Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000033894 - An error occurred publishing to an AMQP channel: NO_ROUTE on Local Log Collector in RSA NetWitness

Document created by RSA Customer Support

on Aug 29, 2016•Last modified by RSA Customer Support on May 3, 2019

Version 4Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000033894
Applies To	RSA Product Set: NetWitness Logs & Network RSA Product/Service Type: SA Security Analytics Server/ Log Collector RSA Version/Condition: 10.4.x,10.5.x,10.6.x, 11.x Platform: CentOS O/S Version: EL6, EL7
Issue	The Security Analytics Local Log Collector is failing to send events to the Log Decoder Received below errors in /var/log/message An error occurred publishing to an AMQP channel: NO_ROUTE, exchange: windows, routing key: windows Aug 29 09:41:53 LDecoder collectd[2642]: NgNativeReader_NwLogCollector-NormalUpdate: /event-processors/logdecoder/stats/eventsources/total_failed_executions: path not longer exists in service
Cause	This issue is caused if there is no destination decoder set in Event Destinations.
Resolution	To resolve the issue, follow the steps below In the Security Analytics UI, navigate to Administration -> Services. Select the Local Log Collector service and click on the View -> Config button. Select the Event Destinations tab Check destination decoder is present or stopped If stopped start and check the status If not presented, add decoder as below

Attachments

Outcomes

0 Comments

Recommended Content