NetWitness Community

Yes

Article Number

000001190

Applies To

RSA Product Set: RSA NetWitness Platform
RSA Product/Service Type: Core Appliance
RSA Version/Condition: 11.5.2.0
Platform: CentOS
O/S Version: 7

Issue

Customer upgraded the entire Newitenss system including Malware 11.2.0.1 to 11.5.2 on 3/13.
Since then, no information logged in spectrum.log of Malware as shown below.

Cause

A lucene index write lock could be the reason because Malware cleans up old lucene indexes in the post-install script as part of the upgrade process.

Resolution

To resolve the issue, you need to follow the below steps.

Stop Malware Service

# systemctl stop rsa-nw-malware-analytics-server.service

Backup existing Malware log

# mkdir /var/netwitness/malware-analytics-server/spectrum/logs_old
# mv /var/netwitness/malware-analytics-server/spectrum/logs/* /var/netwitness/malware-analytics-server/spectrum/logs_old/

Start Malware Service

# systemctl start rsa-nw-malware-analytics-server.service

Then, you are able to see that sepctrum.log of Malware starts logging.

NetWitness Community

No information logged in spectrum.log of Malware after upgrade from NetWitness Platform 11.2.0.1 to 11.5.2

Article Number

Applies To

Issue

Cause

Resolution

In this article

NetWitness Community

No information logged in spectrum.log of Malware after upgrade from NetWitness Platform 11.2.0.1 to 11.5.2

Article Number

Applies To

Issue

Cause

Resolution

In this article

Related Content