Intrusion Prevention

  • 1.  IDP 600 Problem

    Posted 05-21-2015 08:29

    NSM Log

     

    Error Code:

    Error Text:
    Failed to update device: Failed to compile policy

    Error Details:
    Failed to get set name

     

    I find Kb27737

     

    I applied CLI command ps a | idpLogReader 

     

    [12:15:41] [Notice] Starting idpLogReader
    "ive.oneTimePassword" is missing in /usr/idp/device/cfg/idp.cfg!
    [12:15:41] [Error] failed to reterive OTP from cfg file
    [12:15:41] [Error] iveAgent_run: iveAgent_init() failed!
    [12:15:42] [Warning] Exiting iveAgent_fini()...
    [12:15:42] [Warning] shutting down IVEAgent thread
    [12:15:42] [Error] sc_dev_ioctl(SC_IOC_SET_LISTENER) failed
    [12:15:42] [Error] soLogReaderInit() failed
    [12:15:42] [Notice] Shutting down idpLogReader
    [12:15:42] [Notice] Exiting...

     

    I restart services but again when update from NSM to IDP , i have same error.

     

    Error Code:

    Error Text:
    Failed to update device: Failed to compile policy

    Error Details:
    Failed to get set name

     

     

    Can we help me please?

     

    Thanks in advance

    Regards



  • 2.  RE: IDP 600 Problem
    Best Answer

    Posted 05-26-2015 10:31

    Hi,

     

    The issue i feel related to source address object or the member of the group that no longer exists. Please to verify!!! can you do the following and post the output.

     

    Check the sciod logs in /usr/idp/device/var/sysinfo/logs during the time of policy push failure 

     

     

     

     

     

     

     

     

     

     

     

     



  • 3.  RE: IDP 600 Problem

    Posted 05-27-2015 06:23

    I check with this command but have not anything

    [root@defaulthost ~]# sciod logs in /usr/idp/device/var/sysinfo/logs
    [10:12:43] [Notice] Starting sciod
    [10:15:24] [Error] so_policy_load: sc_pc_compile() failed. The error message is:
    Failed to get set name



  • 4.  RE: IDP 600 Problem

    Posted 05-27-2015 11:23

    Hi Manu,

     

    What i mean to say, when you are pushing the policyfrom the nsm at that point of time use the command below exactly and post the output.

     

    open a putty session with your IDP device.

     

    1. Push policy from NSM 

    2. at same time use the below command in IDP commandline and post the output.

     

    # cat   /usr/idp/device/var/sysinfo/logs

    # less   /usr/idp/device/var/sysinfo/logs

     

     

    The output of both the commands remains same just for ur help.

     

    please post the output of the command  and please note nsm policy push time 

     



  • 5.  RE: IDP 600 Problem

    Posted 05-28-2015 03:39

    Hi,

     

    First go to the folder using "/usr/idp/device/var/sysinfo/logs " using the below command

     

     

    # cd   /usr/idp/device/var/sysinfo/logs

     

    if u press "LL"  or "ll"   you will see a list , out of those you will see a file starting with "sciod"

     

    what you need to do now, when u push the policy run the below command on console

     

    -logs)# cat  <sciod>

     

    and please post the output here.

     

    Regards./