Skip to content
  • There are no suggestions because the search field is empty.

ADMIN-Security-Users tab is blank in RSA NetWitness 11.x

Issue

After logging in using any accounts including the admin account, it is found that ADMIN-Security-Users tab appears to be completely blank.
The issue continues after restarting the browser or jetty service.

/var/netwitness/uax/logs/sa.log shows "IllegalArgumentException" error messages with one or more user accounts. e.g. user123 in the following error.
...com.rsa.smc.sa.core.migration.migrator.batch.job.version_11_2.step.Version_11_2_StepConfig.securityServerUserItemReader()] threw exception; nested exception is java.lang.IllegalArgumentException: user123



Cause

The root cause has not been determined yet but it appears to be due to an invalid field in the user account which is carried over from the previous version.


Resolution

In order to resolve the issue, please follow the steps below.

  1. SSH into the NW Admin server.
  2. Connect to the mongo database and switch to use 'security-server' database.

    mongo admin -u deploy_admin -p
    use security-server

  3. Check the existence of the user from the database.
    db.user.find({_id: "user123"})
  4. Delete the user from the database.
    db.user.remove({_id: "user123"})
     
  5. Repeat #3 and #4 for all user accounts appearing with "IllegalArgumentException" error.
  6. Restart the rsa-nw-security-server service.
    systemctl restart rsa-nw-security-server
     
  7. Log in to the NW UI and check if the Users tab displays the users.

Product Details

RSA Product Set: NetWitness Logs & Network
RSA Product/Service Type: Security Analytics Server
RSA Version/Condition: 11.2.0.0
Platform: CentOS
O/S Version: 7

Approval Reviewer Queue

RSA NetWitness Suite Approval Queue