000016507 - Permanent licenses expire in RSA Security Analytics after upgrading from RSA NetWitness NextGen 9.8

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000016507
Applies ToRSA Security Analytics
RSA Security Analytics Server
RSA NetWitness NextGen
Flexera FNE Server
IssuePermanent licenses expire in RSA Security Analytics after upgrading from RSA NetWitness NextGen 9.8.
After upgrading from RSA NetWitness NextGen 9.8 to RSA Security Analytics, applying trial licenses, and then applying permanent licenses results in the devices still keeping the expiration date of the trial license.
The /var/log/messages file displays recurring errors similar to the following:  [Flexera] [warning] Your license for smcBroker will expire on 2014-Jul-12 23:59:59

The RSA NetWitness Administrator thick client displays an expiration date that does not change for an appliace with a Security Analytics appliance with a permanent license.



The same information is also found when issuing the following command on the appliance:  NwConsole -c login localhost:<service_port> <username> <password> -c /sys/license licInfo


 

Attempting to license a device that has become unilcensed results in the error message "<device_name> failed to be licensed" in the Security Analytics UI.  Clicking on the View log hyperlink displays an error message similar to the following:



ERROR     <device_name> has already been licensed.



 

Attempting to proactively deactivate a license in order to re-activate it results in the error message "<device_name> failed to be licensed" in the Security Analytics UI.  Clicking on the View log hyperlink displays an error message similar to the following:



ERROR     <device_name> has no reservation tobe unlicensed.



 

The appliances do not appear to have been reserved properly, as shown in the Security Analytics UI by navigating to Administration -> System -> Licensing -> Allocations, as well as when issuing the command below on the Security Analytics server appliance.



curl -sS http://localhost:3333/fne/xml/reservations| xmllint --format -&> /root/fneserver_reservations.out



The entitlements for the device(s) appear to be available in the Security Analytics UI when navigating to Administration -> System -> Licensing -> Entitlements.
CauseThis issue can be caused when upgrading from RSA NetWitness NextGen to RSA Security Analytics because of the dramatic changes with respect to licensing.
Resolution

While it is normal to see an expiration date on a device with a permanent license in the NwConsole utility or via the RSA NetWitness Administrator client, each week the licensing server should push back the date seven days so that it never approaches.


However, upgrading from RSA NetWitness NextGen to RSA Security Analytics may not allow the licensing server to perform this action effectively.


In order to avoid this issue, the RSA Security Analytics development team recommends that full license resets be performed after upgrading a device from a very low software version, especially if that version is RSA NetWitness NextGen 9.8 or below.


 


If a device has become unlicensed due to this issue, follow the steps below to re-license the device:


  1. In the Security Analytics UI, navigate to Administration -> System -> Licensing -> Entitlements and ensure that there is an available entitlement for the device.

    1. If there is not available license, follow the instructions in the knowledgebase article How to apply licenses to an RSA Security Analytics server to properly obtain the entitlements for the Security Analytics environment.
  2. Navigate to Administration -> Devices.
  3. Select the appropriate device and click on Licenses -> Activate.
  4. If the license does not get licensed successfully, click on Licenses -> Reset and then click on Licenses -> Activate, which should apply the license successfully.

 


If you wish to proactively reset the license on a device, follow the steps below.


  1. In the Security Analytics UI, navigate to Administration -> Devices.
  2. Select the appropriate device and click on Licenses -> Reset and then click on Licenses -> Activate.
  3. If these steps do not successfully reset and re-activate the license on the device, follow the additional steps in the knowledgebase article Broker appliance becomes unlicensed without warning in RSA Security Analytics 10.3.

 


If you are unsure of any of the steps above or experience any issues, contact RSA Support and quote this article ID for further assistance.

Legacy Article IDa67393

Attachments

    Outcomes