AlienVault® USM Anywhere™

View Network Testing Information

When you open a ticket with AT&T Cybersecurity Technical Support, you may be required to test the sensor's network connectivity with the system debugging tool to assist the support engineer with diagnosing your issue. The USM Anywhere Sensor console provides a function that you can use to collect this information.

To view sensor network test information for the sensor

  1. Open your virtualization management console and connect to the USM Anywhere Sensor Virtual Machine (VM).

    Alternatively, you can open an SSH session to the sensor VM. When using an SSH session, the default username is sysadmin.

    Important: If you are accessing a Microsoft Azure Sensor through SSH and you specified a username other than the default (sysadmin) for SSH access for the sensor VM, you must use the following commands at the command line to "sudo up" and access the sensor console:

    # sudo su –
    # su sysadmin

  2. From the USM Anywhere Sensor console System Menu, select Maintenance and press Enter.

    Select the Maintenance option from the console System menu

  3. From the Maintenance menu, select Debugging Tools and press Enter.

  4. From the Debugging Tools menu, select Network and press Enter.

    Debugging tools menu

  5. From the Network menu, select Network Test and press Enter.

    The network test runs and displays the test results.

Network Test Results

The test will display a screen with the results of the sensor's network test. There are seven tests that will be displayed. Each test will display a SUCCESS or ERROR result.

Results of the sensor debug test.

This table lists the individual tests with a potential diagnosis for a test failure.
Test Purpose Failure Diagnosis

Ping to default gateway

This test determines if the sensor can ping its default gateway/router.

If this test fails, confirm the sensor is using the correct default gateway and is using the correct subnet.

An error for this test will result in a sensor connection failure.

Ping to Google public DNS server (8.8.8.8)

This test determines if the sensor can ping Googles Public DNS server 8.8.8.8

If your network has Internet Control Message Protocol (ICMP) blocked out by default, the test fails.

DNS test to google.com

This test determines if the sensor can resolve domains or IPs using the Google Public DNS server 8.8.8.8

If your network has Google DNS blocked on your firewall, the test fails.

An error for this test will result in a sensor connection failure unless you are using your own local DNS servers to resolve domainsor IPs.

DNS test to Control Node <your subdomain>

This test determines if the sensor can resolve the IP of the USM Anywhere subdomain.

If this test fails, confirm that the sensor is using the correct DNS server and can resolve the IP address of the domain. This can be tested from another machine using the following command:

nslookup <SUBDOMAIN> <DNS-IP-Address>

An error for this test will result in a sensor connection failure.

Testing connection to Control Node port 443

This test determines whether a full TCP connection is possible to the domain on port 443.

If all previous tests are successful, this test can fail due to a firewall or a similar device blocking the connection.

An error for this test will result in a sensor connection failure.

See Deployment Requirements for sensor configuration requirements.

Testing connection to Control Node port 7100

This test determines whether a full TCP connection is possible to the domain on port 7100.

If all previous tests are successful, this test can fail due to a firewall or similar device blocking the connection.

An error for this test will result in a sensor connection failure.

See Deployment Requirements for sensor configuration requirements.

Testing SSL Certificate of the Control Node

This test determines whether the OpenSSL certificate is being returned.

If this test fails, it is most likely due to firewall or proxy duplicating the OpenSSL certificate.

An error for this test will result in a sensor connection failure.

See Deployment Requirements for sensor configuration requirements.