Article Content
Article Number | 000030830 |
Applies To | RSA Product Set: Security Analytics RSA Product/Service Type: Event Stream Analysis (ESA) RSA Version/Condition: 10.5.0.1, 10.5.0.2 Platform: CentOS O/S Version: EL6 |
Issue | When an advanced rule is added to a cross-site deployment before its forwarding rule is specified, the forwarding rule is not deployed. This will always be the case the first time a particular advanced rule is added to a cross-site deployment because the forwarding rule can only be entered after the rule is added to the deployment. |
Resolution | This issue will be permanently resolved in Security Analytics versions 10.5.1 and 10.6. |
Workaround | Before pressing the deploy button, and after adding the forwarding rule, remove and then re-add the advanced rule from the deployment. When the rule is added to the deployment the second time, it has a forwarding rule, and it too is added to the deployment group. |