When Security Analytics versions 7.2.1 and 7.2.2 have a proxy configured, adm-connector may fail.

This is evidenced in /var/log/messages with the following:

Jan 9 16:06:00 hostname /usr/sbin/adm-connector[16933]: Error performing URL transaction for localhost:8080/engine/v1/jobs: curl error 7: curl data: Failed to connect to localhost port 8080: Connection refused

This may be followed by a segfault in adm-connector (the Anomaly Detection engine):

Jan 9 16:06:00 hostname /usr/sbin/adm-connector[16933]: snlog: sn="00:0c:29:51:5c:dc" id="DS" m="29" c="1" event="PROGRAM_SEGFAULT" category="SYSTEM" ip="172.24.10.22" model="Virtual Appliance" msg="PROGRAM=adm-connector"
Jan 9 16:06:00 hostname /usr/sbin/adm-connector[16933]: ABRT frame 1: /lib64/libpthread.so.0 [0x7f0e1bd510f0]
Jan 9 16:06:00 hostname /usr/sbin/adm-connector[16933]: ABRT frame 2: /lib64/libc.so.6(gsignal+0x35) [0x7f0e19092f05]
Jan 9 16:06:00 hostname /usr/sbin/adm-connector[16933]: ABRT frame 3: /lib64/libc.so.6(abort+0x183) [0x7f0e19094a73]
[etc.]
 

The adm-connector service is following the proxy configuration when trying to reach other services running locally on the appliance.

This has been resolved in Security Analytics version 7.2.3.  

Workaround

If you are not running 7.2.3, you can add "localhost" to the no_proxy environment variable and reboot the appliance:

1. Log into the appliance via SSH as the 'root' user

2. Run the following command to add 'localhost' to the no_proxy variable in /etc/environment
sed -i /etc/environment -e 's/^no_proxy="/no_proxy="localhost,/'

3. Reboot the appliance