Version
This solution applies to all Carbon Black versions.

Issue

Following 'feed.ingress.hit.process' events, the subsequent 'feed.storage.hit.process' event is not observed. Note that Syslog events can be found in /var/log/messages or from /var/log/cb/notifications/cb-all-notifications.log for Watchlists on the Carbon Black Server. The 'feed.storage.hit' events are important, they indicate the data has been written to disk. An example feed.ingress.hit.process event:

Jan 23 11:18:07 [36618] <warning>  reason=feed.ingress.hit type=event ...

And the expected subsequent feed.storage.hit.process event that is not present:

Jan 23 11:44:12 [38873] <warning>  reason=feed.storage.hit type=event ...

Symptoms

The following error message may be observed in /var/log/cb/datastore/debug.log, where mycbserver.local is the server's physical host name:

2015-01-08 00:01:50,524 - [ERROR] - from com.carbonblack.cbfs.ingress_search.IngressScanner in DataStore::Storage_7

Error getting server name or version

java.net.UnknownHostException: mycbserver.local: mycbserver.local: Name or service not known

Solution

To resolve the issue, ensure the Carbon Black server can resolve it's own host name by updating the /etc/hosts file, such as:

127.0.0.1 mycbserver mycbserver.local localhost

::1 mycbserver mycbserver.local localhost

After making the above change, restart the services:

service cb-enterprise restart

Important Note(s)
The symptom my manifest itself in other ways besides unknown 'feed.storage.hit' events. If a similar "UnknownHostException" message appears in other logs, follow similar steps to ensure the Carbon Black Server can resolve it's own fully qualified domain name.