Troubleshooting SEC Onboarding Failures
These troubleshooting topics describes many different symptoms related to Secure Event Connector (SEC) onboarding failure.
SEC on-boarding failed
Symptom: SEC on-boarding failed.
Repair: Remove the SEC and onboard it again.
If you receive this error:
-
Remove the Secure Event Connector and its files from the virtual machine container.
-
Update your Secure Device Connector. Ordinarily, the SDC is updated automatically and you should not have to use this procedure but this procedure is useful in cases of troubleshooting.
Tip | Always use the copy link to copy the bootstrap data when on-boarding an SEC. |
Note | If this procedure does not correct the problem, gather the troubleshooting logs and contact your Managed Service Provider or the Cisco Technical Assistance Center. |
SEC Bootstrap data not provided
Message: ERROR cannot bootstrap Secure Event Connector, bootstrap data not provided, exiting.
[sdc@localhost ~]$ /usr/local/cdo/toolkit/sec.sh setup
Please input the bootstrap data from Setup Secure Event Connector page of CDO:
[2020-06-10 04:37:26] ERROR cannot bootstrap Secure Event Connector, bootstrap data not provided, exiting.
Diagnosis: Boostrap data was not entered into the setup script when prompted.
Repair: Provide the SEC bootstrap data generated in Security Cloud Control UI when prompted for the bootstrap data input when onboarding.
Bootstrap config file does not exist
Message: ERROR Cannot bootstrap Secure Event Connector for tenant: <tenant_name>, bootstrap config file ("/usr/local/Security Cloud Control/es_bootstrapdata") does not exist, exiting.
Diagnosis: SEC Bootstrap data file("/usr/local/Security Cloud Control/es_bootstrapdata") is not present.
Repair:Place the SEC bootstrap data generated in Security Cloud Control UI onto the file /usr/local/Security Cloud Control/es_bootstrapdata and try onboarding again.
-
Repeat onboarding procedure.
-
Copy the bootstrap date.
-
Log into the SEC VM as the 'sdc' user.
-
Place the SEC bootstrap data generated in Security Cloud Control UI onto the file /usr/local/Security Cloud Control/es_bootstrapdata and try onboarding again.
Decoding bootstrap data failed
Message: ERROR cannot bootstrap Secure Event Connector for tenant: <tenant_name>, faile to decode SEC boostrap data, exiting.
[sdc@localhost ~]$ /usr/local/cdo/toolkit/sec.sh setup
base64: invalid input
[2020-06-10 04:37:26] ERROR cannot bootstrap Secure Event Connector for tenant: tenant_XYZ, failed to decode SEC bootstrap data, exiting.
Diagnosis: Decoding bootstrap data failed
Repair: Regenerate SEC bootstrap data and try onboarding again.
Bootstrap data does not have required information to onboard SEC
Messages:
-
ERROR cannot bootstrap Secure Event Connector container for tenant, the Security Services Exchange FQDN not set, exiting.
-
ERROR cannot bootstrap Secure Event Connector container for tenant, the Security Services Exchange OTP not set, exiting.
[sdc@localhost ~]$ /usr/local/cdo/toolkit/sec.sh setup
[2020-06-10 04:37:26] ERROR cannot bootstrap Secure Event Connector for tenant: Security Services
Exchange FQDN not set, exiting.
[sdc@localhost ~]$ /usr/local/cdo/toolkit/sec.sh setup
[2020-06-10 04:37:26] ERROR cannot bootstrap Secure Event Connector for tenant: Security Services
Exchange FQDN not set, exiting.
Diagnosis: Bootstrap data does not have required information to onboard SEC
Repair: Regenerate bootstrapdata and try onboarding again.
Toolkit cron currently running
Message: ERROR SEC toolkit already running, exiting.
[sdc@localhost ~]$ /usr/local/cdo/toolkit/sec.sh setup
[2020-06-10 04:37:26] ERROR SEC toolkit already running.
Diagnosis: Toolkit cron currently running.
Repair: Retry onboarding command again.
Adequate CPU and memory not available
Message: ERROR unable to setup Secure Event Connector, minimum 4 cpus and 8 GB ram required, exiting.
[sdc@localhost ~]$ /usr/local/cdo/toolkit/sec.sh setup
[2020-06-10 04:37:26] ERROR unable to setup Secure Event Connector, minimum 4 cpus and 8 GB ram required, exiting.
Diagnosis: Adequate CPU and memory not available.
Repair: Ensure minimum of 4 CPUs and 8 GB RAM are provisioned exclusively for SEC on your VM and try onboarding again.
SEC already running
Message: ERROR Secure Event Connector already running, execute 'cleanup' before onboarding a new Secure Event Connector, exiting.
[sdc@localhost ~]$ /usr/local/cdo/toolkit/sec.sh setup
[2020-06-10 04:37:26] ERROR Secure Event Connector already running, execute 'cleanup' before onboarding a new Secure Event Connector, exiting.
Diagnosis: SEC already running.
Repair: Run SEC cleanup command before onboarding a new SEC.
SEC domain unreachable
Messages:
-
Failed connect to api-sse.cisco.com:443; Connection refused
-
ERROR unable to setup Secure Event Connector, domain api-sse.cisco.com unreachable, exiting.
[sdc@localhost ~]$ /usr/local/cdo/toolkit/sec.sh setup
curl: (7) Failed connect to api-sse.cisco.com:443; Connection refused
[2020-06-10 04:37:26] ERROR unable to setup Secure Event Connector, domain api-sse.cisco.com unreachable, exiting.
Diagnosis: SEC domain unreachable
Repair: Ensure the on-premise SDC has Internet connectivity and try onboarding again.
Onboarding SEC command succeeded without errors, but SEC docker container is not up
Symptom: Onboarding SEC command succeeded without errors, but SEC docker container is not up
Diagnosis: Onboarding SEC command succeeded without errors, but SEC docker container is not up
Repair:
-
Log in to the SEC as the 'sdc' user.
-
Check for any errors in SEC docker container startup logs(/usr/local/Security Cloud Control/data/<tenantDir>/event_streamer/logs/startup.log).
-
If so, run SEC cleanup command and try onboarding again.
Contact Security Cloud Control Support
If none of these scenarios match yours, open a case with Cisco Technical Assistance Center.