Periodically (about every 2 weeks or so), our ESM begins to fail to retrieve events from receivers. In this state, it also fails to get a device status. In an SSH session, it hangs when I try to stop the cpservice process. I've had to kill the process in order to be able to restart it. Once started it runs through a DB rebuild process which takes a few hours before it lets you log in again.
We have all devices at version 9.2.1.
Has anyone else seen this issue and if so, has anyone been able to remediate it?
Yep, had a couple of tickets open with McAfee on this. Just wanted to throw out the question to see if others are experiencing the same thing. I'm also worked with a McAfee architect to go through a "health check" of our environment. Didn't see anything obvious that was wrong with how I configured things. It was a good session with him though.
Also got some insight into some new features in 9.3. Looking forward to it.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.