Cloud Guard Extension (CME) does not discard used sessions

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk173624
Technical Level
Product	Quantum Security Management
Version	R80.40, R81.10
OS	Gaia
Date Created	21-May-2021
Last Modified	06-Sep-2022

Symptoms

"cme service test" fails on the API command:

Failed discard old sessions (5/5):
Error Code: Management API error

API call: show-sessions failed with an exception: 'to'.

In api.elg the request looks like this:

Address: http://127.0.0.1:50276/web_api/discard
Encoding: ISO-8859-1
Http-Method: POST
Content-Type: application/json
....
Payload: {"uid":""}

If the session is open in the database, the response in api.elg looks like this:

Response-Code: 200
...
Payload: number-of-discarded-changes: 0
message: "OK"

If the session is discarded in the database, there is an error:


ERROR com.checkpoint.management.web_api.utils.WebApiCommandExceptionUtils.getErrorReply:94 [qtp-1297410348-33] - 
Server has thrown GeneralRemoteFault exception errorCode [The required session is no longer available. 
Please verify if private session was published or discarded.] errorFamily [null] message [An internal error has occurred.]

...

Response-Code: 400
Content-Type: text/plain
Headers: {Content-Type=[text/plain], Date=[Wed, 21 Apr 2021 15:02:41 GMT]}
Payload: code: "generic_server_error"
message: "Management server failed to execute command"

Cause

There is a corrupted aggregator in SOLR for a work session that CME uses. If you discard the session manually, CME still tries to discard it because of the aggregator.

Starting from R81.10, SOLR is replaced with a PostgreSQ, and the Root Cause for the time-out in command is still under investigation. For more information please refer to R81.10 Release Notes.

Solution

Note: To view this solution you need to Sign In .