No Flows Visible in SSP After NSX Manager Onboarding Despite Data Collection Being Active
search cancel

No Flows Visible in SSP After NSX Manager Onboarding Despite Data Collection Being Active

book

Article ID: 399171

calendar_today

Updated On:

Products

VMware vDefend Firewall with Advanced Threat Prevention VMware vDefend Firewall

Issue/Introduction

Symptoms:

  • NSX Manager is onboarded, but when you navigate to the "Plan & Troubleshoot" tab in the SSP UI, you will not see any flows.

  • Under "System" -> "Data Collection" -> "Host Clusters," you see data collection "Activated" on the Cluster; however, when you SSH into any one of the hosts with root credentials belonging to that cluster and execute the below:

         nsxcli -c get intelligence flows stats ack

         You would find the status as "Service is disabled."

  • Although you try to enable and disable the data collection on that cluster, you will not notice any difference in the problem statement.

Do not execute the resolution if either of the above symptoms does not match in your environment.

Environment

Security Services Platform = 5.0

Cause

This issue may occur due to stale tokens or expired certificates between NSX Manager and the Security Services Platform (SSP), which can disrupt secure communication channels required for onboarding. During onboarding, NSX Manager syncs license and metadata to SSP via the common agent. Additionally, flows from Transport Nodes (TNs) are exported via the NSX Exporter and pushed to SSP through Kafka.

If any part of this chain—such as token validity, certificate trust, or agent status—is broken or stale, SSP may not correctly register or process flows, even though data collection appears “Activated” in the UI.

 

Resolution

1. To resolve this issue, offboard and re-onboard the NSX manager.

Validate if the flows are seen after re-onboarding.

To know how to offboard NSX manager, please refer: https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/vdefend/security-services-platform/5-0/onboarding-and-managing-platform/managing-ssp/activate-security-intelligence.html

And on how to onboard, refer: https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/vdefend/security-services-platform/5-0/onboarding-and-managing-platform/onboarding-ssp/connect-to-nsx-manager.html

 

Powered by Wolken Software