|Applies To||RSA Security Analytics|
|Issue||How to disable IPv6 at the kernel level on RSA Security Analytics appliances.|
RSA Security Analytics parses the Concentrator logs and sometimes the client.ip is displayed with preceeding "::fff:" which makes it not possible to parse the IPv4 IP. User tries to disable IPv6 under the interfaces but no differences are apparant. The log looks like the following:
User admin (session 632, [::ffff:192.168.123.249]:56617) has requested the SDK language: id1=0 id2=0 time1=0 time2=0 options flags=1 size=10000
To disable IPv6, add the lines below in the /etc/sysctl.conf file, and then reboot the appliance.
If you are unsure of any of the steps above or experience any issues, contact RSA Support and quote this article ID for further assistance.
|Legacy Article ID||a67152|