Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000032966 - ESA deployment shows "unknown error" and deleted rule still triggers alerts in RSA Security Analytics

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 3Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000032966
Applies To	RSA Product Set: Security Analytics RSA Product/Service Type: SA Security Analytics Server, Event Stream Analysis. RSA Version/Condition: 10.5.1.0
Issue	If an ESA rule is deleted, that rule still stays in the Alerts->Configure->Services page as enabled which leads to the below 'Unknown error' while deploying changes to ESA service.
Cause	This is due to additional unused ESA deployment services under ESA Deployments tab.
Resolution	Please follow below steps to resolve this issue. Login to SA GUI as admin. Navigate to Alerts->Configure->Deployments. Delete additional ESA Deployments which are unused. Verify "Deploy Now" will not show any error when changes deployed.

Attachments

Outcomes

0 Comments

Recommended Content