000033872 - Issues with Mitigator in RSA Web Threat Detection

Document created by RSA Customer Support Employee on Nov 3, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000033872
Applies ToRSA Product Set: Web Threat Detection
RSA Product/Service Type: Mitigator
RSA Version/Condition: 5.1
IssueSome Issues and Symptoms Seen with Mitigator
  • Mitigator may be seen to be occupying a lot of system memory, this may even cause a gap in Varz if the Mitigator and Varz fetcher components are on the same system.
  • The issues with Mitigator that have been seen in Varz are memory spikes, that lead to automatic service restarts one or more times a day.
  • Rules, alerts, incidents may not work correctly, be missing,  
An Example Customer Case Description
  •  Over the past 24 hours, there were three gaps in Silver Tail Varz Dashboard – Mitigator, each lasting roughly 20-minutes.  
What is the issue/symptoms? During the “gap”, no data comes in and incidents are generated, the system recovers itself after a while. 

What is the specific function that you are experiencing a problem with? Txn Listener Bits
What is occurring and what do you expect to occur? System Outage  
CauseMitigator may have memory leaks and is being investigated by WTD Engineering.
ResolutionRSA WTD Engineering is working on investigating, reproducing, finding the root cause and resolution as of Aug 2016 . 
Version for fix is yet to be determined. 
WorkaroundSeparate Mitigator from other components on its own system.
NotesThis is a very high priority issue for Engineering as of Aug 2016.