000029290 - RSA Security Analytics reporting error "Invalid username or password" thrown when running reports after changing a device password

Document created by RSA Customer Support Employee on Jun 15, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000029290
Applies ToRSA Product Set: Security Analytics
RSA Product/Service Type: Reporting Engine, Concentrator, Broker
RSA Version/Condition: 10.4
Platform: CentOS
O/S Version: EL6
IssueAfter changing the admin password on any Security Analytics appliance used as a data source for the Reporting Engine (broker or concentrator), reports fail to complete and instead throw an error similar to the example below.
Error occurred while fetching data from source 'mybroker[]'. Error details : received error: Invalid username or password.
CauseThe Reporting Engine validates the reporting source by requiring a username and password. This is by design and for security purposes.
This username/password combination is referenced every time a report is run against a specific reporting source. If the password for the device has changed, the reporting source must be removed and re-added, as there is no way to edit the reporting device source after it has been added.
ResolutionTo remove and re-add the data sources in the Reporting Engine, follow the steps below.
  1. In the Security Analytics UI, navigate to Administration -> Services.
  2. Click on the Action icon for the Reporting Engine and select View -> Config.
  3. Click on the Sources tab.
  4. Select the device that is reporting the error and click on the minus (-) sign to remove it.
  5. Click on the add (+) sign and select the device that was just removed.
  6. When prompted, enter the new username and password combination for the device.
If you are unsure of any of the steps above or experience any issues, contact RSA Support and quote this article number for further assistance.