Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000038532 - How to fix RSA NetWitness Endpoint alerts could not display middle pane in hosts-details page

Document created by RSA Customer Support

on Mar 24, 2020

Version 1Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000038532
Applies To	RSA Product Set: RSA NetWitness Platform RSA Product/Service Type: User Interface RSA Version/Condition: 11.3.2.0
Issue	RSA NetWitness Endpoint alerts could not display middle pane in the INVESTIGATE-Hosts-Details page after removing the Endpoint hybrid from Admin node, then re-image and add the endpoint hybrid.
Resolution	Cause: The uuid of the concentrator is changed, but new uuid is not updated properly. To fix this issue, Get the investigate-service-id: a) Go to ADMIN > Concentrator service. b) Click gear button > View > Explore tab. c) Expand the sys/stats node list. d) In the UUID filed, copy the value. Update the investigate-service-de: a) Go to ADMIN > Endpoint Server service. b) Click gear button > View > Explore tab. c) In the endpoint/investigate field, specify the investigate-service-id. Restart the ESA server. Restart respond-server service on the admin node. systemctl stop rsa-nw-respond-server.service systemctl start rsa-nw-respond-server.service systemctl status rsa-nw-respond-server.service 5. Select hosts at Investigate-Host page, then perform 'Reset risk score'

Attachments

Outcomes

0 Comments

Recommended Content