Manage Lumu Virtual Appliances

Manage Virtual Appliances and Collectors

You have the option to manage Lumu Virtual Appliances (VA) directly from the Lumu Portal. The virtual appliance allows for full visibility into the compromises inside your network and is available for the most commom hypervisors. This document lists and describes procedures for managing Virtual Appliances in the Lumu Portal.

For more details about the appliance settings, consult Advanced Settings for Virtual Appliances.

Create and Activate a Virtual Appliance

You can find the steps for creating a Lumu VA by accessing Deploy Virtual Appliances.

When you first create a Virtual Appliance on the Lumu portal, it remains inactive. To activate the VA, follow the steps in  Configure Virtual Appliances.

Be aware that some appliance information takes about 5 minutes after activation to be updated on the Lumu portal.

VA management area of Lumu portal VA management area of Lumu portal

To see all the details of the VA you created, go to the Lumu portal, navigate to the menu VA area, and click on the virtual appliance whose details you want to check.

On the Virtual Appliance details page, you are going to find the following sections:

  1. Appliance details such as its name, status, id, labels, description, and statistics.
  2. VA configuration details such as its version, status, forwarders, and system data.
  3. VA management options: edit, delete and revoke.
  4. VA collectors management area.
  5. VA records view of the last 7 days.
  6. Data group rules to add and edit rules (labels) for traffic categorization.
Virtual Appliance details section of the Lumu portal Virtual Appliance details section of the Lumu portal
NOTE: If you have not updated your virtual appliance to version 3.0.1 or higher, we will not be able to detect its configuration settings. To make sure you are running the latest Lumu VA version, simply run the command lumu-appliance upgrade, this will upgrade the VA for the latest version. Consult the VA Command Quick Reference for more information.

Edit a Virtual Appliance

To edit the appliance details, go to the Lumu Portal, navigate to the Virtual Appliance menu, click on the virtual appliance, and select the option to edit it. In this area, you are able to edit the appliance name, the default label, and the description.

Editing a virtual appliance Editing a virtual appliance
Be aware that any edit made to an existing VA affects only the data collected after the changes are made and does not apply to any data already collected.

Revoke a Virtual Appliance

The revocation process generates a new activation code. This option should be used in specific scenarios such as when you lost the activation code, or when cloning the appliance and avoiding using the same credentials, etc.

The revocation action cannot be undone.

To revoke an appliance, go to the Lumu Portal, navigate to the VA area, click on the VA, and select the option to revoke.

Revoking a virtual appliance Revoking a virtual appliance

Once you confirm the revoke action, a new activation code will be generated for that Virtual Appliance.

Be sure to record this activation code, as you will not be able to view this code again once you close the pop-up window.
To activate the appliance with the new activation code, use the command: lumu-appliance reset activation {activationcode}.

Delete a Virtual Appliance

The deletion process permanently removes the virtual appliance. This action cannot be undone and should be used when you want to permanently remove the appliance.

To delete an appliance, go to the Lumu Portal, navigate to the VA area, click on the virtual appliance and select the option to delete.

Deleting a virtual appliance Deleting a virtual appliance

Manage Virtual Appliances Collectors

To edit a VA collector’s details, navigate to the Virtual Appliances menu of the Lumu Portal, and click on the VA that contains the VA collector. On the Virtual Appliance details page, click on the “Edit” icon of the VA collector you want to edit (as shown in the figure below).
The information you edit on the Lumu Portal will be synchronized with the Lumu VA automatically.
To delete a VA collector, navigate to the Virtual Appliances menu and click on the VA that contains the VA collector. On the Virtual Appliance details page, click on the delete icon of the VA collector you want to remove (as shown in figure below).
This will permanently delete the VA collector on the Lumu Portal and on the Lumu VA. This action can not be undone.
VA collectors management VA collectors management

Working with Grouping Rules

On the Lumu Portal you have the option to create rules for individual assets or groups of assets in order to label the Virtual Appliance’s activities.

Rules are based on CIDRs (Classless Inter-Domain Routing). When you create a rule, all activity coming from a device in which the IP address matches the CIDR will be labeled accordingly to the assigned label. If no match is found in the custom collector rules, the default label is applied.

Labels give you the power to sort your traffic by geography, departments, business units, critical assets, or as needed.

To manage rules for a Virtual Appliance, go to the Lumu Portal and select the corresponding option:

Managing the virtual appliance rules Managing the virtual appliance rules

You can add, edit, or remove labels for specific IP addresses or a group of IPs.

Managing VA grouping rules Managing VA grouping rules
Be aware that any edit made to an existing collector affects only the data collected after the changes are made and does not apply to any data already collected.
    Still can’t find an answer?
    Send a message to our experts.
    Contact Us

        • Related Articles

        • Create VA Collectors

          The Lumu Virtual Appliance (VA) offers the option to create VA Collectors, a seamless way to collect the network metadata of your entire enterprise and forward it to the Lumu cloud with the lowest impact on the network operation. In this quick guide, ...

        • Deploy Virtual Appliances

          To get started and review requirements for Lumu Virtual Appliances, consult our document Introduction to Virtual Appliances. Follow these simple steps to create and download a pre-configured Virtual Appliance and start illuminating threats and ...

        • Lumu Virtual Appliance DNS Packets Collectors Catalog

          Before attempting this type of implementation, we strongly suggest checking out our Lumu Agent for Windows Server , which can act as a DNS server collector and covers the vast majority of the scenarios of this VA implementation (Windows Server 2016 ...

        • Lumu Virtual Appliance DNS Queries Collectors Catalog

          In the following table, you will find a complete list of DNS Queries Collectors available for deployment as part of Lumu's Virtual Appliances. Collector Logo Collect DNS Queries with Lumu VA and Infoblox Collect DNS Queries with Lumu VA and Citrix ...

        • Advanced Settings for Virtual Appliances

          The Lumu Virtual Appliance (VA) allows for full visibility into the compromises inside your network and is available for the most commom hypervisors. This document lists and describes procedures for managing advanced settings and troubleshooting for ...