Troubleshooting a Resilient App
There are several ways to verify the successful operation of a function. You can also use these ways to troubleshoot a problem with your Resilient app.
There are several ways to verify the successful operation of a function. You can also use these ways to troubleshoot a problem with your Resilient app.
Resilient is designed to help your security team respond faster to threats within your system. Its various functions send data to external code or applications for the purpose of integration work.
There are several ways to verify the successful operation of a given function to investigate potential issues. In the post below, we've listed several methods of troubleshooting problems within your Resilient app.
When viewing an incident, use the Actions menu to view Action Status. By default, "pending" and "errors" are displayed.
Modify the filter for "actions" to also show Completed actions. Clicking on an action displays additional information on the progress made or what error occurred.
A separate log file is available to review scripting errors.
This is useful when issues occur in the pre-processing or post-processing scripts. The default location for this log file is: /var/log/resilient-scripting/resilient-scripting.log
By default, Resilient logs are retained at /usr/share/co3/logs. The client.log may contain additional information regarding the execution of functions. Be sure to check and see what you find.
The log is controlled in the .resilient/app.config file under the section [resilient] and the property logdir. The default file name is app.log. Each function will create progress information. Failures will show up as errors and may contain Python trace statements.
If you are considering any custom cybersecurity solution that focuses on the resources and needs of your organization, please send a note to connect@metronlabs.com.
We dive into the OCSF framework and its ability to standardize the language of your data.
We’re back with the sophomore edition of MI-One, your exclusive monthly peek into the inner world of security system integrations and automation.
Dive into the technical considerations for integrating OT platforms with IT systems.
Discover the various Cortex offerings and learn how they can become potential game-changers in your security ecosystem.