Access official resources from Carbon Black experts
Version
This solution applies to Carbon Black 5.0 and later.
Issue
When attempting to establish a new session From the Carbon Black UI (Respond -> _Go Live), a 404 error message is observed:
[CB Live]# session new 2
error: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 FINAL//EN">
<title>404 Not Found</title>
<h1>Not Found</h1>
[CB Live]#
When hovering over the "Go Live>_" button in the UI, the popup message is also present:
error: NOT FOUND-
The requested URL was not found on the server.
If you entered the URL manually please check your spelling and try again.
Cause
5.0 introduces new configuration for Nginx related to the Go Live feature. Following the upgrade and restarting the services, the User is prompted to reconcile the differences between the file /etc/cb/nginx/conf.d/cb.conf.rpmnew and the existing used .conf file (cb.conf or cb-multihome.conf). The 404 message indicates these steps were not completed.
Solution
To resolve the issue, insert the new endpoints "/sensor/cblr/" and "/api/v1/cblr/", specific to the CB Go Live feature:
1. For the default file: /etc/cb/nginx/conf.d/cb.conf:
server
{
[...]
# match everything to /sensor/cblr/*
location /sensor/cblr/ {
# Live Response sensor backend access layer
include /var/cb/nginx/props/nginx.runtime.cblr_sensor.proxy_pass.prop;
expires 0;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Client-Cert-Id $ssl_client_serial;
proxy_set_header X-Ssl-Protocol $ssl_protocol;
proxy_read_timeout 3600;
proxy_send_timeout 3600;
}
[...]
# match everything to /api/v1/cblr/*
location /api/v1/cblr/ {
# Live Response api backend access layer
include /var/cb/nginx/props/nginx.runtime.cblr_api.proxy_pass.prop;
include /var/cb/nginx/props/nginx.runtime.cblr_api.client_body_temp_path.prop;
expires 0;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Client-Cert-Id $ssl_client_serial;
proxy_set_header X-Ssl-Protocol $ssl_protocol;
proxy_read_timeout 3600;
proxy_send_timeout 3600;
client_max_body_size 0;
}
[...]
}
2. For the segmented UI & Sensor ports file: /etc/cb/nginx/conf.d/cb-multihome.conf:
server
{
# This server configuration is used for communications between the sensors
# and the server.
[...]
# match everything to /sensor/cblr/*
location /sensor/cblr/ {
# Live Response sensor backend access layer
include /var/cb/nginx/props/nginx.runtime.cblr_sensor.proxy_pass.prop;
expires 0;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Client-Cert-Id $ssl_client_serial;
proxy_set_header X-Ssl-Protocol $ssl_protocol;
proxy_read_timeout 3600;
proxy_send_timeout 3600;
}
}
server
{
# This server configuration is used for CB Enterprise Server's Web UI
[...]
# match everything to /api/v1/cblr/*
location /api/v1/cblr/ {
# Live Response api backend access layer
include /var/cb/nginx/props/nginx.runtime.cblr_api.proxy_pass.prop;
include /var/cb/nginx/props/nginx.runtime.cblr_api.client_body_temp_path.prop;
expires 0;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Client-Cert-Id $ssl_client_serial;
proxy_set_header X-Ssl-Protocol $ssl_protocol;
proxy_read_timeout 3600;
proxy_send_timeout 3600;
client_max_body_size 0;
}
[...]
}
Note: It is recommended to make the above changes to both cb.conf and cb-multihome.conf files in the case that the unused file is enabled in the future.
3. After including the above changes in cb.conf or cb-multihome.conf, restart the Nginx service:
service cb-nginx restart
Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.