CIS Compliance alerts are not being resolved due to NSX updates not showing for Overlay Segment
search cancel

CIS Compliance alerts are not being resolved due to NSX updates not showing for Overlay Segment

book

Article ID: 422765

calendar_today

Updated On:

Products

VCF Operations

Issue/Introduction

CIS Compliance alerts are failing to resolve within VCF Operations. Despite applying the required configuration changes at the NSX level (SpoofGuard port binding), the status of Overlay segments is not updating in VCF Operations, leading to alerts not getting cleared.

Environment

VCF Operations 9.0.x

Cause

The API call used for metric collection incorrectly appends the Gateway Name, creating an invalid path. This causes the collection task to fail for Overlay segments.

Resolution

This is a known issue and it will be fixed in the upcoming releases. Since it is a false alarm on VCF Operations side, you can disable this compliance check as a workaround till the time fix is delivered.

Powered by Wolken Software