I have been using this product on but mainly off since the Network Intelligence days.
I've never found the product to be either intuitive or helpful when issues are seen......which is fairly frequently.
Is there a set of logs to look at to see what is not happening, or preventing reports from running?
As we have a set of servers that everyone ignores/avoids because they are just too painful to get any information out of. It's preferable to use notepad and excel with the logs from source than to use enVision.
This is a shame, as the product does show promise and I have even seen it work properly, once.
So my question to the floor is when trying to run a report, (any report, (including ones that we have had working before)), we get an error that just says "
XSL Runtime Error
Any pointers as to where to look?
Or are we better off with a slide-rule?
quiet in here......
That's a new error on me and I've seen my fair share of errors. Have you upgraded to the latest patch? Does this error only happen in the browser or does it also happen for scheduled reports also? Have you updated java (not sure if this is related).
This doesn't sound like a webserver error but you could start the webserver via command line:
stop the web server service
cd /d %_envision%/bin
I'd suggest outputting to a file. Then try and recreate the error and reverting what you've done. Do with the aid of support if you're not sure.
hope this helps.
Many thanks for the reply.
It turns out that it was a client issue - with all client's using FireFox and or Chrome/Safari. enVision seeming not to work in these and relying on an old version of IE to run.
A long and distant memory of a morning I spent with Network Intelligence seems to niggle at the back of my mind where I think the guy mentioned that they only supported IE and not Netscape. That was many years ago, mind, (01-02ish).
I guess it still follows, IE only.
Yep – that is correct. If you’re moving to Security Analytics that works best on Chrome
FYI - enVision goes EOL at the end of this year and if you’re still running it on W2k3 that goes EOL in June I believe.
okay. Thanks - that's good to know.
I think the plan is to change vendor. As, unfortunately, we're not really seeing the ROI on enVision.
So we're able to meet compliance and get information quicker, easier and cheaper from other vendors.
thats why I believe RSA are getting rid of enVision - it's architecture means it is limited in what today SIEM has evolved into. enVision was good in its day but SIEM has moved on.
There are good products from other vendors out there but it's worth looking at RSA's offering of Security Analytics - it's based on Netwitness so the front end is probably the best looking and easiest to use on the market but its whether it meets your needs.
Before you ask - no - I don't work for RSA I work for a partner and I get to deploy most of the big SIEM products.