Security Analytics Anomaly Detection not working, Failed to connect to localhost
book
Article ID: 169311
calendar_today
Updated On:
Products
Security Analytics
Issue/Introduction
When Security Analytics versions 7.2.1 and 7.2.2 have a proxy configured, adm-connector may fail.
This is evidenced in /var/log/messages with the following:
Jan 9 16:06:00 hostname /usr/sbin/adm-connector[16933]: Error performing URL transaction for localhost:8080/engine/v1/jobs: curl error 7: curl data: Failed to connect to localhost port 8080: Connection refused
This may be followed by a segfault in adm-connector (the Anomaly Detection engine):
The adm-connector service is following the proxy configuration when trying to reach other services running locally on the appliance.
Resolution
This has been resolved in Security Analytics version 7.2.3.
Workaround
If you are not running 7.2.3, you can add "localhost" to the no_proxy environment variable and reboot the appliance:
1. Log into the appliance via SSH as the 'root' user
2. Run the following command to add 'localhost' to the no_proxy variable in /etc/environment sed -i /etc/environment -e 's/^no_proxy="/no_proxy="localhost,/'