Article Number | 000033061 |
Applies To | RSA Product Set: RSA NetWitness Logs & Network RSA Product/Service Type: NetWitness Server RSA Version/Condition: 10.4.x, 10.5.x, 10.6.x, 11.0.x, 11.1.x, 11.2.x Platform: CentOS O/S Version: EL6, EL7 |
Issue | On the Security Analytics server, the /var/lib/netwitness/uax/logs/sa.log file is not logging new entries. |
Workaround | There are two possible workarounds to resolve the issue.
Restart the jettysrv service.
- Connect to the Security Analytics server via SSH as the root user.
- Issue the two commands below.
CAUTION: The Security Analytics UI will be temporarily unavailable as the service restarts. For versions 10.x stop jettysrv start jettysrv
For versions 11.x systemctl stop jettysrv systemctl start jettysrv
Change the system logging settings.
- In the Security Analytics UI, navigate to Administration -> System -> System Logging -> Settings.
- Change Max # Backup Files from 9 to 10.

If the issue persists after performing the workarounds, contact RSA Support and quote this article number for further assistance. |