Article Number
000039977
Applies To
RSA Product Set: RSA NetWitness Logs & Network
RSA Product/Service Type: Core Appliance
RSA Version/Condition: 11.5.1.0
Platform: CentOS
O/S Version: 7
Issue
Microsoft AzureNSG event source configuration configured using
Microsoft Azure NSG & NetWitness Integration.
But the test connection fails with the below error in UI.
failed to connect to device/service: This request is not authorized to perform this operation. ErrorCode: AuthorizationFailure
<?xml version="1.0" encoding="utf-8"?><Error><Code>AuthorizationFailure</Code><Message>This request is not authorized to perform this operation.
RequestId:f6853f8c-f45e-0009-45cc-e5670c000000
Time:2021-11-30T09:30:32.3285803Z</Message></Error>
Cause
This issue is due to Azure storage account access being restricted to the Selected Networks option.
Resolution
Please work with the Azure team to allow
All networks to access storage account using the below settings.
Image descriptionIf
Selected Networks to be chosen, then the Netwitness Log collector is running on Azure and is in the same subnet then it may work. But, If it is on-prem then the collector ip which is an internal ip, then the ip that is seen by azure would be the ip of the gateway for selected networks. The customer network team will be able to give the details to choose selected networks.