IBMCustomDSM fails to install when protocols are missing from sensor protocol table

Resolving The Problem

1. To resolve the issue:
2. Attempt to reinstall the IBMCustomDSM package that came with your current QR versions SFS or ISO. The resulting error tells which Sensorprotocol config parameter entry is missing.
3. Review the /var/log/qradar-sql.log for an error such as this:

   ERROR: insert or update on table "sensordeviceprotocols" violates foreign key constraint "fkedfa8febc191a12d" DETAIL: Key (sensorprotocolid)=(40) is not present in table "sensorprotocol".

   This is the important part of the error: (sensorprotocolid)=(40) is not present.
    
4. Check the table for the default QRadar 7.5.0 UP6 Sensorprotocol ID associations to identify your missing SensorProtocol:

    id | protocolname            
     0 | Syslog
     1 | SNMPv2
     2 | LEA
     3 | SOAP
     4 | CLASSIFY
     5 | Event CRE
     6 | JDBC:SiteProtector
     7 | SDEE
     8 | JDBC
     9 | JuniperNSM
    10 | SNMPv3
    11 | SNMPv1
    12 | Forwarded
    15 | LogFileProtocol
    16 | WindowsExchangeProtocol
    17 | WindowsDHCPProtocol
    18 | WindowsIISProtocol
    19 | CiscoFirepowerEstreamer
    20 | SiteProtectorJDBC
    21 | OracleDatabaseListener
    22 | TLSSyslog
    23 | TCPMultilineSyslog
    24 | UDPMultilineSyslog
    25 | IBMBigFixSOAP
    30 | WindowsEventLog
    31 | WindowsEventLogCustom
    32 | SmbTailProtocol
    33 | AnomalyDetectionEngine
    34 | EMCVmWareProtocol
    35 | Cisco NSEL
    36 | PCAPSyslog
    37 | JdbcSophos
    39 | WinCollect
    40 | Juniper Binary
    41 | WinCollectFileForwarder
    42 | IBMSIMJDBC
    43 | VmWareVCloudProtocol
    44 | WinCollectMicrosoftIIS
    45 | WinCollectMicrosoftDHCP
    46 | WinCollectMicrosoftISA
    47 | WinCollectMicrosoftIAS
    48 | WinCollectJuniperSBR
    49 | WinCollectMicrosoftSQL
    50 | SyslogRedirect
    51 | HTTPReceiver
    53 | WinCollectConfigServer
    54 | SalesforceRESTAPI
    55 | AhnLabPolicyCenterJdbc
    56 | IBMFiberlinkRESTAPI
    57 | WinCollectNetAppDataONTAP
    59 | WindowsEventRPC
    60 | IBMSmartCloudOrchestratorRESTAPI
    61 | BoxRESTAPI
    62 | AmazonAWSRESTAPI
    63 | ArielRESTAPI
    65 | NetskopeActiveRESTAPI
    66 | WinCollectMicrosoftDNS
    67 | ObserveITJdbc
    68 | MQJMS
    69 | OktaRESTAPI
    70 | Office365RESTAPI
    71 | SeculertProtectionRESTAPI
    72 | AkamaiKonaRESTAPI
    73 | BlueCoatWSSRESTAPI
    74 | CentrifyRedrockRESTAPI
    75 | IBMBigFixEDRRESTAPI
    76 | AmazonWebServices
    77 | WindowsDefenderATPRESTAPI
    78 | MicrosoftAzureEventHubs
    79 | SAPETDAlertAPI
    80 | ApacheKafka
    81 | WinCollectMicrosoftExchange
    82 | IBMQRadarDLC
    83 | VMWareAppDefense
    84 | RabbitMQ
    85 | GoogleCloudPubSub
    87 | MicrosoftGraphSecurityAPI
    88 | GoogleGSuiteActivityReportsRESTAPI
    90 | IBMCloudIdentityEventService
    91 | Office365MessageTraceRESTAPI
    92 | UniversalCloudRESTAPI
    93 | IBMCloudObjectStorage
    94 | IBMSecurityReaQtaRESTAPI
    95 | CiscoDuo
    96 | IBMSecurityRandoriRESTAPI
5. Next, download the missing sensor protocol from fix central and manually install it on your QRadar Console.
6. Perform a Full Deploy and restart the Tomcat service to finish resolving this issue.
   Important: Deploy Full Configuration results in services being restarted. While services are restarting, event processing stops until services restart. Scheduled reports that are in-progress need to be manually restarted by users. Administrators with strict outage policies are advised to complete the next step during a scheduled maintenance window for their organization.
   Important: To load configuration changes, you must restart the web server (Tomcat). When you restart Tomcat, this action logs out all users, stops Log Activity exports in progress, and can prevent scheduled reports from starting. QRadar Support recommends administrators restart services during scheduled maintenance.