IBM Support

IJ28648: QRADAR APPS CAN FAIL TO LOAD DUE TO THE QRADARCA-MONITOR SERVICE BEING IN A STUCK STATE

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • QRadar Apps can fail to load if the qradarca-monitor service is
    in a stuck state of activating.
    This issue can also cause the failure of new app installations,
    app deletions, and app upgrades.
    Messages similar to the following might be visible in
    /var/log/qradar.log when this issue occurs:
    bash[55538]: goroutine 1 [chan receive, 44478 minutes]:
    bash[55538]:
    path/pi/si-qradarca/vendor/golang.org/x/crypto/ssh.(*mux).openCh
    annel(0xc42018ccb0, 0x766c05, 0x7, 0x0, 0x0, 0x0, 0x20002,
    0xc4201341e4, 0xc4201341e0)
    bash[55538]:
    /builds/pi/si-qradarca/.gogradle/project_gopath/src/path/pi/si-q
    radarca/vendor/golang.org/x/crypto/ssh/mux.go:322 +0x1f2
    bash[55538]:
    path/pi/si-qradarca/vendor/golang.org/x/crypto/ssh.(*mux).OpenCh
    annel(0xc42018ccb0, 0x766c05, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0,
    0x0, 0x0, ...)
    bash[55538]:
    /builds/pi/si-qradarca/.gogradle/project_gopath/src/path/pi/si-q
    radarca/vendor/golang.org/x/crypto/ssh/mux.go:298 +0x64
    bash[55538]:
    path/pi/si-qradarca/vendor/golang.org/x/crypto/ssh.(*Client).New
    Session(0xc42018f800, 0x3, 0xc4202888d0, 0x10)
    bash[55538]:
    /builds/pi/si-qradarca/.gogradle/project_gopath/src/path/pi/si-q
    radarca/vendor/golang.org/x/crypto/ssh/client.go:130 +0x67
    bash[55538]:
    path/pi/si-qradarca/localca.connectToHost(0x76616e, 0x4,
    0xc420165119, 0xd, 0x4ae499, 0x3, 0xc42030c000, 0x65)
    bash[55538]:
    /builds/pi/si-qradarca/.gogradle/project_gopath/src/path/pi/si-q
    radarca/localca/util.go:320 +0x356
    bash[55538]:
    path/pi/si-qradarca/localca.CheckRemoteFileExists(0x76616e,
    0x4, 0xc420163360, 0x20, 0xc420165119, 0xd, 0x0, 0x0, 0x0)
    bash[55538]:
    /builds/pi/si-qradarca/.gogradle/project_gopath/src/path/pi/si-q
    radarca/localca/remote.go:63 +0x85
    bash[55538]:
    path/pi/si-qradarca/localca.checkCertificateOnRemote(0xc42016511
    9, 0xd, 0xc42015bce0, 0x9, 0xc420163340, 0x12, 0xc42015bcf0,
    0x9, 0x7660ca, 0x4, ...)
    

Local fix

  • No workaround available.
    APARs identified with no workaround may require asoftware
    delivery to resolve. This reported issue will be considered for
    a future release and administrators can subscribe to the APAR
    to get updates by clicking on the Subscribe button on the right
    side of this page or ask a question about this APAR in our
    Support Forums.
    https://ibm.biz/qradarforums
    

Problem summary

  • This issue was fixed in QRadar QRM QVM release of 7.4.3 and
    7.3.3 FixPack 9.
    

Problem conclusion

  • This issue was fixed in QRadar QRM QVM release of 7.4.3 and
    7.3.3 FixPack 9.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IJ28648

  • Reported component name

    QRADAR SOFTWARE

  • Reported component ID

    5725QRDSW

  • Reported release

    740

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2020-10-09

  • Closed date

    2021-05-25

  • Last modified date

    2021-07-23

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    QRADAR SOFTWARE

  • Fixed component ID

    5725QRDSW

Applicable component levels

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM QRadar SIEM"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"740"}]

Document Information

Modified date:
24 July 2021