Just got off with CP TAC and the final conclusion is to re-install the logserver.

Unfortunately the Re-installation did not fix the issue apparently the error is on the management and not on the log server. 

If we do a debug of RFL we see the following appear the moment we refresh in SmartConsole:

2018-05-29 19:47:03,364 ERROR [pool-1-thread-7] com.checkpoint.rfl.solr.monitoring.ServerConnectivityTask.printPingErrorMessage:28 - ping failed for server. ObjID: [ab6c901d-b6c2-420b-b723-157aad7dec86^], IP Address: [X.X.X.X], Port: [8211], Local IP: [false], Connecting IP Address: [X.X.X.X], Enable SSL: [true], Enable Remote SSL: [true], SmartEvent: [false], Primary Management: [false]
org.apache.solr.client.solrj.impl.HttpSolrServer$RemoteSolrException: Expected mime type application/octet-stream but got text/html. ^html^
^head^
^meta http-equiv=^Content-Type^ content=^text/html^charset=ISO-8859-1^/^
^title^Error 403 Forbidden^/title^
^/head^
^body^
^h2^HTTP ERROR: 403^/h2^
^p^Problem accessing /solr/template/admin/ping. Reason:
^pre^ Forbidden^/pre^^/p^
^hr /^^i^^small^Powered by Jetty://^/small^^/i^

Has anyone got a clue what this can be? i'm pretty much out of options. restarted the RFLserver and cleared the FetchedFiles and the directory CpmiLocal... all without succes. TAC is still investigating. 

Let me know!

Hi,

I would like to add that for this problem (for who i am the case owner right now), i just had a chat with support that mentioned the following script:

/opt/CPrt-R80/scripts/doctor-log.sh

Run this script and it analyzes and collects all the information needed for support to analyze possible logging issues. You can find the collected logs in the directory /tmp/sme-diag/results.

Gives you really a great bunch of information.

Kind regards,

Jelle