This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Knowledge Base Archive
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Reporting Engine data sources can be added with invalid credentials in RSA Security Analytics 10.4

Article Number

000029068

Applies To

RSA Product Set: Security Analytics
RSA Product/Service Type: Reporting Engine
RSA Version/Condition: 10.4.0.0, 10.4.0.1

Issue

When adding data sources to the Reporting Engine, the devices appear to be added successfully even when invalid credentials are used.

However, when attempting to run or test a rule that utilizes the data source, error messages similar to these below are displayed in the Security Analytics UI:
Image descriptionImage description

Note also the following:

1.  the "Test Rule"  dialog box in the Security Analytics UI will also display a message similar to the following:  Schema fetched from data source was null for data source=SA - Broker

2. The /home/rsasoc/rsa/soc/reporting-engine/logs/reporting-engine.log file on the Security Analytics server will report an error similar to the example below" 
2014-11-14 19:23:33,013 [Reporting Status Polling 1389004080] ERROR com.rsa.smc.sa.reporter.jobs.ReporterChartPollingTask - Action is not authorized on resource
com.rsa.smc.sa.reporter.exception.ReporterSecurityException: Action is not authorized on resource

Cause

This issue occurs due to a known issue in versions 10.4.0.0 and 10.4.0.1 wherein the credentials for Reporting Engine data sources are not validated when they are entered.

Resolution

This issue has been resolved in RSA Security Analytics 10.4.0.2.  To obtain this patch, please visit https://knowledge.rsasecurity.com.
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-13 08:25 AM
Updated by:
Administrator Administrator

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.