Support Center > Search Results > SecureKnowledge Details
Arcsight LEA client shows the username field as "Confidential"
Symptoms
  • The logs to Arcsight show the username field as Confidential, while the LEA session debug shows the certificate correctly with correct permissions:

    [lea_session.PID ...]@Host[DATE TIME] lea_server_init_permissions: 3rd-pty client detected
    [lea_session.PID ...]@Host[DATE TIME] lea_server_init_permissions: peer_sic_name is CN=ArcSightESM,O=IAD-FWM.hhsoig.gov.f56unx
    [lea_session.PID ...]@Host[DATE TIME] fwnetobj_getbysicname: table_chosen_get_with_param(eTABLE_NETWORK_OBJECTS, is_obj_SIC_name, CN=ArcSightESM,O=IAD-FWM.hhsoig.gov.f56unx) returned NULL.
    [lea_session.PID ...]@Host[DATE TIME] lea_server_init_permissions: log_reading_perm = show_all
    [lea_session.PID ...]@Host[DATE TIME] leadict_create: called, VT=3
Cause

The objects_5_0.C file is not updated correctly to show all permissions


Solution
Note: To view this solution you need to Sign In .