This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

NetWitness Community

  • Home
  • Products
    • NetWitness Platform
      • Advisories
      • Documentation
        • Platform Documentation
        • Known Issues
        • Security Fixes
        • Hardware Documentation
        • Threat Content
        • Unified Data Model
        • Videos
      • Downloads
      • Integrations
      • Knowledge Base
    • NetWitness Cloud SIEM
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Detect AI
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Investigator
    • NetWitness Orchestrator
      • Advisories
      • Documentation
      • Knowledge Base
      • Legacy NetWitness Orchestrator
        • Advisories
        • Documentation
  • Community
    • Blog
    • Discussions
    • Events
    • Idea Exchange
  • Support
    • Case Portal
      • Create New Case
      • View My Cases
      • View My Team's Cases
    • Community Support
      • Getting Started
      • News & Announcements
      • Community Support Forum
      • Community Support Articles
    • Product Life Cycle
    • Support Information
    • General Security Advisories
  • Training
    • Blog
    • Certification Program
    • Course Catalog
    • New Product Readiness
    • On-Demand Subscriptions
    • Student Resources
    • Upcoming Events
  • Technology Partners
  • Trust Center
Sign InRegister Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Knowledge Base Archive
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcement Banner

Users are unable to open Netwitness Support Cases via email. Please open support cases via portal or by phone

View Details
  • NetWitness Community
  • NetWitness Knowledge Base Archive
  • NetWitness Log Collector Microsoft AzureNSG event source test connection failing with AuthorizationF...
  • Options
    • Subscribe to RSS Feed
    • Bookmark
    • Subscribe
    • Email to a Friend
    • Printer Friendly Page
    • Report Inappropriate Content

NetWitness Log Collector Microsoft AzureNSG event source test connection failing with AuthorizationFailure error

Article Number

000039977

Applies To

RSA Product Set: RSA NetWitness Logs & Network
RSA Product/Service Type: Core Appliance
RSA Version/Condition: 11.5.1.0
Platform: CentOS
O/S Version: 7

Issue

Microsoft AzureNSG event source configuration configured using Microsoft Azure NSG & NetWitness Integration.
But the test connection fails with the below error in UI.
 
failed to connect to device/service: This request is not authorized to perform this operation. ErrorCode: AuthorizationFailure
<?xml version="1.0" encoding="utf-8"?><Error><Code>AuthorizationFailure</Code><Message>This request is not authorized to perform this operation.
RequestId:f6853f8c-f45e-0009-45cc-e5670c000000
Time:2021-11-30T09:30:32.3285803Z</Message></Error>

Cause

This issue is due to  Azure storage account access being restricted to the Selected Networks option.

Resolution

Please work with the Azure team to allow All networks to access storage account using the below settings.

Image descriptionImage description

If Selected Networks to be chosen, then the Netwitness Log collector is running on Azure and is in the same subnet then it may work. But, If it is on-prem then the collector ip which is an internal ip, then the ip that is seen by azure would be the ip of the gateway for selected networks.  The customer network team will be able to give the details to choose selected networks.
Tags (40)
  • 11.x
  • 3rd Party
  • 3rd-Party
  • Appliance
  • Break Fix
  • Break Fix Issue
  • Broken
  • Core Appliance
  • Customer Support Article
  • Integration
  • Integration Error
  • Integration Failed
  • Integration Failure
  • Integration Issue
  • Integration Problem
  • Issue
  • Issues
  • KB Article
  • Knowledge Article
  • Knowledge Base
  • Log Collection
  • Log Collector
  • NetWitness
  • NetWitness Appliance
  • NetWitness Platform
  • NW
  • NW Appliance
  • NwLogCollector
  • Problem
  • RSA NetWitness
  • RSA NetWitness Platform
  • RSA Security Analytics
  • Security Analytics
  • SIEM
  • Third Party
  • Third-Party
  • Third-Party Integration
  • Unable To Integrate
  • Version 11
  • Version 11.x
0 Likes
Was this article helpful? Yes No
Share
No ratings

In this article

Version history
Last update:
‎2021-12-03 11:32 AM
Updated by:
Administrator RSA-KB-Sync Administrator

Related Content

Powered by Khoros
  • Blog
  • Events
  • Discussions
  • Idea Exchange
  • Knowledge Base
  • Case Portal
  • Community Support
  • Product Life Cycle
  • Support Information
  • About the Community
  • Terms & Conditions
  • Privacy Statement
  • Acceptable Use Policy
  • Employee Login
© 2022 RSA Security LLC or its affiliates. All rights reserved.