its still throwing this error as well.
Job user.f8081f32-43e6-4a99-bf9d-c58e019506b6 threw a JobExecutionException:
org.quartz.JobExecutionException: Error retrieving PCAP from device [See nested exception: java.io.IOException: com.rsa.netwitness.carlos.clients.nextgen.NextGenException: org.apache.http.conn.HttpHostConnectException: Connection to http://x.x.x.x:50103 refused]
at com.netwitness.platform.server.investigation.common.export.jobs.ExtractInvestigationPcapJob.executeJob(ExtractInvestigationPcapJob.java:64)
at com.rsa.netwitness.carlos.scheduling.jobs.AbstractJob.execute(AbstractJob.java:61)
at org.quartz.core.JobRunShell.run(JobRunShell.java:213)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:557)
Caused by: java.io.IOException: com.rsa.netwitness.carlos.clients.nextgen.NextGenException: org.apache.http.conn.HttpHostConnectException: Connection to http://x.x.x.x:50103 refused
at com.rsa.netwitness.carlos.transport.nextgen.adapter.NextGenContentAdapter.handle(NextGenContentAdapter.java:363)
at com.rsa.netwitness.carlos.transport.nextgen.adapter.NextGenContentAdapter.handle(NextGenContentAdapter.java:282)
at com.rsa.netwitness.carlos.transport.nextgen.adapter.NextGenContentAdapter.handleRequestStream(NextGenContentAdapter.java:130)
at com.rsa.netwitness.carlos.transport.nextgen.NextGenContentMessageChannel.requestStream(NextGenContentMessageChannel.java:42)
at com.rsa.netwitness.carlos.transport.nextgen.NextGenContentMessageChannel.requestStream(NextGenContentMessageChannel.java:27)
at com.rsa.netwitness.carlos.transport.spi.AbstractMessageChannel.requestStream(AbstractMessageChannel.java:149)
at com.netwitness.platform.server.investigation.common.export.jobs.AbstractExtractionJob.getContentInputStream(AbstractExtractionJob.java:97)
at com.netwitness.platform.server.investigation.common.export.jobs.AbstractExtractionJob.getPCAPContentInputStream(AbstractExtractionJob.java:84)
at com.netwitness.platform.server.investigation.common.export.jobs.ExtractInvestigationPcapJob.executeJob(ExtractInvestigationPcapJob.java:60)
... 3 more
Caused by: com.rsa.netwitness.carlos.clients.nextgen.NextGenException: org.apache.http.conn.HttpHostConnectException: Connection to http://x.x.x.x:50103 refused
at com.rsa.netwitness.carlos.clients.nextgen.impl.NextGenClientImpl.downloadContent(NextGenClientImpl.java:1918)
at com.rsa.netwitness.carlos.transport.nextgen.adapter.NextGenContentAdapter.handle(NextGenContentAdapter.java:358)
... 11 more
Caused by: org.apache.http.conn.HttpHostConnectException: Connection to http://x.x.x.x:50103 refused
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:190)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
at org.apache.http.impl.client.DefaultRequestDirector.tryExecute(DefaultRequestDirector.java:701)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:517)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
at com.rsa.netwitness.carlos.clients.nextgen.impl.NextGenClientImpl.downloadContent(NextGenClientImpl.java:1901)
... 12 more
Caused by: java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:391)
at java.net.Socket.connect(Socket.java:579)
at org.apache.http.conn.scheme.PlainSocketFactory.connectSocket(PlainSocketFactory.java:127)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
... 18 more
i think its time to start exploring options to day zero the broker, and just reload everything back on to it. it is a total PIA where i cant extract pcap's but yet it will do file extraction(not that i need to rely on it for something so easy) i just want my packets. purging the indexes on the broker had no affect on the problem, etc.
