Troubleshooting
Problem
Setting the local region in the protocol parameters, and selecting the 'Assume IAM role' in log source configuration as the event collector is an EC2 instance, it's not honoring the regional VPC STS endpoint.
Symptom
The protocol is selecting the generic sts.amazonaws.com instead of the local regional STS. This default behavior is resolving a public IP address and cannot be set. There is no public interface to the generic sts.amazonaws.com endpoint in a private closed environment.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwt0AAA","label":"Log Source"}],"ARM Case Number":"TS013424688","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.5.0"}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
16 January 2024
UID
ibm17107257