CB Response: Cannot Update IP Whitelist on Cluster

CB Response: Cannot Update IP Whitelist on Cluster

search cancel

CB Response: Cannot Update IP Whitelist on Cluster

book

Article ID: 287396

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

Unable to apply IP whitelist using commands found here.
Whitelist entries, as pulled via curl commands here do not match the /var/cb/nginx/props/nginx.runtime.ipfilters.prop file.
444 HTML error in minion /var/log/cb/nginx/access.log:

<ip> - - [25/Sep/2019:15:40:02 +0000(0.000)] "POST /api/whitelist/apply-minion HTTP/1.1" 444 0 0 366 "-" "sensors.<host>.my.carbonblack.io" ">-" "curl/7.29.0" "206.55.101.50"

Environment

CB Response 6.5: Clustered Environment

Cause

Issue with translation of whitelist from master to minions

Resolution

Fixed in a future version
On-Premise:
- Add whitelisted IP addresses manually to the /var/cb/nginx/props/nginx.runtime.ipfilters.prop . See here for reference.
CB Response Cloud:
- Contact Carbon Black Support

Feedback

thumb_up Yes

thumb_down No