Article Number | 000030520 |
Applies To | RSA Product Set: Security Analytics RSA Product/Service Type: Log Collector, Security Analytics UI RSA Version/Condition: 10.5.x, 10.6.0.0 Platform: CentOS Platform (Other): Amazon Web Services (AWS) CloudTrail O/S Version: EL6 |
Issue | When the transform file is not present for an Amazon Web Service (AWS) CloudTrail collection in the required directory (/etc/netwitness/ng/logcollection/content/transform/cmdscript) on the Log Collector, the Security Analytics UI displays the following error message:
Error: could not find supported file type in file /etc/netwitness/ng/logcollection/content/collection/cmdscript/cloudtrail_transform.xml
|
Resolution | This issue is currently being investigated by the Engineering team in order to resolve it in a future release. |
Workaround | To resolve the issue, verify that the /etc/netwitness/ng/logcollection/content/transform/cmdscript/cloudtrail_transform.xml is indeed missing. If it is, deploy the Log Collector content for the AWS collection from the Live -> Search page in the Security Analytics UI, as shown below.
 If the file is present but the error is logging, then it can be safely ignored. |