Knowledge Base

Yes

Environment

EDR Clustered Servers: 7.x

Symptoms

Sensors check-in properly with the Primary server but the 'eventlog/reserve' and 'storefile/check' log entries in /var/log/cb/nginx/access.log result in HTTP 404.

Cause

The sensors attempting to reserve space on the EDR server, receive HTTP 404 as noted in /var/log/cb/nginx/access.logs because the ports are not properly configured.
In the EDR Console > Sensors > select a sensor and view the ports. The port does not match what is specified in /etc/cb/cb.conf or /etc/cb/nginx/conf.d/cb.multihome.conf

Resolution

Move the /etc/cb/nginx/conf.d/http.conf to /etc/cb/nginx/conf.d/http.conf.default. Restart nginx.

Additional Notes

EDR: How to customize the web UI port

Knowledge Base

EDR: All Sensor Reserves Result in HTTP 404

EDR: All Sensor Reserves Result in HTTP 404

Environment

Symptoms

Cause

Resolution

Additional Notes

EDR

Knowledge Base

EDR: All Sensor Reserves Result in HTTP 404

EDR: All Sensor Reserves Result in HTTP 404

Environment

Symptoms

Cause

Resolution

Additional Notes

EDR

Thank you for your feedback.

Thank you for your feedback.