|Applies To||RSA Product Set: Security Analytics, NetWitness Logs & Network|
RSA Product/Service Type: Log Collector
RSA Version/Condition: 10.6.x.x
Platform: CentOS, VMware ESX, VMware ESXi
|Issue||The error message below is reported when the command perl /etc/netwitness/ng/logcollection/content/collection/vmware/vmware-events/NwVmwareCollector.pl -events -server <ESXi host IP> -username <user> -password <pass> -count N is executed on the log collector for debugging purpose while doing the VMware ESXi integration:|
|Tasks||DIRECTLY connect to the ESXi host by specifying the IP address in a browser and connect using the same credentials as used in the script above. It should return with the same error (shown below) as seen when running the script. |
|Resolution||Step 1 of the VMware ESX-ESXi Event Source Configuration Guide states:|
Log onto the ESXi host using the vSphere Client, with administrative privileges.
However, a customer might unknowingly login to the vCenter, followed by creating a role, local user and assign the permission to the user thinks that all the roles and permissions are assigned to the ESXi host.
Ensure that all the steps performed are on the ESXi host and not on the vCenter. There shouldn't be any requirement for vCenter access for doing this integration successfully.