IBM Support

IV98938: CLICKING THE RISKS TAB CAN GENERATE AN 'APPLICATION ERROR' IN SOME INSTANCES OF CONSOLE/QRM MANAGED HOST ENCRYPTION

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • It has been identified that an 'Application Error' message is
    generated when the Risks tab is clicked in instances where
    encryption is used between the Console and Risk Manager
    appliance and a firewall between them blocks ports 443 and 8082.
    
    The message appears similar to the following:
    "Application Error
    An error has occurred. Refresh your browser (press F5) and
    attempt the action again. If the problem persists, please
    contact customer support for assistance."
    
    Messages in /var/log/qradar.log when port 443 is blocked:
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]
    com.q1labs.srmconsole.util.WSUtil$WebClientProxy: [ERROR]
    [NOT:0000003000][127.0.0.1/- -] [-/- -]Error invoking method
    isTopologyReloading on the appliance; full error details in
    appliance log
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]
    com.q1labs.uiframeworks.action.ExceptionHandler: [ERROR]
    [NOT:0000003000][127.0.0.1/- -] [-/- -]An exception occurred
    while processing the request:
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]
    com.sun.xml.ws.client.ClientTransportException: HTTP transport
    error: java.net.SocketTimeoutException: connect timed out
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutp
    ut(HttpClientTransport.java:132)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(H
    ttpTransportPipe.java:153)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRe
    quest(HttpTransportPipe.java:94)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(De
    ferredTransportPipe.java:89)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.client.Stub.process(Stub.java:222)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:135)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHan
    dler.java:109)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHan
    dler.java:89)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:118)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.proxy.$Proxy114.isTopologyReloading(Unknown Source)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessor
    Impl.java:95)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod
    AccessorImpl.java:56)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    java.lang.reflect.Method.invoke(Method.java:620)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.q1labs.srmconsole.util.WSUtil$WebClientProxy.invoke(WSUtil.j
    ava:68)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.sun.proxy.$Proxy114.isTopologyReloading(Unknown Source)
    [tomcat] [admin@127.0.0.1 (4290)
    /console/do/120/networkTopology]    at
    com.q1labs.srmconsole.services.UINetworkTopologyServices.isTopol
    ogyReloading(UINetworkTopologyServices.java:165)
    
    and when port 8082 is blocked:
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]
    com.q1labs.simulator.device.DeviceServices: [ERROR]
    [NOT:0000003000][127.0.0.1/- -] [-/- -]Failed to query ziptie
    server for device list status check:
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]
    com.sun.xml.ws.client.ClientTransportException: HTTP transport
    error: java.net.ConnectException: Connection timed out
    (Connection timed out)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutp
    ut(HttpClientTransport.java:132)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(H
    ttpTransportPipe.java:153)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRe
    quest(HttpTransportPipe.java:94)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(De
    ferredTransportPipe.java:89)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.client.Stub.process(Stub.java:222)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:135)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHan
    dler.java:109)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHan
    dler.java:89)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:118)
    [tomcat] [admin@127.0.0.1 (4480)
    /console/do/120/networkTopology]    at
    com.sun.proxy.$Proxy110.getDevicesWithErrors(Unknown Source)
    

Local fix

  • Configure appropriate firewall to allow communication between
    the Console and Risk Manager appliance on ports 443 and 8082
    when encryption is enabled between these appliances.
    

Problem summary

  • This issue was fixed in QRadar QRM QVM release of 7.4.3.
    

Problem conclusion

  • This issue was fixed in QRadar QRM QVM release of 7.4.3.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV98938

  • Reported component name

    QR RISK MANAGER

  • Reported component ID

    5725QRMSW

  • Reported release

    728

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2017-08-10

  • Closed date

    2021-05-25

  • Last modified date

    2021-05-25

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    QR RISK MANAGER

  • Fixed component ID

    5725QRMSW

Applicable component levels

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQQU","label":"IBM Security QRadar Risk Manager"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"728"}]

Document Information

Modified date:
26 May 2021