The RabbitMQ Message Broker is configured to only listen on the loopback address (127.0.0.1), even though the RabbitMQ Management Plugin is installed in the broker. For debugging purposes, it may be useful to view the Message Broker state through the RabbitMQ Management Plugin and your browser.
If SSH is enabled on your Log Collector node, you can tunnel the RabbitMQ management port (15671) through SSH, and connect to the RabbitMQ Management console through a Web browser.
Note: As of version 10.3, the RabbitMQ Message Broker listens only on port 5671 (AMQPS) and 15671 (HTTPS). The unprotected ports 5672 (AMQP) and 15672 (HTTP) are no longer available.
From your client machine, run a SSH tunnel which maps traffic from localhost:15671 on your Log Collector appliance to a port of your choice on your local machine (e.g., 12345). E.g., if your Log Collector appliance is at 10.1.2.3, then you would run the equivalent of:
prompt% ssh -L12345:localhost:15671 firstname.lastname@example.org
You may now connect to the RabbitMQ console via https://localhost:12345
Open the Putty GUI and navigate to Connection -> SSH -> Tunnels
Enter the local source port of your choosing (e.g., 12345) in the Source Port window and 127.0.0.1:15671 in the Destination window.
Immediately navigate to Sessions and open a SSH connection to your LogCollector as normal. This will also open the tunnel.
You may now connect to the RabbitMQ console via http://localhost:12345 As of 10.3, connect to the RabbitMQ console via https://localhost:12345
RabbitMQ web interface login credentials:
If you are unsure of any of the steps above or experience any issues, contact RSA Support and quote this article ID for further assistance.