Local Testing

Use local testing to confirm Beacon is installed, writing endpoint events, and readable through the local dashboard before you move into managed deployment or SIEM forwarding. Beacon runs locally by default. These checks use the endpoint runtime JSONL log and local-only commands, so you can validate collection without a Beacon-hosted account or external network dependency.

Validation workflow

Check endpoint health

Run beacon endpoint status and beacon endpoint doctor to confirm the endpoint configuration, collector, runtime log, and local service state.

Write a validation event

Use beacon endpoint test-event to append a known-good synthetic event to the runtime JSONL log.

Review the dashboard

Start beacon endpoint dashboard --open and confirm the validation event appears in Log Search and summary views.

Validate MCP access

Run beacon mcp doctor, then test an MCP query path against the same runtime log to confirm local assistants only receive the intended compact activity summaries.

Inspect local logs

Confirm the runtime JSONL path, last-event freshness, and user or system mode paths match your test scope.

Guides

Health checks

Validate endpoint status, doctor checks, discovered harnesses, and local collector readiness.

Validation events

Write synthetic Beacon events and confirm the runtime log accepts endpoint telemetry.

Dashboard testing

Use the local dashboard to review Log Search, Security Overview, and runtime inventory with screenshots.

Model Context Protocol (MCP)

Understand local MCP access, transports, activity tools, and testing.

Local logs

Inspect runtime JSONL paths, last-event state, and user versus system mode behavior.

When to use local testing

Local testing is useful for developer evaluation, support triage, security review demos, and pilot preparation. For managed rollout guidance, see For Security & IT Teams, MDM Deployment, and SIEM Forwarding.

Upgrading Health Checks

⌘I

Documentation Index

​Local Testing

​Validation workflow

​Guides