VEN Status Command and Options
This topic describes various commands for determining the status of a VEN. Log in as root to run these commands.
Command
The status command returns the status of the VEN on the workload.
illumio-ven-ctl status
Linux/AIX/Solaris VENs
# /opt/illumio_ven/illumio-ven-ctl status
Windows VENs
C:\Program Files\Illumio\illumio-ven-ctl status
Return parameters
Linux
Status for illumio-control: - Environment Illumio VEN Environment is setup - venAgentMgr venAgentMgr (pid 23598) is running... - IPSec IPSec feature not enabled - venPlatformHandler venPlatformHandler (pid 23676) is running... - venVtapServer venVtapServer (pid 23737) is running... - venAgentMonitor active(running) Agent state: enforced
Windows
Service venAgentMgrSvc: Running Service venPlatformHandlerSvc: Running Service venVtapServerSvc: Running Service venAgentMonitorSvc: Running Service venAgentMgrSvc: Enabled Service venPlatformHandlerSvc: Enabled Service venVtapServerSvc: Enabled Service venAgentMonitorSvc: Enabled
Field definitions
Linux/AIX/Solaris
Name | Definition |
|---|---|
Environment | Whether or not the Illumio VEN environment is setup |
venAgentMgr | venAgentMgr status, and if running its pid |
IPSec | Whether or not the IPSec feature is enabled |
venPlatformHandler | venPlatformHandler status, and if running its pid |
venVtapServer | venVtapServer status, and if running its pid |
venAgentMonitor | venAgentMonitor status |
Agent state | For example, enforced QQ |
Options
This section describes these options:
Policy
Health
Connectivity
Policy option
illumio-ven-ctl status policy
Th policy option returns the timestamp, ID, and state of the current security policy the VEN received from the PCE.
Linux/AIX/Solaris
# /opt/illumio_ven/illumio-ven-ctl status policy
Windows
VEN releases 23.5 and earlier:
C:\Program Files\Illumio> .\illumio-ven-ctl.ps1 status policy
VEN releases 24.2.10 and later:
C:\Program Files\Illumio> .\illumio-ven-ctl.exe status policy
Return parameters
Windows
{
"timestamp" : "2019-06-14T00:41:41Z",
"id" : "xxxxxxxx940d0f4c2531b0d44400523dae055674-xxxxxxxx7a6796c210fb846b0321847bc22d701e",
"state" : "enforced"
}Field definitions
Linux/AIX/Solaris
Policy Field Name | Definition |
|---|---|
| Time the policy was received from the PCE (Local time + UTC offset) |
| ID of the security policy (computed locally) |
| Policy state (for example, |
Health option
illumio-ven-ctl status health
The health option shows whether or not the VEN can write logs locally.
Note
This is not the same as PCE health.
Linux/AIX/Solaris VENs
# /opt/illumio_ven/illumio-ven-ctl status health
Windows
<VEN Installation Directory>\illumio_ven\illumio-ven-ctl status health
Return parameters
Windows
{
"results": [
{
"test": "VEN has write access to the log directory",
"result": "pass"
}
],
"state": "healthy"
}Field definitions
Linux/AIX/Solaris
Field Name | Definition |
|---|---|
| Array of test results |
| VEN has write access to the log directory |
| " |
| VEN health status ("healthy" or "unhealthy"); “ |
Connectivity option
The connectivity option returns the status of the VEN connectivity with the PCE.
illumio-ven-ctl status connectivity
Linux/AIX/Solaris
/opt/illumio_ven/illumio-ven-ctl status connectivity
Windows
C:\Program Files\Illumio\illumio-ven-ctl status connectivity
Return parameters
{
"connectivity" : {
"ips_returned" : 1,
"pce" : "someName.someDomain",
"port" : 8443,
"results" : [
{
"ip" : "xx.xx.xxx.xxx",
"result" : "pass",
"http_code" : 204
}
]
},
"last_successful_hb" : "2019-06-14T04:10:28Z",
"time_now" : "2019-06-14T04:14:06Z"
}