Troubleshooting
Problem
GeoLite2 data is required to resolve geographic locations from IP addresses in QRadar. As of 30 December 2019, a MaxMind account must be configured by the administrator in QRadar System Settings. The default userid and license key values can no longer be used to receive geographic data updates.
Symptom
Administrators who use the default userid and license value receive a '401 Unauthorized' error in QRadar when geographic data attempts to update. When this issue occurs, the geodata_update.sh utility displays the following error message:
[Example-console-lab#/]/opt/qradar/bin/geodata_update.sh
Result: 401 Unauthorized at /opt/qradar/bin/geoipupdate-pureperl.pl line 222, <$fh> line 37
Document Location
Worldwide
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Component":"Administration and Configuration","Platform":[{"code":"PF016","label":"Linux"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
30 June 2023
UID
ibm11172842