11.4 Troubleshooting Notes

11.4.1 Change Guardian Forwarder Issues

  • Server unresponsive

  • Authentication failures

  • Event/ Alert migration failures

  • Database migration failures

  • LDAP Authentication issues, etc.

How to Troubleshoot?

  1. Check status of ports:

    • Webserver/ 8443

    • PostgreSQL/5432

  2. Check Firewall status

  3. Check whether the product RPMS are installed and upgraded successfully

  4. Logs to be collected:

    • /opt/arcsight/connectors/changeguardian/var/opt/novell/sentinel/log

11.4.2 Change Guardian Agent Issues

  • Agent deployment/ upgrade through AMS failures

  • Heartbeat, Agent health issues

  • Policy Assignment and Event generation failures, etc.

How to Troubleshoot?

  1. Check status of ports in server

    • Agent Manager/8082

    • JAVOS/8094

    • LDAPExpander/8079

  2. Check whether the install and upgrade is completed successfully

  3. Logs to be collected:

    • In server machine:

      • AMS logs: /opt/arcsight/connectors/changeguardian/var/opt/netiq/ams/ams/log/ams.log ; /opt/arcsight/connectors/changeguardian/var/opt/netiq/ams/assets/log/assets.log

      • JAVOS: /opt/arcsight/connectors/changeguardian/var/opt/netiq/cg/javos/log/javos.log

      • Certificate setup logs: /opt/arcsight/connectors/changeguardian/var/opt/netiq/cgutils/certs/cert-setup.log

    • In Agent machines:

      • Agent logs: C:\ProgramData\NetIQ\ChangeGuardianAgent\

      • CAM logs: C:\ProgramData\NetIQ\ClientAgentManager\