VEN Status Command and Options
This topic describes various commands for determining the status of a VEN. Log in as root to run these commands.
The VEN Status Command
illumio-ven-ctl status
Returns the status of the VEN on the workload.
Linux/AIX/Solaris
# /opt/illumio_ven/illumio-ven-ctl status
Example Linux VEN Status return parameters
Status for illumio-control: - Environment Illumio VEN Environment is setup - venAgentMgr venAgentMgr (pid 23598) is running... - IPSec IPSec feature not enabled - venPlatformHandler venPlatformHandler (pid 23676) is running... - venVtapServer venVtapServer (pid 23737) is running... - venAgentMonitor active(running) Agent state: enforced
Linux/AIX/Solaris VEN status field definitions
Name | Definition |
|---|---|
| Whether or not the Illumio VEN environment is setup |
|
|
| Whether or not the IPSec feature is enabled |
|
|
|
|
|
|
| For example, |
Windows
Example Windows VEN status command:
<VEN Installation Directory>\illumio-ven-ctl.exe status
Example Windows VEN status return parameters
Service venAgentMgrSvc: Running Service venPlatformHandlerSvc: Running Service venVtapServerSvc: Running Service venAgentMonitorSvc: Running Service venAgentMgrSvc: Enabled Service venPlatformHandlerSvc: Enabled Service venVtapServerSvc: Enabled Service venAgentMonitorSvc: Enabled
Policy Option for VEN Status
illumio-ven-ctl status policy
Returns the timestamp, ID, and state of the current security policy the VEN received from the PCE.
Linux/AIX/Solaris
# /opt/illumio_ven/illumio-ven-ctl status policy
Windows
Example Windows VEN status policy command:
<VEN Installation Directory>\Illumio>\illumio-ven-ctl.exe status policy
Return Description
Example
{
"timestamp" : "2019-06-14T00:41:41Z",
"id" : "xxxxxxxx940d0f4c2531b0d44400523dae055674-xxxxxxxx7a6796c210fb846b0321847bc22d701e",
"state" : "enforced"
}VEN status policy field definitions
Policy Field Name | Definition |
|---|---|
| Time the policy was received from the PCE (Local time + UTC offset) |
| ID of the security policy (computed locally) |
| Policy state (for example, |
Health Option for VEN Status
illumio-ven-ctl status health
Returns whether or not the VEN can write logs locally.
Note
This is not the same as PCE health.
Linux/AIX/Solaris
# /opt/illumio_ven/illumio-ven-ctl status health
Windows
Example Windows VEN status health command:
<VEN Installation Directory>\illumio_ven\illumio-ven-ctl status health
Return Description
Example
{
"results": [
{
"test": "VEN has write access to the log directory",
"result": "pass"
}
],
"state": "healthy"
}Linux/AIX/Solaris VEN status health field definitions
Field Name | Definition |
|---|---|
| Array of test results |
| VEN has write access to the log directory |
| " |
| VEN health status ("healthy" or "unhealthy"); “ |
Status Connectivity Option for VEN Status
illumio-ven-ctl status connectivity
Returns the status of the VEN connectivity with the PCE.
Linux/AIX/Solaris
# /opt/illumio_ven/illumio-ven-ctl status connectivity
Windows
Example Windows VEN status connectivity command:
Return Description
Example
{
"connectivity" : {
"ips_returned" : 1,
"pce" : "someName.someDomain",
"port" : 8443,
"results" : [
{
"ip" : "xx.xx.xxx.xxx",
"result" : "pass",
"http_code" : 204
}
]
},
"last_successful_hb" : "2019-06-14T04:10:28Z",
"time_now" : "2019-06-14T04:14:06Z"
}VEN status connectivity field definitions
Field Name | Definitions |
|---|---|
| JSON object containing most of the connectivity status fields |
| Number of IP addresses returned for the PCE name |
| PCE name |
| PCE port number |
| Array containing the PCE IP address, the test result, and the HTTP code |
| PCE IP address |
| Result of test (" |
| HTTP code received when the VEN attempted to connect to the PCE IP address |
| Timestamp of the last VEN heartbeat received by the PCE |
| Timestamp of the current local time |