Resolution | Cause: The uuid of the concentrator is changed, but new uuid is not updated properly.
To fix this issue,
- Get the investigate-service-id:
a) Go to ADMIN > Concentrator service. b) Click gear button > View > Explore tab. c) Expand the sys/stats node list. d) In the UUID filed, copy the value. - Update the investigate-service-de:
a) Go to ADMIN > Endpoint Server service. b) Click gear button > View > Explore tab. c) In the endpoint/investigate field, specify the investigate-service-id. - Restart the ESA server.
- Restart respond-server service on the admin node.
systemctl stop rsa-nw-respond-server.service systemctl start rsa-nw-respond-server.service systemctl status rsa-nw-respond-server.service - 5. Select hosts at Investigate-Host page, then perform 'Reset risk score'
|