Troubleshooting
Problem
There are special characters that can not be used or need to be 'escaped' in XML files. An example of this would be the alert-config.xml document.
Cause
XML has five forbidden characters &, <, >, ', and "
Resolving The Problem
When these forbidden characters are used as part of URLs, they cause errors. In order to use these characters, you need to use XML escape mechanisms.
& is &
< is <
> is >
' is '
" is "
This example is a URL that works:
https://(IP)/#alerts/cb.urlver=1&b.fq.status=unresolved&cb.fq.hostname=${body.CustomProperty("Hostname")}&rows=10&sort=created_time%20desc&start=0 The & character will all translate to a literal ampersand symbol in your email.
This example is a URL that does not work:
https://(IP)/#alerts/cb.urlver=1&b.fq.status=unresolved&cb.fq.hostname=${body.CustomProperty("Hostname")}&rows=10&sort=created_time%20desc&start=0This causes the /opt/qradar/bin/runCustAlertValidator.sh script to fail with this error message:
[
Fatal Error] alert-config.xml:<linenumber>: The reference to entity "(Object directly after the ampersand" must end with the ';' delimiter.
Failed XML parser validation. XML document is not well formed.Where do you find more information?
[{"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Not Applicable","Platform":[{"code":"PF016","label":"Linux"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg22002587