.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
Archer is reporting an unspecified parsing error in RSA Security Analytics
Issue
Errors similar to the example below are seen when running reports on the Archiver.
There was an unspecified parsing error.
Input(time='2015-Oct-31 18:30:00'-'2015-Nov-02 18:29:59')&&(device.type=symantecav).
Input(time='2015-Oct-31 18:30:00'-'2015-Nov-02 18:29:59')&&(device.type=symantecav).
Cause
The meta key " device.type" specified in the error message is missing from the index-archiver-custom.xml.Resolution
Add the meta key " device.type" to the index-archiver-custom.xml and restart the nwarchiver service.Make sure that aggregation has started before running the report again otherwise you will get an error message about the sdk.
Product Details
RSA Product Set: Security AnalyticsRSA Product/Service Type: Archiver
RSA Version/Condition: 10.3.x, 10.4.x
Platform: CentOS
O/S Version: EL6
Approval Reviewer Queue
ASOC Approval Group