|Applies To||RSA Product Set: Security Analytics|
RSA Product/Service Type: Log Collector
RSA Version/Condition: 10.4.x
O/S Version: EL6
When upgrading a Log Collector a newer OS kernel may be installed. This is likely to invalidate the lockbox of the Log Collector instances so the collection may be failing.
Errors in the /var/log/messages:
Feb 2 04:23:48 NCORP-VLC-01 nw: [EncryptionWrapper] [info] key was not found: failed to open lockbox: The lockbox stable value threshold was not met because the system fingerprint has changed. To reset the system fingerprint, open the lockbox using the passphrase.
|Cause||The system fingerprint change results in the invalidation of the log collector's lockbox.|
|Resolution||To resolve the issue please re-enter the lockbox password for "Reset Stable System Value".|
For more details, please see the page entitled Reset the Stable System Value in the RSA Security Analytics User Guide.