Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Roy_Smith
Collaborator
Jump to solution

log server disconnect after MDS migration

Hi

Afer carrying out a MDS migration, I have errors and connectivity issues with logging. This is an MDS pair in HA. The IP addresses were changed during the migration using the /var/log/mdss.json file. The IP addresses of the CMAs have not been changed. All gateways are configured to log to either the active or standby management server. So, this means, currently, I am unable to see logs from the standby server.


In Smartconsole, Logs & Monitor, I see various errors such as:
- Problems have occurred during search
- Query resolution failed. Logs might not display properly
- Log resolution failed. Logs might not display properly
- Log server is disconnected (IP: XX.XX.XX.XX) - The IP is that of the old secondary MDS server
- Log Server is disconnected (IP:x.x.x.x) - IP is that of the secondary CMA
- Log Server is not configured (IP:x.x.x.x), make sure that you published all changes - This is the new IP of the MDS server

If I follow sk123593, the hosted_by_mds setting is correct and contains the name of the MDS server.
I also followed sk180104 with no effect.

If I look at the $RTDIR/conf/logServerConfig.xml file on both MDS servers and our SmartEvent server, I see the ProxyIp in each section as the old MDS server IP. I even edited this, although not sure if I should ahve, and replaced the incorrect IP addresses. This did not make any difference.

I am thinking there is a configuration somewhere that has not updated correctly in the migration. Could anyone point me in the right direction?

Both old and new servers were running the same version, i.e. R81.10 with JHF take 55

Thanks
Roy

0 Kudos
1 Solution

Accepted Solutions
Timur_Khairulin
Employee
Employee

Hi Roy,

please run sic reset for the secondary MDS and your MLM server, this should update the IP's and resolve your issue.

please follow the instruction below for re-establish sic
https://sc1.checkpoint.com/documents/R81.10/WebAdminGuides/EN/CP_R81.10_Multi-DomainSecurityManageme...

 

Thanks,

Timur

View solution in original post

7 Replies
the_rock
Legend
Legend

Hey Roy,

I hope someone way more familiar than me in MDS can point you in right direction, but just an idea...I remember while ago, customer modified that file ( $RTDIR/conf/logServerConfig.xml) and changed the IP and had bunch of issues, so maybe if you put it back to original state and try, let us know the outcome.

Andy

0 Kudos
Roy_Smith
Collaborator

After my change did not work, I put the original settings back in the file. After a reboot, the issue is still there. So, it is clear modifying that file does not make any difference

Roy

0 Kudos
Peter_Lyndley
Advisor
Advisor

Hi Roy,

You need to go into each log server in GuiDBEdit, and change HOSTNAME of the hosted_by_mds server in that object..., not the IP address as indicated by the SK... 

_Val_
Admin
Admin

Please open a TAC request for this.

0 Kudos
(1)
Timur_Khairulin
Employee
Employee

Hi Roy,

please run sic reset for the secondary MDS and your MLM server, this should update the IP's and resolve your issue.

please follow the instruction below for re-establish sic
https://sc1.checkpoint.com/documents/R81.10/WebAdminGuides/EN/CP_R81.10_Multi-DomainSecurityManageme...

 

Thanks,

Timur

Roy_Smith
Collaborator

Hi Timur

Thanks for that. That has helped somewhat. 

I went through the SIC reset and that has cleared all the error messages from the CMA domains. However, I still have the errors at MDS level. As I cannot reset sic for the primary MDS, I plan to promote the secondary to primary, then run the secondary sic reset again on the demoted server. Will let you know how it goes.

Thanks
Roy

0 Kudos
Peter_Lyndley
Advisor
Advisor

hi Roy - personally, I would not do what you are suggesting... check with TAC first

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events