After enabling Activity Monitoring, if you encounter an "MQTT Connection offline"
error, address it as follows:
Procedure
- Ensure the agents have outbound connectivity to Trend Vision One. If you have a firewall or proxy, add the following URL to the allow list and the SSL or TLS inspection settings:
agent-comm.workload.<cloudoneregion>.cloudone.trendmicro.com-
For accounts created before August 4, 2021, use
us-1for the region. -
For accounts created on or after August 4, 2021, verify the region in Account Settings.
See Required Workload Security URLs for the latest address list. -
- For Deep Security Agent version 20.0.2-4960 or earlier, verify the agent Activity
Monitoring configuration on the machine:
-
For Windows, enter the following commands when running a command prompt as Administrator:
cd "C:\Program Files\Trend Micro\Deep Security Agent" sendCommand.cmd --get GetConfiguration | findstr -i Sensor
-
For Linux, enter the following command in a terminal:
sudo /opt/ds_agent/sendCommand --get GetConfiguration | grep -i "sensor"
The result should be as follows:sensorActivityEnabled=true Feature SENSOR state= 1
-
- Ensure the Internet of Things (IoT) connection is online:
-
For Windows, enter the following commands when running a command prompt as Administrator:
cd "C:\Program Files\Trend Micro\Deep Security Agent" sendCommand --get GetIoT
-
For Linux, enter the following command in a terminal:
sudo /opt/ds_agent/sendCommand --get GetIoT
-
- Ensure you have the latest agent. See Upgrade the agent from the Computers page.
- If the host was created as a clone, ensure that:
- Cloning best practices were followed. See Cloned virtual machines using Deep Security Agent (DSA) cause conflict among multiple cloned computers.
- The host experiencing issues is the only host communicating with Deep Security Manager regarding the host record experiencing the alert.
- If Deep Security Agent has been re-registered with a new configuration for MQTT, restart the dsa-connect process or restart the agent on the host.