This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

Broker and IPDB Extractor services are "unreachable"

RSAAdmin
Beginner
Beginner

‎2015-04-20 11:29 AM

Hi, I am having problems with the Broker and the IPDB Extractor services since the 10.4.1 update. I see them just fine in the services view with everything green but in reality they are not working at all.

 

For example, when I click on the Broker to manage it, I get the following message instead of the config page:

Service 127.0.0.1 host MYHOST - Broker is unreachable

 

Same thing with the IPDB Extractor service :

Service 127.0.0.1 host MYHOST - IPDB Extractor is unreachable

 

Everything else works fine. Logs are collected/decoded and I can investigate logs through the Concentrator. Any ideas what is wrong? I tried the basics : restart the services, stop/start, remove/add them again with and without SSL, rebooted the appliance, etc. but nothing has made it.

0 Likes
2 REPLIES 2

RSAAdmin
Beginner
Beginner

‎2015-04-20 11:49 AM

2015-04-20 11_42_44-[ADM] _SFPIN4239 - Broker_ info.png

0 Likes

Anonymous
Not applicable
In response to RSAAdmin

‎2015-04-21 09:45 AM

Hi loyll,

 

This sounds like a permissions issue to me.  If your services are communicating via the 10.4 Trust Model then you will want to make sure that your "rdes071" user belongs to a Role/Group that has administrative access to the Broker and IPDB Extractor services.

 

If your services are communicating using the legacy method (with a username and password specified in the connection rather than using the SSL certificates), then you may need to add the "rdes071" user as a device user by following the steps below.

  1. Login to the Security Analytics UI as the admin user.
  2. Navigate to the Administration -> Services page.
  3. Click on the Actions button for the Broker service in the far right column and select View -> Security.
  4. Click on the Add ( + ) button underneath the Users tab.
  5. Type in the username of the user and press Enter.
  6. In the pane that appears on the right, type in the relevant User Information.
    1. If the user is externally authenticated, be sure to select External for the Auth Type.  Otherwise, if the user is local to the Security Analytics environment, select Netwitness.
  7. Under Role Membership, check the box for the group(s) to which the user is assigned.
  8. Scroll down and click on the blue Apply button.
  9. Click on the Replicate button next to the Add ( + ) and Remove ( - ) buttons.
  10. Select the IPDB Extractor service and click the Replicate button.

Below is a screenshot of what that would look like.

 

SA_LC_Security_AddUser.png

 

 

I hope this helps.  If you need further assistance, feel free to call 800-995-5095 and dial 9 or send an email to nwsupport@rsa.com and the Support team will be happy to help you out.

 

Thanks,

Jeff

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.