Article Content
Article Number | 000029068 |
Applies To | RSA Product Set: Security Analytics RSA Product/Service Type: Reporting Engine RSA Version/Condition: 10.4.0.0, 10.4.0.1 |
Issue | When adding data sources to the Reporting Engine, the devices appear to be added successfully even when invalid credentials are used. However, when attempting to run or test a rule that utilizes the data source, error messages similar to these below are displayed in the Security Analytics UI: Note also the following: 1. the "Test Rule" dialog box in the Security Analytics UI will also display a message similar to the following: Schema fetched from data source was null for data source=SA - Broker 2. The /home/rsasoc/rsa/soc/reporting-engine/logs/reporting-engine.log file on the Security Analytics server will report an error similar to the example below" 2014-11-14 19:23:33,013 [Reporting Status Polling 1389004080] ERROR com.rsa.smc.sa.reporter.jobs.ReporterChartPollingTask - Action is not authorized on resource |
Cause | This issue occurs due to a known issue in versions 10.4.0.0 and 10.4.0.1 wherein the credentials for Reporting Engine data sources are not validated when they are entered. |
Resolution | This issue has been resolved in RSA Security Analytics 10.4.0.2. To obtain this patch, please visit https://knowledge.rsasecurity.com. |