000030373 - URLs provided by email not linking correctly to Investigations in RSA NetWitness

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support on Aug 22, 2019
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000030373
Applies ToRSA Producst: Security Analytics, Netwitness Logs & Network
RSA Versions: 10.6.x, 11.x
OS Versions: 6,7
IssueCustomer receives emails from the Security Analytics Reporting Engine that contains invalid URLs within reports and alerts. These URLs point to locations that do not exist within Security Analytics and no page is visible.
CauseThis issue is caused when there is no host name, or an incorrect host name is entered in the Reporting Engine configuration.
ResolutionTo fix this issue perform the following steps.
  1. Log into the Security Analytics UI
  2. Go to Administration -> (Devices/Services)
  3. Select the Reporting Engine and then select Config (View/Actions --> View)
  4. Under the General tab look for SA Configuration
  5. SA Configuration will have one entry for Host Name. Please, the fully qualified host name or ip address of the Security Analytics server. If using the fully qualified host name, make sure that the name is in DNS, otherwise, use the ip address.
  6. Re-trigger the item that sent the email and test the link.

For 11.x version consult below links for directions on adding the host name to Reporting Server configuration.


(can be accessed via the context help menu)

Or Reporting Engine Guide Configuration for RSA NetWitness Platform 11.x 
(link to 11.3 version)

Output Actions Tab Page 54-57

NotesThe most common causes of this issue:
  1. A host name was never entered.
  2. An incorrect host name was used.