|Applies To||RSA Product Set: NetWitness Endpoint(ECAT)|
RSA Product/Service Type: NetWitness Endpoint(ECAT)
RSA Version/Condition: 4.4.x
|Issue||SQL Update statement can corrupt cache in the UI due to change in the Admin Status field for machine view.|
This can be caused by changing the Admin Status field in the Machines Panel of the UI. For example, if the Admin Status is changed from one of the values in the drop-down box (as shown below). If the Empty box is checked, and status is updated, this will result in Null value in the database.
|Cause||The cause is a faulty update statement that attempts to update a row that does not exist in the SQL database. This corrupts the cache in the UI and causes the list of machines to become zeroed out, leaving the UI showing incorrect data.|
The UPDATE statement conflicted with the FOREIGN KEY constraint "Constraint_FK_AdminStatus_MachineAdminInfo". The conflict occurred in database "ECAT$PRIMARY", table "dbo.AdminStatus", column 'PK_AdminStatus'.
The statement has been terminated.
There is no other method to resolve this issue once encountered than the one in the workaround section. Currently upgrading to 22.214.171.124 should resolve this issue from happening again, but is not confirmed yet. If the issue is seen again, a support case should be opened to resolve.
Repairing the UI:
To repair the UI, the UI cache must be purged so the cache can be regenerated. In order to do this, follow the below steps:
Do not change the admin status of machines to the blank entry as seen in the above screenshot in the Issue section. Doing so will cause the issue listed above. Instead, choose any option that has a name in the Description field instead of a blank. This will avoid the issue and not trigger any further issues in the UI cache.