SRX

Hi All,

I don't have IDP config in my template, could you suggest that another config should be removed in order to commit?

output:

# commit 
/var/db/idpd/sec-download/detector-capabilities.xml:4637: parser error : Char 0x0 out of allowed range
            <Parent>N
                     ^
/var/db/idpd/sec-download/detector-capabilities.xml:4637: parser error : Premature end of data in tag Parent line 4637
            <Parent>N
                     ^
/var/db/idpd/sec-download/detector-capabilities.xml:4637: parser error : Premature end of data in tag Context line 4631
            <Parent>N
                     ^
/var/db/idpd/sec-download/detector-capabilities.xml:4637: parser error : Premature end of data in tag Contexts line 382
            <Parent>N
                     ^
/var/db/idpd/sec-download/detector-capabilities.xml:4637: parser error : Premature end of data in tag DetectorCapabilities line 2
            <Parent>N
                     ^
<xnm:error xmlns="http://xml.juniper.net/xnm/1.1/xnm" xmlns:xnm="http://xml.juniper.net/xnm/1.1/xnm">
<source-daemon>idpd</source-daemon>
<edit-path>[edit groups junos-defaults security]</edit-path>
<statement>idp</statement>
<message>Please install the latest detector
</message>
</xnm:error>
error: configuration check-out failed

Thanks in advance.

Sounds like something got corrupted, or there may be some old IDP files downloaded. It's complaining about the system default IDP configuration (check what that is with >show configuration groups junos-defaults security idp).

You can try request security idp storage-cleanup commands to see if you can get the bad detector-capabilities.xml removed. You may be able to clean it up manually from a root shell, but that's a risk.