Troubleshooting SpanVA Connectivity
book
Article ID: 170846
calendar_today
Updated On:
Products
CASB Security Standard
CASB Security Premium
CASB Security Advanced
CASB Audit
CASB Gateway
CASB Gateway Advanced
Data Loss Prevention Cloud Package
Issue/Introduction
SpanVA is Disconnected or Degraded
Resolution
SpanVA to CloudSOC
- Does the SpanVA Console show the status as alive and Green?
- Check Status of SpanVA within CloudSOC Settings | Status Monitor.
- Verify the Proxy settings if required.
- Test without the use of a proxy.
- Port 443 outbound is a requirement for several DNS entry's
- *.elastica.net
elastica-oregon-audit.s3.amazonaws.com
cep-dub-audit.s3.amazonaws.com
elastica-artifacts.s3.amazonaws.com
el-public-repo.s3.amazonaws.com
- SpanVA Monitor logs will display helpful information:
- Data has been sent to CloudSOC via SpanVA
- *Search Splunk: keywords: tenantid, datasource ID.
- Received log files upload notification from SpanVA running for tenant tenantname, datasource id : ***f83***330***044***5c1**
Logs Sent to Spanva
- SpanVA Monitor logs will display helpful information:
- ​Data has been received by SpanVA.
- Test FTP/SCP to SpanVA manually.
- scp bluecoat.log1.gz [email protected]:
/ds_elastica/datasources/531eeadfca78c264ae87e317
- Repeat sending a empty file called UPLOAD_COMPLETED.
Feedback
thumb_up
Yes
thumb_down
No