IBM Support

IJ31842: RUNNING API QUERIES AGAINST QVM SCANNERS CAN TIMEOUT AND FAIL WITH A RESPONSE CODE 500

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • Attempting to run API queries against QRadar Vulnerability
    Manager (QVM) scanners can become unresponsive, timeout and
    fail with a response code of 500.
    For example:
    curl -S -X GET -u <user> -H 'Version: 12.1' -H 'Accept:
    application/json' 'https://<console IP>/api/scanner/profiles'
    {
    "http_response": {
    "code": 500,
    "message": "Unexpected internal server error"
    },
    "code": 12,
    "description": "",
    "details": {},
    "message": "Endpoint invocation returned an unexpected error"
    

Local fix

  • Performing a hostcontext restart on the QRadar console can
    temporarily (for approximately 30 minutes) correct this issue.
    Note: Restarting hostcontext causes an interruption to some
    QRadar functionality.  See this technote for more information -
    https://www.ibm.com/support/pages/qradar-hostcontext-service-and
    -impact-service-restart
    

Problem summary

  • This issue was fixed in QRadar QRM QVM release of 7.3.3 FixPack
    8, 7.4.2 FixPack 3 and 7.4.3.
    

Problem conclusion

  • This issue was fixed in QRadar QRM QVM release of 7.3.3 FixPack
    8, 7.4.2 FixPack 3 and 7.4.3.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IJ31842

  • Reported component name

    QR VULNERABILIT

  • Reported component ID

    5725QVMSW

  • Reported release

    742

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2021-03-29

  • Closed date

    2021-05-27

  • Last modified date

    2021-05-27

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    QR VULNERABILIT

  • Fixed component ID

    5725QVMSW

Applicable component levels

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSHLPS","label":"IBM Security QRadar Vulnerability Manager"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"742"}]

Document Information

Modified date:
28 May 2021