Article Number
000030698
Applies To
RSA Product Set: Security Analytics
RSA Product/Service Type: Security Analytics UI, IPDB Extractor, Reporting Engine, Security Analytics Server
RSA Version/Condition: 10.4.0.x, 10.4.1.0, 10.4.1.1, 10.5.0.0
Platform: CentOS
O/S Version: EL6
Issue
When attempting to create a IPDB Reporting Engine rule in the Security Analytics UI, the available meta will appear to be blank.
The Meta pick list section displays the following error:
Schema fetched from data source was null for data source=Image descriptionThe /home/rsasoc/rsa/soc/reporting-engine/logs/reporting-engine.log file on the Security Analytics server reports the following error:
2015-06-22 13:20:46,912 [GetSchemaRequest_5] ERROR com.rsa.soc.re.ce.command.GetSchemaCommand - Error processing command
com.rsa.soc.re.exception.ReportingException: Schema fetched from data source was null for data source=
at com.rsa.soc.re.ce.command.GetSchemaCommand.execute(GetSchemaCommand.java:81)
at com.rsa.soc.re.ce.server.ReportEngineController.process(ReportEngineController.java:54)
at com.rsa.soc.re.ce.server.ReportingEngineService.onRequest(ReportingEngineService.java:65)
at com.rsa.soc.re.ce.server.ReportingEngineService.onRequest(ReportingEngineService.java:26)
at com.rsa.netwitness.carlos.transport.spi.AbstractMessageChannel$5.run(AbstractMessageChannel.java:633)
at com.rsa.netwitness.carlos.common.SharedThreadPoolExecutor$TagExclusiveRunnable.run(SharedThreadPoolExecutor.java:100)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
The reporting-engine.log file will also report the warning message below.
2015-06-03 06:58:16,038 [NioProcessor-324] WARN org.apache.mina.filter.logging.LoggingFilter - EXCEPTION :
javax.net.ssl.SSLHandshakeException: SSL handshake failed.
This issue also affects the execution of reports that utilize IPDB rule types.
Cause
This issue occurs because of a certificate validation failure during the SSL handshakes with the IPDB Extractor service.
Resolution
This is a known issue and has been permanently resolved in Security Analytics versions 10.4.1.2 and 10.5.0.1.