Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000030830 - Event Stream Analysis forwarding rule is not deployed (cross-site correlation rules only) in RSA Security Analytics 10.5.0.1 and 10.5.0.2

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000030830
Applies To	RSA Product Set: Security Analytics RSA Product/Service Type: Event Stream Analysis (ESA) RSA Version/Condition: 10.5.0.1, 10.5.0.2 Platform: CentOS O/S Version: EL6
Issue	When an advanced rule is added to a cross-site deployment before its forwarding rule is specified, the forwarding rule is not deployed. This will always be the case the first time a particular advanced rule is added to a cross-site deployment because the forwarding rule can only be entered after the rule is added to the deployment.
Resolution	This issue will be permanently resolved in Security Analytics versions 10.5.1 and 10.6.
Workaround	Before pressing the deploy button, and after adding the forwarding rule, remove and then re-add the advanced rule from the deployment. When the rule is added to the deployment the second time, it has a forwarding rule, and it too is added to the deployment group.

Attachments

Outcomes

0 Comments

Recommended Content