MVISION Cloud Connector Known Issues
For MVISION Cloud Known Issue, see MVISION Cloud Known Issues and Bug Fixes.
Known Issues
| Date | Description and Workaround (if any) | Found in Release | Fixed in Release |
|---|---|---|---|
| April 22, 2021 |
Even when all Cloud Connectors are configured with AD, the following message appears in Infrastructure > Cloud Connector > Custom Attributes: "You have more than 1 instance of Cloud Connectors and it is recommended to configure Custom Attributes on all the instances that are processing logs to ensure consistency of data fetched and processed. Please set up Custom Attributes for all symbolic servers." This issue will be fixed in an upcoming release. |
5.3.2 | - |
| April 6, 2021 | The SMTP Advanced Properties are not getting removed from YAML after being deleted from the dashboard. | 5.3.2 | - |
| April 6, 2021 |
The date format doesn't automatically pick the selected Timestamp column from the Map Log Fields in the Log parser when there are multiple date header columns such as Date or Timestamp in the parsed logs. As a workaround, make sure to manually update the correct date format. NOTE: The Log Parser automatically picks the available date format when there are no multiple date header columns. |
5.3.2 | - |
| Feb 20, 2021 |
Cloud Connector throws ldapusers cache error after upgrading from 3.9.2 to 5.3.0 and above versions. As a workaround:
Switching to leveldb
{
"logProcessor":{ "unmatchedtracker.keyValueStoreType":"LEVELDB",
"ldapusers.cache.type":"LEVELDB","dualmode.storeType":"LEVELDB",
"tldcache.cache.type":"LEVELDB","ipDomainCache.cache.type":"LEVELDB",
"blockedURLCache.cache.type":"LEVELDB",
"ipUserMapperStore.cache.type":"LEVELDB" },
"integration": {
"smtp": {},
"siem": {},
"panorama": {},
"custom_attributes": {},
"ip_user_mapping": {},
"syslog": {}
}
}
Switching to rocksdb
{
"logProcessor":
{
"unmatchedtracker.keyValueStoreType":"ROCKSDB",
"ldapusers.cache.type":"ROCKSDB","dualmode.storeType":"ROCKSDB",
"tldcache.cache.type":"ROCKSDB","ipDomainCache.cache.type":"ROCKSDB",
"blockedURLCache.cache.type":"ROCKSDB",
"ipUserMapperStore.cache.type":"ROCKSDB" },
"integration": {
"smtp": {},
"siem": {},
"panorama": {},
"custom_attributes": {},
"ip_user_mapping": {},
"syslog": {}
}
}
NOTE: Before you switch between DBs, delete only the respective caches throwing exceptions after the Cloud Connector is started. |
5.3.1 |
- |
| Jan 20, 2021 | MVISION Cloud Connector cannot be upgraded in running status. You should stop the MVISION Cloud Connector before upgrading. | 5.3.0 | - |
| Jan 20, 2021 | Log parser sometimes may not fetch information accurately from the Timestamp field of the logs. | 5.3.0 | - |
| Jan 20, 2021 | Log parser cannot process Websense log lines that do not start with string literals ('quotes', "double quotes"). As a workaround, you should manually add string literals('quotes', "double quotes") in the Websense log lines. | 5.3.0 | - |
| Jan 20, 2021 |
RocksDB is not the default cache memory when MVISION Cloud Connector is upgraded from 5.0.1 to 5.3.0 version. As a workaround, you need to explicitly configure levelDB to RocksDB. |
5.3.0 | - |
| Jan 20, 2021 | Multiple log lines starting with comment line (#), cannot be skipped from processing into log parser. | 5.3.0 | - |
| Jan 20, 2021 | The Log Processing configuration wizard cannot process the Timestamp field input with space in between. | 5.3.0 | - |
| Jan 20, 2021 | Rules generated by the Log parser wizard for Timestamp field in a custom log may not work as expected sometimes. As a workaround, you need to generate rules manually. | 5.3.0 | - |
| Oct 20, 2020 | Installing multiple MVISION Cloud Connectors on the same directory is corrupting Cloud Connector properties. | 5.2.1 | - |
| Oct 20, 2020 | MVISION Cloud Connector fails to start while upgrading from => 4.1.0 version to any higher version with SMTP advanced properties. As a workaround, you can remove/delete the SMTP advanced properties before upgrading to the latest MVISION Cloud Connector version. | 5.2.1 | - |
| Sep 14, 2020 | File Rotation of the MapDBEncrypted.txt files cannot happen with the data export option enabled for mapdbtxt.enableMapDBTxtScheduler. | 5.2.0 | - |
| Sep 14, 2020 | The data from RocksDB cache and MapDBEntries/MapDBEncrypted.txt file are deleted only after Restart/Context Refresh in Cloud Connector. | 5.2.0 | - |
| Sep 14, 2020 | Syslog migrates the old properties if publishPeriodInMinutes property is not found in YAML. | 5.2.0 | - |