I came in this morning and, after signing in to the ESMWGUI\ Dashboard, noticed there weren’t any new events after a certain time. I also notice I had some red flags. Hmmmm, so I troubleshoot.
Resolution:
Phase I – Open System Log
|  |
| 2. Open System Log |  |
| 3. Look for obvious errors. Example: Could not submit auto flow retrieval, exclusive job already in progress |  |
| 1. Open ssh session |  |
| 2. Stop cpservice | McAfee-ETM-6000 ~ # service cpservice stop |
| 3. Check database health using DBCheck | McAfee-ETM-6000 ~ # DBCheck -d '/usr/local/ess/data/ngcp.dfl' -p 'LOCDB327|CPDB126' –t or use DBCheck -d ngcp.dfl -c | grep not |
| 4. While doing the previous action keep an eye on the error log | vi /usr/local/ess/data/NitroError.Log |
| 5. Observe errors, similar to these |  |
 NitroX.MakeTableRecord Access violation |
| 1. Navigate to the location of the index | McAfee-ETM-6000 ~ # cd /usr/local/ess/data |
| 2. Create a copy of the current index files, and confirm this was completed. | /usr/local/ess/data # mkdir copy_ngcp /usr/local/ess/data # cp ngcp.cfg copy_ngcp /usr/local/ess/data # cp ngcp.cfd copy_ngcp /usr/local/ess/data # cd copy_ngcp/ /usr/local/ess/data/copy_ngcp # ls <output> ngcp.cfd ngcp.cfg |
| 3. The simplest thing to do is to simply type reboot |
PePeLePuu – The Dancing Engineer!!!!
By. Joe Piggee
Joe, if is possible can you update the images files, or send me the guide to it process. Thanks in advance
ReplyDeletefernandosegura@outlook.com