't return `throttle` in a response payload HOT 7
- [Detection Engine] - Alert tagging & close reason
- Deploying Elastic Endpoint on macOS guide
- Replacing existing risk scoring capabilities with new risk engine
- [Docs][Rules] - Data quality monitoring rules docs
- [Docs][Rules] - Custom highlighted fields
- [Docs][Exceptions] - Auto fill exceptions from alert data
- [META] Documenting changes to rule actions in 8.8
- file.Ext.code_signature instead of process.Ext.code_signature HOT 3
- Nested grouping and beta label removed from grouping
- Entity Analytics: Tech preview label removed
- [BUG] [v8.7] Create exception item API: expire_time
- CSPM docs 8.8 updates
- [BUG] Re-add note about escaping special characters
- Expand top-level Cloud Native Security section
- [BUG] Broken link: Create security rule api
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from security-docs.