Confirm scanning is enabled on Network Scanner of Advanced Threat Protection Platform

book

Article ID: 178998

calendar_today

Updated On:

Products

Advanced Threat Protection Platform

Issue/Introduction

 

Resolution

While working a security event or during product setup of Advanced Threat Protection (ATP) Platform, confirmation is needed that scanning is enabled on ATP Network Scanner

 

To confirm current scanning state in the User Interface (UI)

  1. Within the UI, navigate to Settings> Appliances. On the list of Appliances, locate the row for the ATP scanner.
  2. If the Scanning column for that row displays "Enabled", the scanning process is enabled.

 

To confirm current scanning state at the Command Line Interface (CLI)

  1. At the CLI, type:
    cfgexport | grep "Scan"

    Expected output is similar to the following:
    satpmgmt> cfgexport | grep "Scan"
    | machineid                        | name                | mgmtip    | mode | softwareversion | enabled | enableScan | Role                     |
    | [UUID removed] | satptmgmt.test.local | 10.0.0.20 | tap  | 2.3.0-233       |       1 |          1 | Management/Scanner/Proxy |
    satpmgmt>

     
  2. If the enableScan flag for an ATP appliance with the Scanner role is "1", that Scanner has scanning enabled.