Article Content
Article Number | 000029123 |
Applies To | RSA Product Set: RSA Security Analytics RSA Product/Service Type: Reporting Engine RSA Version/Condition: 10.3.x,10.4.x,10.5.x,10.6.x, 11.x Platform: Platform (Other): CentOS |
Issue | Unable to run reports and the device log displays timeout error messages. Looking at /var/log/messages shows:
|
Cause | The query timeout value set for the user is too low to run large reports. |
Resolution | You may need to update the Query Level settings for the user who is running the report to 1 or 2. Follow the steps below, depending on the version:10.3.x
10.4.x
10.5.x and 10.6.x
11.x Query and Session AttributesPlease refer to the below documentation links to set the Role or User Attributes: Sec/User Mgmt: Verify Query and Session Attributes per Role --- https://community.rsa.com/docs/DOC-96533 Sec/User Mgmt: Set Up Users --- https://community.rsa.com/docs/DOC-96509 NOTE: If a user is a member of multiple roles or have its specifices set, the following logic applies for the user:
|
Notes | The query timeout for a user is controlled by the Query Level settings. The Query Level setting assigns the query level that the user will have for every query they perform. These influence whether their queries are limited by the query.level.1.minutes, query.level.2.minutes or query.level.3.minutes. The default values for the following query levels are: 1 = 60 minutes (query.level.1.minutes) 2 = 40 minutes (query.level.2.minutes) 3 = 20 minutes (query.level.3.minutes) The above default 60/40/20 minutes can be changed from the Device Explore page under SDK > Config tree. |