Troubleshooting
Problem
My Managed Unit is having issue connecting to the Central Manager.
Symptom
One or more of:
- Managed unit is seen offline on central management pane
- Reports or Alerts are not synchronized
- Incorrect status on "Deployment Health Dashboard/Table/Topology"
- Not able to log in on the Managed Unit
Resolving The Problem
Verify the connectivity between the Central Manager and the Managed Unit.
1. Verify that Guardium® meets the minimum system requirements for RAM and CPU
Please check the link for more details.
2. Ensure that the appliance in question is on the same patch level as the Central Manager.
3. Check whether we can ping from both Units.
Open the CLI session of the Central Manager and execute "ping <IP Address>" command and follow the same on the Managed Unit, here is an example for a successful ping.
4. If there is a firewall between the database server and the Guardium® server, verify that the following ports are open for traffic between these two systems. Please check the link for more details.
a. TCP 22: This port is used for SSH/SCP data transfers, check if this port is open bi-directionally with the help of this command.
"support show port open <IP address> 22"
b. MYSQL 3306: This port is the MYSQL port and should be open from the Central Manager --> Managed Unit.
c.TCP 8443: This port is important for communication with the Central Manager to Managed Unit.
5. Run Clean servlets.
Run this command on the Managed Unit, which having issues, this command deletes *jsp*.java and *jsp*.class files and restarts GUI.
"support clean servlets"
6. Refresh the collector as shown here.
a. Navigate to Manage > Central Management > Central Management
b. Select the unit by clicking the checkbox, which is seen as Red on the central manager or which have any of the issues mentioned.
c. Click Refresh Unit Information.
d. Wait for some time for the page to load again.
If you are attempting to register the unit from the CM GUI and it still fails, try to register it from the MU using the CLI command: register management <manager ip> <port>
Parameters:
manager ip is the IP address of the Central Manager.
port is the port number used by the Central Manager (usually 8443).
If this information is not able to resolve your problem, Guardium® support can assist. If you need to open a case, please gather the following logs.
support must_gather system_db_infosupport must_gather cm_issues
support must_gather app_issues Take these logs from the Managed Unit and Central Manager
Run the app_issues command with debugger running while refreshing the unit as seen in point 6.
Related Information
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m0z000000Gp0ZAAS","label":"CENTRAL MANAGER"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
18 May 2020
UID
ibm11073514