Data Export configuration change from a Guardium managed system's GUI fails with error

If a Data Export configuration change fails, make sure that the shared secret key is the same on the collector and aggregator.

Symptoms

You attempt to save new settings for the data export and get the error when you click Apply to save the configuration:
Please correct the following errors and try again:
A test data file could not be sent to this host with the parameters given. Please confirm the hostname or IP address is entered correctly, the host is online, the target directory exists and can be written to by the user given, and the password given is correct for that user.

Causes

Guardium attempts to log in with scp to the target host with the user and password that are specified in the Data Export configuration. Then, Guardium attempts to copy a test file to the target directory. The shared secret on this system does not match the Shared Secret on the aggregator you are trying to set this system to export to.

Environment

The Guardium configurations: collector and aggregator are affected.

Resolving the problem

Make sure that the shared secret key is the same on the collector and aggregator. You can use one of the following methods:

  1. If you know the shared secret on the aggregator, set the shared secret on the collector to the same value. You can use one of these methods:
    • From CLI: use command store system shared secret to set the Shared secret key
    • From GUI, set the shared secret key under Setup > System > System Configuration.
  2. Back up the current shared secret on the aggregator and restore it to the collector.
    • On the aggregator, run the CLI command.
      aggregator backup keys file <user@host:/path/filename>
      Parameters
      user@host:/path/filename 
      For the file transfer operation, specify a user, host, and full path name for the backup keys file. The user that you specify must have the authority to write to the specified directory.
    • On the collector, run this command to restore the shared secret key:
      aggregator restore keys file<user@host:/path/filename>
  3. Reset the shared secret for both appliances to be the same.
    Note: If you change the shared secret for the aggregator, you need to reset the shared secret for all other Guardium systems that export to it.