Support Center > Search Results > SecureKnowledge Details
Security Management/MDS does not show logs from Log Server Technical Level
Symptoms
  • Security Management does not show logs from Log Server.

  • When the user selects log server from the Log Servers tab, there is the following error message: There are no log servers available, check your log server configuration.

  • $RTDIR/log/solr.log from the Log Server:
    ERROR [main] com.checkpoint.java_sic.DB.SicDbManager.buildDB:100 - /opt/CPsuite-R80.20/fw1/conf/SIC_DB doesn't exist
    ERROR [main] com.checkpoint.java_sic.SicUtilsRemoteImp.getCertPasswordFromCPD:10 - Server failed to get password [f]
    ERROR [main] com.checkpoint.java_sic.SicUtils.createSSLContext:73 - Failed to create SIC local SSLContext
    com.checkpoint.java_sic.SicException: Server failed to get passwordf
    Starting Solr. This may take a few seconds ...
    Start listen to 127.0.0.1:8210 (SSL)
    ERROR [main] com.checkpoint.java_sic.DB.SicDbManager.buildDB:100 - /opt/CPsuite-R80.20/fw1/conf/SIC_DB doesn't exist
    Start listen to 0.0.0.0:8211 (SSL)
    WARN [main] com.checkpoint.rfl.SicPolicyHandler.setEnforceSicPolicyPort:15 - Sic policy is enforce on port:8211
    WARN [main] com.checkpoint.infrastructure.cpprod.CpprodUtilsIs.getPerDomainData:95 - caching 'MDS' -> '/opt/CPshrd-R80.20/registry/HKLM_registry.data'

  • $RTDIR/log/RFL.log on the Security Management Server:
    ERROR [pool-1-thread-3] com.checkpoint.logs.LogServerRequestExecutor.call:47 - Error while handling request to [<IP address>:8211].
    uri: [https://<IP address>:8211/log_indexer_proxy/ping?ip=<IP address>], request data: []
    javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Failed to validate server certificate 4
    [DATE TIME] ERROR [pool-1-thread-3] com.checkpoint.rfl.solr.monitoring.ServerConnectivityTask.printPingErrorMessage:34 - ping failed for server.
    ObjID: [04ca0335-21db-407b-907f-da112c15c9e4'], IP Address: [<IP address>], Port: [8211], Local IP: [false], Connecting IP Address:
    [<IP address>], Enable SSL: [true], Enable Remote SSL: [true], SmartEvent: [false], Primary Management: [false]
    org.apache.solr.client.solrj.SolrServerException: IOException occured when talking to server at: https://<IP address>:8211/solr/template
    The logServer $RTDIR/conf/logServerConfig.xml points to itself only:
    <?xml version="1.0"?>
    <config>
    <connection>
    <IPAddress>127.0.0.1</IPAddress>
    <IsLocalIp>true</IsLocalIp>
    <ProxyPort>18244</ProxyPort>
    <SSL>false</SSL>
    <CPUUID>00000000-0000-0000-0000-000000000000</CPUUID>
    <LoopbackPort>18244</LoopbackPort>
    <IsSmartEvent>false</IsSmartEvent>
    <IsPrimaryManagement>false</IsPrimaryManagement>
    <ProxyIp>127.0.0.1</ProxyIp>
    </connection>
    </config>

  • $RTDIR/log/dbsync.elg shows:
    INFO db_sync.server.DBSyncData [dbsyncTaskExecutor-1]: CA IP doesn't answer, trying to connect to another IP INFO db_sync.server.DBSyncData
    [dbsyncTaskExecutor-1]: Candidates for connection: ERROR db_sync.server.DBSyncData
    [dbsyncTaskExecutor-1]: Failed to connect to all machines WARN db_sync.server.CpmSession
    [dbsyncTaskExecutor-1]: Login failure to a0eebc99-afed-4ef8-bb6d-fedfedfedfed on . message: Marshalling Error: java.security.cert.CertificateException:
    Failed to validate server certificate 4 WARN db_sync.server.CpmSession
    ....
    [dbsyncTaskExecutor-1]: CA IP doesn't answer, trying to connect to another IP INFO db_sync.server.DBSyncData
    [dbsyncTaskExecutor-1]: Candidates for connection: ERROR db_sync.server.DBSyncData
    [dbsyncTaskExecutor-1]: Failed to connect to all machines WARN db_sync.server.CpmSession
    [dbsyncTaskExecutor-1]: Login failure to a0eebc99-afed-4ef8-bb6d-fedfedfedfed on . message: Marshalling Error: java.security.cert.CertificateException:
    Failed to validate server certificate 4 WARN db_sync.server.CpmSession

Cause

There was a communication failure with dbsync; it cannot log into itself.


Solution
Note: To view this solution you need to Sign In .