Troubleshooting
Problem
You may get the below error message when you try to save the configuration of Data Export on the collector.
"Aggregation registration failed. Problem receiving registration confirmation."
Symptom
From the application debug log, we can see:
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector host: <Aggregator IP>
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector returnFileName: /var/IBM/Guardium/data/importdir/collector_id_guard-v10-col2.ibm.com
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=0 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=1 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=2 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=3 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=4 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=5 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=6 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=7 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=8 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=9 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector returnFileName: /var/IBM/Guardium/data/importdir/collector_id_guard-v10-col2.ibm.com
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=0 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=1 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=2 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=3 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=4 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=5 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=6 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=7 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=8 trying in =10.00 seconds
Thread: http-bio-8443-exec-5 - AggregationRegistration.registerCollector wait and then try: retries=9 trying in =10.00 seconds
Cause
Aggregation registration failed due to the network connectivity.
During the data export configuration, below ports are required to make sure the aggregator registration and collector host validate between aggregator and collector.
#1 Aggregator port 8443 is required to be reachable for collector (col->agg:8443)
#2 Aggregator Port 22 is required to be reachable for collector.(col->agg:22)
#3 Collector port 22 is required to be reachable for aggregator.(agg->col:22)
#1 Aggregator port 8443 is required to be reachable for collector (col->agg:8443)
#2 Aggregator Port 22 is required to be reachable for collector.(col->agg:22)
#3 Collector port 22 is required to be reachable for aggregator.(agg->col:22)
Environment
v10, v11
Diagnosing The Problem
From collector side, you can run cli command:
support show port open <aggregator TOMCAT IP> 8443
support show port open <aggregator TOMCAT IP> 22
From aggregator side, you can run cli command:
support show port open <collector TOMCAT IP> 22
If the port is reachable, then it should return:
On v10 appliances:
Connection to <TOMCAT IP> 8443 port [tcp/*] succeeded!
On v11 appliances:
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to IP:22.
Ncat: 0 bytes sent, 0 bytes received in 0.01 seconds.
ok
Ncat: Connected to IP:22.
Ncat: 0 bytes sent, 0 bytes received in 0.01 seconds.
ok
Otherwise, it will return
On v10 appliances:
nc: connect to IP port 8443 (tcp) failed: Connection refused
On v11 appliances:
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connection refused.
Ncat: Connection refused.
Resolving The Problem
Are the ports listening?
You can run the cli command: support show port open <TOMCAT IP> 8443/22
Is the port blocked by the firewall?
You may need to check with your network team. These ports should be reachable during the Data Export configuration.
Related Information
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Component":"aggregation","Platform":[{"code":"PF016","label":"Linux"}],"Version":"v10,v11","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
20 December 2019
UID
ibm10964980