Article Content
Article Number | 000034175 |
Applies To | RSA Product Set: Security Analytics, NetWitness Logs and Packets RSA Product/Service Type: Security Analytics Server, Context Hub, Incident Management RSA Version/Condition: 10.6.x.x and later versions Platform: CentOS |
Issue | When trying to add IM as a data-source to the Context Hub, an error like the following is received:"Error: A service already exists on port 27017" |
Cause | The issue can occur if IM was added as a datasource in earlier versions of SA with incomplete information (i.e. IM Password not typed) and no longer shows up on the Data Sources tab but still exists in the Context Hub catalogConfiguration.cfg file. |
Resolution | SSH into the ESA appliance and perform the following steps to reset the Context Hub configuration: 1. Stop the rsa-context service: service rsa-context stop 2. Rename catalogConfiguration.cfg cd /opt/rsa/context/conf/ 3. Start the rsa-context service: service rsa-context start 4. Make sure you are able to login to context-hub mongo database as follows: [root@esa bin]# mongo context-wds -u context -p context At this point you should now be able to add Incident Management as a Data Source to the Context Hub |