000035756 - Directional meta is not available when the data source is added in RSA Security Analytics 10.6.2 and above

Document created by RSA Customer Support Employee on Nov 18, 2017
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000035756
Applies ToRSA Product Set: NetWitness Logs & Packets, Security Analytics
RSA Product/Service Type: Reporting Engine, User Interface
RSA Version/Condition: 10.6.2 and above
Platform: CentOS
O/S Version: EL6
IssueIn the OOTB dashboard the investigation query does not contain quotes for the values when you click on investigate using the Traffic Flow Direction chart that is available in the Overview Dashboard.
WorkaroundPossible workarounds:
  • Restart the Reporting Engine
  • Remove and Re-add the data source to the Reporting Engine
  • Wait 24 hours to allow the schema cache to update.
Restarting the jettysrv service on the Security Analytics server is required to reflect the change in the dashlet query for the hyperlink used in the investigation query that was created during dashlet creation. When the  Reporting Engine schema cache is updated, the dashlet is not.