This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
RichUK
Participant
‎2022-01-13 01:41 AM

SmartEvent - LEA communication failture with x.x.x.x (Peer ended)

Hi all,

I have a dedicated Smart Event  server for logging. When I'm in the Smart Event console I get the following error;

A message in the file: opt/CPrt-81.10/log_indexer/log_indexer.elg indicates that an error might have occurred. The message is [3806313280] LEA communication failure with 10.x.x.x (Peer ended). This message indicates that the indexer process (log_indexer) couldn't read from the remote log server.

smartevent_error.jpg

 

On the management server, under Logs, I get the message 'Using local definitions for Log Servers'

management_log.jpg

 

Can anyone explain what this means, is there a local config on the management server that is configuring the logs settings, should it be set to use SmartDashboard. I still get logs when using SmartView.

Thanks in advanced

Rich

 

0 Kudos
2 Replies
Amir_Senn
Employee
Employee
‎2022-01-13 02:42 AM

1) Please check in cpwd_admin list what is the time that the indexer process has started and check if it's different from other processes. If it's the same as other processes and you can still work all the operations I wouldn't worry too much about it.

2) If you have multiple log servers (the management server itself is also a log server) then you'll have an option in the logs tab to send the logs to other log servers/multiple log server/distribute between log servers. In your case I'll guess that you activated SmartEvent on the management itself since it could also function as a log servers. If this is the case the only option is that the management is the only log server in you environment.

Kind regards, Amir Senn
0 Kudos
RichUK
Participant
‎2022-01-14 01:47 AM

Just for completeness, the issue was that the 'Correlation Units' under Initial Settings in the Smart Event console had both the management server and the smart event server listed. After removing the management server, that does not have the correlation option ticked, and installed the database, the error cleared.

Correlation with management server removed.

SmartEvent_Correlation.jpg

Management Server

management.jpg

Smart Event Server

SmartEvent.jpg

0 Kudos