Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000032868 - RSA Security Analytics - Exporting logs from investigation - 'Error retrieving logs from service: User does not have a required permission'

Document created by RSA Customer Support

on Jun 30, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000032868
Applies To	RSA Product Set: RSA Security Analytics RSA Product/Service Type: Concentrator RSA Version/Condition: 10.6 Platform: CentOS O/S Version: EL6
Issue	While exporting logs from SA UI investigation, below error is displayed in job status: Error retrieving logs from service: User does not have a required permission
Cause	This error is caused if the user doesn't have sufficient permissions i.e. sdk.meta : Allows the user to run queries in the Investigation and Reporting applications and to view the metadata returned by the query. sdk.content : Allows the user to access raw packets and logs from any client application (Investigations and Reporting). sdk.packets : Allows users to access raw packets and logs from any client application.
Resolution	To resolve this issue, follow the below instructions: Go to Administration -> Services -> Concentrator -> Security View Go to the particular role of that user. Grant below permissions to that role: sdk.content sdk.meta sdk.packets Restart nwconcentrator service. Same steps need to be followed on the decoder: Go to Administration -> Services -> Decoder -> Security View Go to the particular role of that user Grant below permissions to that role sdk.content sdk.meta sdk.packets Restart nwdecoder service.

Attachments

Outcomes

0 Comments

Recommended Content

Incoming Links

Re: Unable to Export Logs From Investigate View