RSA Product/Service Type: Forensics
RSA Version/Condition: 5.x, 6.x
- No real-time rules are seen in the Admin UI
- Mitigator is not running
- Rules and Alerts are not firing
1. Go to Varz and verify if Mitigator is running.
2. Go to /var/log/messages and look for an error similar to the one below:
3. Obtain the mitigator rules from the Customer and save as a JSON file.
4. Have a JSON parser such as the one available in NotePad++ plugin.
5. Highlight the curly brackets to see if all rules have a beginning and an ending.
6. Start at the rule seen in the error message and add curly braces
at the end of a rule where no distinction is seen between rules.
Add until the first brace in the rule is highlighted. This should resolve the issue.
7. Save the file as mitigator.rules and give it back to the Customer to add back into WTD.
8. The Customer might also be able to add these directly to the mitigator.rules file by editing with the vi or nano editors.
Related Articles
View A Completed Report Number of Views How to configure RSA Validation Manager to obtain real-time certificate status from RSA Certificate Manager Number of Views Filter Activity Monitor Events Based on Administrator Scope of Authorization Number of Views Authentication using acetest fails TRANSACTION_ROLLBACK on real time authentication activity monitor for RSA Authenticatio… Number of Views Real-Time Monitoring Using Activity Monitors Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
