Troubleshooting
Problem
Suddenly, the alert notification feature may not work.
Symptom
Triggered alerts are not notified via email, on the dashboard, or both.
Cause
First, check the following, and if all are OK, the problem may be due to RabbitMQ connection issue.
- In the "Alerts" section of the Notification Settings (Bell symbol in upper right corner of the screen) on the dashboard, "Email", "In-App", or both are checked (They are enabled).
- The SMTP Configuration of the Notification Settings is set correctly.
- No changes have been made to the associated mail servers settings and environment.
Environment
QRadar EDR On-premise
Diagnosing The Problem
If it is RabbitMQ connection issue, you can see the following message in the mustgather log:
[warning] <0.690624.0> client unexpectedly closed TCP connection
(...)
<0.692444.0> Channel error on connection <0.692385.0>
(...)
operation exchange.bind caused a channel exception not_found: no exchange 'maiaNewIncidents
This suggest that the connection to RabbitMQ was closed and then maia (Front-end component) tried to connect to the exchange using a new queue to receive messages about the new alert (AKA notifications), but was unsuccessful.
Resolving The Problem
To resolve this issue, login to the cluster with oc and restart maia by running the following command:
[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSS3Y22","label":"IBM Security QRadar Suite - EDR"},"ARM Category":[{"code":"a8m3p000000hBSAAA2","label":"Administrative Tasks"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Product Synonym
ReaQta
Was this topic helpful?
Document Information
Modified date:
26 May 2025
UID
ibm17233860