This section provides resolutions to common problems that you may encounter while configuring RSA Archer® Cyber Incident & Breach Response 188.8.131.52 with NetWitness Respond.
After adding the endpoint for NetWitness Respond, the Certificate Authority truststore fails to set.
|Remediation Tasks being pushed to the operations queue through the UCF are not appearing in RSA Archer® Cyber Incident & Breach Response as Findings.|| |
|In the <install_dir>\SA IM integration service\logs\collector.log, there are SSL errors between RSA NetWitness Platform and RSA Unified Collector Framework.|| |
To regenerate and copy the certificates:
|When ESA alerts with severity High or Low are forwarded to RSA Archer, the Security Alert Priority field is not populated in the RSA Archer UI.||None, as it functions as designed.|
|When ESA Command and Control Aggregate Scores details are forwarded from NetWitness Suite to RSA Archer UI, fields such as Beaconing Behavior, Rare Domains, Rare User Agents, Missing Referrers, and Suspicious Domains Aggregate Score do not get populated.||None, as it functions as designed.|
|RSA Archer recurring feeds does not work in SSL mode.||Make sure you create the RSA Archer recurring feeds in non-SSL mode.|