Sample Telemetry File

Below is a sample of the anonymous information collected from USM v5.x users who have opted in for telemetry collection. For more about information usage, you view our Privacy Policy.

  {
  "_id": ObjectId("xxxxxx"),
  "timestamp": 1444525210,
  "system_id": BinData(3, "xxxxxx=="),
  "data": [
    {
      "load": "0.27, 0.44, 0.56",
      "hostname": "Alien01lon",
      "last_updated": "Fri Oct 09 16:05:00 2015 BST",
      "results": [
        {
          "result": true,
          "checks": [
            {
              "name": "00250001",
              "description": "Verifies that the default hardware has not been modified",
              "detail": "",
              "summary": "The shipped hardware has not been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            }
          ],
          "strike_zone": true,
          "name": "0025 Default hardware",
          "description": "Checks the standard hardware."
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00370001",
              "description": "Checks if the default network configuration based on the /etc/resolv.conf is correct",
              "detail": "",
              "summary": "The /etc/resolv.conf content is correctly configured",
              "strike_zone": true,
              "result": true,
              "severity": "Critical"
            }
          ],
          "strike_zone": true,
          "name": "0037 Network routing",
          "description": "Parses the /etc/resolv.conf file for inconsistencies"
        },
        {
          "result": false,
          "checks": [
            {
              "name": "00180003",
              "description": "Verifies there aren't any RX/TX errors",
              "detail": "Network errors have been found in eth0: RX packets errors(0) and dropped(4), TX packets errors(0) and dropped(0)",
              "summary": "Network RX/TX errors found",
              "strike_zone": true,
              "result": false,
              "severity": "Warning"
            },
            {
              "name": "00180002",
              "description": "Verifies that all configured interfaces are up and running",
              "detail": "",
              "summary": "All configured interfaces are up and running",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            },
            {
              "name": "00180001",
              "description": "Verifies that the loopback interface is present",
              "detail": "",
              "summary": "Loopback interface is present",
              "strike_zone": true,
              "result": true,
              "severity": "Critical"
            },
            {
              "name": "00180005",
              "description": "Checks if the MTU value has been modified",
              "detail": "",
              "summary": "MTU value has not been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            },
            {
              "name": "00180004",
              "description": "Verifies that there isn't a significant number of network collisions",
              "detail": "",
              "summary": "There are no network collisions",
              "strike_zone": true,
              "result": true,
              "severity": "Error"
            }
          ],
          "strike_zone": true,
          "name": "0018 Current network configuration",
          "description": "Monitors the network configuration searching for network problems."
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00190001",
              "description": "Checks if AlienVault license has been violated",
              "detail": "",
              "summary": "USM is in compliance with its activation license",
              "strike_zone": true,
              "result": true,
              "severity": "Alert"
            }
          ],
          "strike_zone": true,
          "name": "0019 Licensed Devices",
          "description": "Compares the number of current devices registered against the number of licensed devices"
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00410001",
              "description": "Verify that the files provided within AlienVault packages have not been modified",
              "detail": "",
              "summary": "The files within the AlienVault packages have not been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Error"
            }
          ],
          "strike_zone": true,
          "name": "0041 Package checksum",
          "description": "Searches for modified files that originally belonged to a package."
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00260001",
              "description": "Verifies that there aren't unknown repository entries in the repository directory",
              "detail": "",
              "summary": "There is no unknown repository in this deployment",
              "strike_zone": true,
              "result": true,
              "severity": "Error"
            },
            {
              "name": "00260003",
              "description": "Verifies that all repositories in OS mirror configuration are correct",
              "detail": "",
              "summary": "The OS mirror configuration is correct",
              "strike_zone": true,
              "result": true,
              "severity": "Error"
            },
            {
              "name": "00260004",
              "description": "Verifies that all repositories within AlienVault mirror configuration are correct",
              "detail": "",
              "summary": "All repositories within AlienVault mirror configuration are correct",
              "strike_zone": true,
              "result": true,
              "severity": "Error"
            }
          ],
          "strike_zone": true,
          "name": "0026 Default repositories",
          "description": "Searches for the default repositories"
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00270001",
              "description": "Checks if the installed packages match with the AlienVault provided ones",
              "detail": "",
              "summary": "The installed packages are default",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            },
            {
              "name": "00270003",
              "description": "Checks if the version of certain critical packages matches with the expected version",
              "detail": "",
              "summary": "The AlienVault critical packages have a correct version",
              "strike_zone": true,
              "result": true,
              "severity": "Error"
            },
            {
              "name": "00270002",
              "description": "Checks if AlienVault packages version matches with the expected version",
              "detail": "",
              "summary": "The AlienVault packages version is correct",
              "strike_zone": true,
              "result": true,
              "severity": "Error"
            },
            {
              "name": "00270004",
              "description": "Verifies that all the packages have been successfully installed",
              "detail": "",
              "summary": "The installation package status is correct",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            }
          ],
          "strike_zone": true,
          "name": "0027 Default server packages",
          "description": "Searches for the default packages in a Server profile."
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00470001",
              "description": "Verify that the schema version matches the appliance version",
              "detail": "",
              "summary": "The database schema version is correct",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            }
          ],
          "strike_zone": true,
          "name": "0047 Database schema version",
          "description": "Looks for compatibility problems between the DB schema deployed and the packages installed."
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00340001",
              "description": "Checks if the internal database has been modified manually",
              "detail": "",
              "summary": "The internal AlienVault database has not been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Error"
            },
            {
              "name": "00340002",
              "description": "Checks if the AlienVault database schema has been manually modified",
              "detail": "",
              "summary": "The AlienVault schema has not been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            }
          ],
          "strike_zone": true,
          "name": "0034 MySQL history",
          "description": "Searches for anomalies in the root .mysql_history file."
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00050001",
              "description": "Verifies the existance of the plugin files for all AlienVault Agent enabled plugins",
              "detail": "",
              "summary": "No missing configuration files for AlienVault Agent enabled plugins",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            }
          ],
          "strike_zone": true,
          "name": "0005 Agent Plugins",
          "description": "Looks for the plugin files enabled, and then checks its existance"
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00290001",
              "description": "Checks if the disk size is the standard one",
              "detail": "",
              "summary": "The disk size in this installation is standard",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            }
          ],
          "strike_zone": true,
          "name": "0029 Disk size",
          "description": "Checks the disk size"
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00310001",
              "description": "Checks if the hostname and/or domain are the ones configured for the AlienVault system",
              "detail": "",
              "summary": "The hostname and domain values in /etc/hosts are correct",
              "strike_zone": true,
              "result": true,
              "severity": "Critical"
            },
            {
              "name": "00310002",
              "description": "Verifies that the localhost is present in the /etc/hosts file",
              "detail": "",
              "summary": "There is a localhost entry in the /etc/hosts file",
              "strike_zone": true,
              "result": true,
              "severity": "Critical"
            },
            {
              "name": "00310003",
              "description": "Verify that data.alienvault.com has not been redirected to a different location",
              "detail": "",
              "summary": "The AlienVault Data server is correctly configured",
              "strike_zone": true,
              "result": true,
              "severity": "Error"
            }
          ],
          "strike_zone": true,
          "name": "0031 Hosts configuration file",
          "description": "Parses the /etc/hosts file for inconsistencies"
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00080001",
              "description": "Verifies the integrity of the AlienVault Agent rsyslog files",
              "detail": "",
              "summary": "The default AlienVault Agent rsyslog files have not been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            },
            {
              "name": "00080002",
              "description": "Verifies that default AlienVault Agent rsyslog files have been properly installed",
              "detail": "",
              "summary": "The default AlienVault Agent rsyslog files have been properly installed",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            }
          ],
          "strike_zone": true,
          "name": "0008 Agent rsyslog configuration files integrity",
          "description": "Check the integrity of the default Agent rsyslog configuration files."
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00540001",
              "description": "Verifies that the current system is supported and does not come from a free OSSIM version installation.",
              "detail": "",
              "summary": "The current deployment is supported",
              "strike_zone": true,
              "result": true,
              "severity": "Critical"
            }
          ],
          "strike_zone": true,
          "name": "0054 Unsupported Installations",
          "description": "Searches for unsupported installations"
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00060002",
              "description": "Verifies that default AlienVault Agent plugins have been properly installed",
              "detail": "",
              "summary": "The default AlienVault Agent plugins have been properly installed",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            },
            {
              "name": "00060001",
              "description": "Verifies that default AlienVault Agent plugins have not been modified",
              "detail": "",
              "summary": "The default AlienVault Agent plugins haven't been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            }
          ],
          "strike_zone": true,
          "name": "0006 Agent plugins integrity",
          "description": "Verifies the integrity of the default Agent plugins."
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00090001",
              "description": "Verifies that an AlienVault platform dummy package is installed",
              "detail": "",
              "summary": "There is an AlienVault platform dummy package installed",
              "strike_zone": true,
              "result": true,
              "severity": "Critical"
            }
          ],
          "strike_zone": true,
          "name": "0009 Dummy packages",
          "description": "Check the dummy packages"
        },
        {
          "result": false,
          "checks": [
            {
              "name": "00350001",
              "description": "Verifies that the link speed is normal",
              "detail": "Link speed could not be checked as interface information reported an empty value",
              "summary": "Link speed is too low",
              "strike_zone": false,
              "result": false,
              "severity": "Warning"
            },
            {
              "name": "00350002",
              "description": "Verifies the link mode settings",
              "detail": "",
              "summary": "The link mode settings are correct",
              "strike_zone": true,
              "result": true,
              "severity": "Warning"
            }
          ],
          "strike_zone": false,
          "name": "0035 Network link status",
          "description": "Uses mii-tool to check the network link status"
        },
        {
          "result": true,
          "checks": [

          ],
          "strike_zone": true,
          "name": "/etc/ossim/doctor/plugins/0033_kernel_configuration.plg",
          "description": ""
        },
        {
          "result": false,
          "checks": [
            {
              "name": "00450001",
              "description": "Verifies that there are nameservers belonging to local network defined in /etc/resolv.conf",
              "detail": "None of the nameservers defined in /etc/resolv.conf belong to a local network",
              "summary": "No nameserver is defined in the local network",
              "strike_zone": true,
              "result": false,
              "severity": "Warning"
            },
            {
              "name": "00450002",
              "description": "Verifies that AlienVault defined nameserver is present in /etc/resolv.conf",
              "detail": "",
              "summary": "The AlienVault nameservers are correctly configured",
              "strike_zone": true,
              "result": true,
              "severity": "Critical"
            }
          ],
          "strike_zone": true,
          "name": "0045 Domain nameservers configuration file",
          "description": "Parses the /etc/resolv.conf file to search for inconsistencies"
        },
        {
          "result": true,
          "checks": [
            {
              "name": "00130001",
              "description": "Checks if any Database configuration file has been modified or deleted",
              "detail": "",
              "summary": "AlienVault DB configuration files haven't been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Info"
            },
            {
              "name": "00130002",
              "description": "Verifies that no AlienVault Agent configuration file has been modified or deleted",
              "detail": "",
              "summary": "AlienVault Agent configuration files haven't been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Info"
            },
            {
              "name": "00130003",
              "description": "Verifies that the AlienVault firewall rules have not been changed",
              "detail": "",
              "summary": "The AlienVault firewall rules have not been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Info"
            },
            {
              "name": "00130004",
              "description": "Verifies that AlienVault installed packages have not been modified",
              "detail": "",
              "summary": "The AlienVault installed packages have not been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Info"
            },
            {
              "name": "00130005",
              "description": "Verify that configuration files have not been modified",
              "detail": "",
              "summary": "The AlienVault configuration files haven't been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Info"
            },
            {
              "name": "00130006",
              "description": "Verifies that there are no modified files in protected directories",
              "detail": "",
              "summary": "The AlienVault protected directories haven't been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Info"
            },
            {
              "name": "00130007",
              "description": "Verify that ossim_setup.conf has not been modified",
              "detail": "",
              "summary": "AlienVault's ossim-setup.conf file has not been modified",
              "strike_zone": true,
              "result": true,
              "severity": "Info"
            }
          ],
          "strike_zone": true,
          "name": "0013 Bash history",
          "description": "Searches for anomalies in the root .bash_history file."
        }
      ],
      "running_network_interfaces": "lo, eth0",
      "server_eps_weekly_median": "0",
      "installed_memory": "28.0GB",
      "uptime": "1 day(s), 09:32",
      "configured_network_interfaces": "eth1, eth0, lo",
      "monitored_assets": "59",
      "software_profile": "Server, Database, Framework, Sensor",
      "alienvault_version": "5.2.0-PRO",
      "admin_ip_address": "192.168.38.250",
      "architecture": "x86_64",
      "appliance_type": "physical",
      "connected_servers": "0",
      "registered_users": "1",
      "sensors": "1",
      "operating_system": "Linux",
      "license": "AV1501-xxxxxxxx",
      "number_of_cores": "16",
      "kernel_version": "3.16.0-4-amd64",
      "hardware_profile": "alienvault-hw-aio-6x1gb",
      "sensor_monitors": "nmap-monitor, ossim-monitor",
      "strike_zone": false,
      "cpu_type": "Intel(R) Xeon(R) CPU           E5620  @ 2.40GHz Family 6 Model 44 Stepping 2",
      "sensor_detectors": "pam_unix, sudo, suricata, ossec-single-line, ssh"
    }
  ]
}
Get price Free trial