This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Knowledge Base Archive
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

New ESA rule deployment may cause disabled rules to become enabled in RSA Security Analytics 10.5.0.1 and 10.5.0.2

Article Number

000030821

Applies To

RSA Product Set: Security Analytics
RSA Product/Service Type: Event Stream Analysis (ESA), Security Analytics UI
RSA Version/Condition: 10.5.0.1, 10.5.0.2
Platform: CentOS
O/S Version: EL6

Issue

When a new ESA rule is deployed, it may be observed that disabled rules are also inadvertently deployed. 
 

Resolution

This issue is permanently resolved in Security Analytics 10.5.1.0.

Workaround

Review all ESA rules directly after the deployment of new rules.  
If any disabled rules are found enabled that should not be, disable them again.
Alternately, review ESA rules and delete any disabled rules if they are no longer required.
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-13 07:53 AM
Updated by:
Administrator Administrator

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.