Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000033061 - The /var/lib/netwitness/uax/logs/sa.log file is not logging on the RSA Security Analytics server

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support on Jul 8, 2019

Version 4Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000033061
Applies To	RSA Product Set: RSA NetWitness Logs & Network RSA Product/Service Type: NetWitness Server RSA Version/Condition: 10.4.x, 10.5.x, 10.6.x, 11.0.x, 11.1.x, 11.2.x Platform: CentOS O/S Version: EL6, EL7
Issue	On the Security Analytics server, the /var/lib/netwitness/uax/logs/sa.log file is not logging new entries.
Workaround	There are two possible workarounds to resolve the issue. Restart the jettysrv service. Connect to the Security Analytics server via SSH as the root user. Issue the two commands below. CAUTION: The Security Analytics UI will be temporarily unavailable as the service restarts. For versions 10.x stop jettysrv start jettysrv For versions 11.x systemctl stop jettysrv systemctl start jettysrv Change the system logging settings. In the Security Analytics UI, navigate to Administration -> System -> System Logging -> Settings. Change Max # Backup Files from 9 to 10. If the issue persists after performing the workarounds, contact RSA Support and quote this article number for further assistance.

Attachments

Outcomes

0 Comments

Recommended Content