Article Number | 000030588 |
Applies To | RSA Product Set: Security Analytics RSA Product/Service Type: Security Analytics UI, Event Source Monitoring RSA Version/Condition: 10.5.0.0 Platform: CentOS O/S Version: EL6 |
Issue | On the Administration -> Event Source -> Monitoring page in the Security Analytics UI, if any policy has rule or threshold added to it once then it is not possible to delete that rule. Attempting to delete the rule displays the following error: The threshold values cannot be unset, If you want to disable the policy, please uncheck the Enable checkbox.
 |
Resolution | This issue has been resolved in Security Analytics 10.5.0.1. |
Workaround | As a workaround for the issue, disable the policy or set both the low and high thresholds to 0 events in 5 minutes (5 minutes is the minimum duration for thresholds). |