Hi Mark,
Currently, I faced some another issue.
Please find the attached current error logs.
Thanks & Regards,Muhammad Farhan------------------------------
Farhan Saleem
------------------------------
Original Message:
Sent: Thu June 30, 2022 10:30 AM
From: Mark Scherfling
Subject: IBM Resilient connection error of fn_misp.
I see this error: User d688e07c-2557-435f-910c-8749645414ef is not authorized to read from queue://actions.202.fn_misp
Make sure to include this api_key in the list of users/api keys allowed to access the Misp Message destination (see Customization Settings).
------------------------------
Mark Scherfling
Original Message:
Sent: Thu June 30, 2022 10:22 AM
From: Farhan Saleem
Subject: IBM Resilient connection error of fn_misp.
Hi Mark,
Thank you so much for your response to my request.
Please find the below LOGS regrading this issue.
Current Pod Status:
PodStatus(conditions=[PodCondition(lastProbeTime=null, lastTransitionTime=2022-06-29T11:03:56Z, message=null, reason=null, status=True, type=Initialized, additionalProperties={}), PodCondition(lastProbeTime=null, lastTransitionTime=2022-06-29T11:03:58Z, message=null, reason=null, status=True, type=Ready, additionalProperties={}), PodCondition(lastProbeTime=null, lastTransitionTime=2022-06-29T11:03:58Z, message=null, reason=null, status=True, type=ContainersReady, additionalProperties={}), PodCondition(lastProbeTime=null, lastTransitionTime=2022-06-29T11:03:56Z, message=null, reason=null, status=True, type=PodScheduled, additionalProperties={})], containerStatuses=[ContainerStatus(containerID=containerd://2af9c7c316815b6883f6bee703e9113350645aa007e82c2b66bff7945b7bd787, image=quay.io/ibmresilient/fn_misp:3.0.1, imageID=quay.io/ibmresilient/fn_misp@sha256:6f55b30d58fc0b2ef7f619b8c8d52f3bd527aac66e5f221c633cfb790e4765d7, lastState=ContainerState(running=null, terminated=null, waiting=null, additionalProperties={}), name=482572da-055b-4ac0-854a-94f601de810c, ready=true, restartCount=0, started=true, state=ContainerState(running=ContainerStateRunning(startedAt=2022-06-29T11:03:57Z, additionalProperties={}), terminated=null, waiting=null, additionalProperties={}), additionalProperties={})], ephemeralContainerStatuses=[], hostIP=192.168.16.244, initContainerStatuses=[], message=null, nominatedNodeName=null, phase=Running, podIP=10.42.0.222, podIPs=[PodIP(ip=10.42.0.222, additionalProperties={})], qosClass=BestEffort, reason=null, startTime=2022-06-29T11:03:56Z, additionalProperties={})
Logs:
------------------------
Environment:
Python Version: 3.9.7 (default, Sep 13 2021, 08:18:39)
[GCC 8.5.0 20210514 (Red Hat 8.5.0-3)]
Installed packages:
attrs: 20.3.0
beautifulsoup4: 4.11.1
bs4: 0.0.1
cachetools: 5.2.0
certifi: 2020.12.5
cffi: 1.14.5
chardet: 4.0.0
charset-normalizer: 2.0.4
circuits: 3.2.2
cryptography: 3.4.6
Deprecated: 1.2.13
filelock: 3.2.1
fn-misp: 3.0.1
idna: 2.10
importlib-metadata: 4.11.4
jeepney: 0.8.0
Jinja2: 3.1.2
jsonschema: 3.2.0
keyring: 23.5.1
MarkupSafe: 2.1.1
pip: 22.1.2
pycparser: 2.20
pymisp: 2.4.140
pyrsistent: 0.17.3
PySocks: 1.7.1
python-dateutil: 2.8.1
pytz: 2022.1
requests: 2.27.1
requests-mock: 1.8.0
requests-toolbelt: 0.9.1
resilient: 45.0.3150
resilient-circuits: 45.0.3150
resilient-lib: 45.0.3150
SecretStorage: 3.3.1
setuptools: 62.3.3
six: 1.16.0
soupsieve: 2.2
stompest: 2.3.0
typing-extensions: 3.7.4.3
urllib3: 1.26.4
watchdog: 2.1.8
wrapt: 1.12.1
zipp: 3.4.1
###############
2022-06-29 11:03:58,429 INFO [app] Configuration file: /etc/rescircuits/app.config
2022-06-29 11:03:58,429 INFO [app] Resilient server: soar.jubileelife.com
2022-06-29 11:03:58,429 INFO [app] Resilient api key id: d688e07c-2557-435f-910c-8749645414ef
2022-06-29 11:03:58,430 INFO [app] Resilient org: Jubilee Life, com.
2022-06-29 11:03:58,430 INFO [app] Logging Level: DEBUG
2022-06-29 11:03:58,430 DEBUG [actions_component] create idle timer
2022-06-29 11:03:58,432 DEBUG [connectionpool] Starting new HTTPS connection (1): soar.jubileelife.com:443
2022-06-29 11:03:58,516 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/session HTTP/1.1" 200 None
2022-06-29 11:03:58,518 INFO [co3base] Using org name: Jubilee Life, com.
2022-06-29 11:03:58,518 DEBUG [co3] {
"orgs": [
{
"id": 202,
"name": "Jubilee Life, com.",
"addr": null,
"addr2": null,
"city": null,
"state": null,
"zip": null,
"attachments_enabled": true,
"final_phase_required": false,
"tasks_private": false,
"has_saml": false,
"require_saml": false,
"twofactor_auth_domain": null,
"has_available_twofactor": false,
"authorized_ldap_group": "cn=dtnsp - security operations center,ou=mailing group,dc=jubileelife,dc=com",
"supports_ldap": true,
"incident_deletion_allowed": true,
"configuration_type": "standard",
"parent_org": null,
"session_timeout": 1200,
"last_modified_by": {
"id": 20,
"type": "user",
"name": "admin@jubileehealth.com",
"display_name": "JLI Admin"
},
"last_modified_time": 1656404873510,
"uuid": "b8d30454-bf5c-4ce5-a15f-405e50d72282",
"timezone": null,
"cloud_account": null,
"perms": null,
"effective_permissions": [],
"role_handles": [],
"enabled": true,
"twofactor_cookie_lifetime_secs": 0
}
],
"password_expiration_date": 1688035554452,
"api_key_handle": 27,
"client_id": "d688e07c-2557-435f-910c-8749645414ef",
"display_name": "MISP TEST"
}
2022-06-29 11:03:59,002 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/orgs/202 HTTP/1.1" 200 None
2022-06-29 11:03:59,107 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/orgs/202/types/incident/fields HTTP/1.1" 200 None
2022-06-29 11:03:59,204 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/orgs/202/types/actioninvocation/fields HTTP/1.1" 200 None
2022-06-29 11:03:59,298 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/orgs/202/actions HTTP/1.1" 200 None
2022-06-29 11:03:59,301 DEBUG [actions_component] num_workers set to 10
2022-06-29 11:03:59,309 INFO [app] Components auto-load directory: (none)
2022-06-29 11:03:59,416 DEBUG [decorators] @function <function FunctionComponent._misp_create_attribute_function at 0x7f7d2c7e4430>
2022-06-29 11:03:59,421 DEBUG [decorators] @function <function FunctionComponent._misp_create_event_function at 0x7f7d2c7e4700>
2022-06-29 11:03:59,426 DEBUG [decorators] @function <function FunctionComponent._misp_create_sighting_function at 0x7f7d2c7e4940>
2022-06-29 11:03:59,430 DEBUG [decorators] @function <function FunctionComponent._misp_create_tag_function at 0x7f7d2c7e4c10>
2022-06-29 11:03:59,434 DEBUG [decorators] @function <function FunctionComponent._misp_search_attribute_function at 0x7f7d2c7e4ee0>
2022-06-29 11:03:59,438 DEBUG [decorators] @function <function FunctionComponent._misp_sighting_list_function at 0x7f7d2c7f51f0>
2022-06-29 11:03:59,439 INFO [component_loader] Loading 6 components
2022-06-29 11:03:59,439 INFO [component_loader] 'fn_misp.components.misp_create_attribute.FunctionComponent' loading
2022-06-29 11:03:59,516 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/orgs/202/functions/misp_create_attribute?handle_format=names HTTP/1.1" 200 None
2022-06-29 11:03:59,587 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/orgs/202/types/__function/fields HTTP/1.1" 200 None
2022-06-29 11:03:59,590 DEBUG [actions_component] @function handler names: ['misp_create_attribute']
2022-06-29 11:03:59,590 DEBUG [component_loader] 'fn_misp.components.misp_create_attribute.FunctionComponent' loaded
2022-06-29 11:03:59,591 INFO [component_loader] 'fn_misp.components.misp_create_event.FunctionComponent' loading
2022-06-29 11:03:59,654 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/orgs/202/functions/misp_create_event?handle_format=names HTTP/1.1" 200 None
2022-06-29 11:03:59,656 DEBUG [actions_component] @function handler names: ['misp_create_event']
2022-06-29 11:03:59,656 DEBUG [component_loader] 'fn_misp.components.misp_create_event.FunctionComponent' loaded
2022-06-29 11:03:59,656 INFO [component_loader] 'fn_misp.components.misp_create_sighting.FunctionComponent' loading
2022-06-29 11:03:59,721 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/orgs/202/functions/misp_create_sighting?handle_format=names HTTP/1.1" 200 None
2022-06-29 11:03:59,723 DEBUG [actions_component] @function handler names: ['misp_create_sighting']
2022-06-29 11:03:59,724 DEBUG [component_loader] 'fn_misp.components.misp_create_sighting.FunctionComponent' loaded
2022-06-29 11:03:59,724 INFO [component_loader] 'fn_misp.components.misp_create_tag.FunctionComponent' loading
2022-06-29 11:03:59,792 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/orgs/202/functions/misp_create_tag?handle_format=names HTTP/1.1" 200 None
2022-06-29 11:03:59,794 DEBUG [actions_component] @function handler names: ['misp_create_tag']
2022-06-29 11:03:59,795 DEBUG [component_loader] 'fn_misp.components.misp_create_tag.FunctionComponent' loaded
2022-06-29 11:03:59,795 INFO [component_loader] 'fn_misp.components.misp_search_attribute.FunctionComponent' loading
2022-06-29 11:03:59,872 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/orgs/202/functions/misp_search_attribute?handle_format=names HTTP/1.1" 200 None
2022-06-29 11:03:59,874 DEBUG [actions_component] @function handler names: ['misp_search_attribute']
2022-06-29 11:03:59,874 DEBUG [component_loader] 'fn_misp.components.misp_search_attribute.FunctionComponent' loaded
2022-06-29 11:03:59,874 INFO [component_loader] 'fn_misp.components.misp_sighting_list.FunctionComponent' loading
2022-06-29 11:03:59,961 DEBUG [connectionpool] https://soar.jubileelife.com:443 "GET /rest/orgs/202/functions/misp_sighting_list?handle_format=names HTTP/1.1" 200 None
2022-06-29 11:03:59,963 DEBUG [actions_component] @function handler names: ['misp_sighting_list']
2022-06-29 11:03:59,964 DEBUG [component_loader] 'fn_misp.components.misp_sighting_list.FunctionComponent' loaded
2022-06-29 11:03:59,964 DEBUG [debugger] <registered[*] (<Debugger/* 8:MainThread (queued=0) [S]>, <App/* 8:MainThread (queued=14) [R]> )>
2022-06-29 11:03:59,965 DEBUG [debugger] <registered[*] (<FunctionComponent/* 8:MainThread (queued=0) [S]>, <ComponentLoader/loader 8:MainThread (queued=0) [S]> )>
2022-06-29 11:03:59,966 INFO [actions_component] 'fn_misp.components.misp_create_attribute.FunctionComponent' function 'misp_create_attribute' registered to 'fn_misp'
2022-06-29 11:03:59,966 DEBUG [debugger] <registered[*] (<Timer/* 8:MainThread (queued=0) [S]>, <Actions/* 8:MainThread (queued=0) [S]> )>
2022-06-29 11:03:59,967 DEBUG [debugger] <registered[*] (<FunctionComponent/* 8:MainThread (queued=0) [S]>, <ComponentLoader/loader 8:MainThread (queued=0) [S]> )>
2022-06-29 11:03:59,967 INFO [actions_component] 'fn_misp.components.misp_create_event.FunctionComponent' function 'misp_create_event' registered to 'fn_misp'
2022-06-29 11:03:59,967 DEBUG [debugger] <registered[*] (<Timer/* 8:MainThread (queued=0) [S]>, <Actions/* 8:MainThread (queued=0) [S]> )>
2022-06-29 11:03:59,967 DEBUG [debugger] <registered[*] (<Actions/* 8:MainThread (queued=0) [S]>, <App/* 8:MainThread (queued=9) [R]> )>
2022-06-29 11:03:59,968 DEBUG [actions_component] STOMP TLS validation with certificate file: /etc/rescircuits/cert.cer
2022-06-29 11:03:59,969 INFO [stomp_component] Connect to soar.jubileelife.com:65001
2022-06-29 11:03:59,970 DEBUG [stomp_component] Stomp uri: failover:(ssl://soar.jubileelife.com:65001)?maxReconnectAttempts=3,startupMaxReconnectAttempts=3
2022-06-29 11:03:59,970 DEBUG [debugger] <registered[loader] (<ComponentLoader/loader 8:MainThread (queued=0) [S]>, <App/* 8:MainThread (queued=10) [R]> )>
2022-06-29 11:03:59,971 DEBUG [debugger] <registered[functionworker] (<FunctionWorker/functionworker 8:MainThread (queued=0) [S]>, <Actions/* 8:MainThread (queued=0) [S]> )>
2022-06-29 11:03:59,971 DEBUG [debugger] <registered[*] (<FunctionComponent/* 8:MainThread (queued=0) [S]>, <ComponentLoader/loader 8:MainThread (queued=0) [S]> )>
2022-06-29 11:03:59,972 INFO [actions_component] 'fn_misp.components.misp_create_sighting.FunctionComponent' function 'misp_create_sighting' registered to 'fn_misp'
2022-06-29 11:03:59,972 DEBUG [debugger] <started[*] (<App/* 8:MainThread (queued=7) [R]> )>
2022-06-29 11:03:59,972 INFO [app] App Started
2022-06-29 11:03:59,972 DEBUG [debugger] <registered[*] (<FunctionComponent/* 8:MainThread (queued=0) [S]>, <ComponentLoader/loader 8:MainThread (queued=0) [S]> )>
2022-06-29 11:03:59,973 INFO [actions_component] 'fn_misp.components.misp_create_tag.FunctionComponent' function 'misp_create_tag' registered to 'fn_misp'
2022-06-29 11:03:59,974 DEBUG [debugger] <registered[*] (<FunctionComponent/* 8:MainThread (queued=0) [S]>, <ComponentLoader/loader 8:MainThread (queued=0) [S]> )>
2022-06-29 11:03:59,974 INFO [actions_component] 'fn_misp.components.misp_search_attribute.FunctionComponent' function 'misp_search_attribute' registered to 'fn_misp'
2022-06-29 11:03:59,975 DEBUG [debugger] <registered[*] (<FunctionComponent/* 8:MainThread (queued=0) [S]>, <ComponentLoader/loader 8:MainThread (queued=0) [S]> )>
2022-06-29 11:03:59,975 INFO [actions_component] 'fn_misp.components.misp_sighting_list.FunctionComponent' function 'misp_sighting_list' registered to 'fn_misp'
2022-06-29 11:03:59,975 DEBUG [debugger] <load_all_success[loader] ( )>
2022-06-29 11:03:59,975 INFO [app] Components loaded
2022-06-29 11:03:59,977 DEBUG [app] Components:
<App/* 8:MainThread (queued=2) [R]>
load_all_failure/*
config_logging/*
started/*
reload_opts/*
do_initialization/*
stopped/*
load_all_success/*
<Actions/* 8:MainThread (queued=0) [S]>
Connect_success/*
reload/*, *
registered/*
SelftestTerminateEvent/*
exception/*
Connected/*
subscribe_to_all/*
retry_failed_deliveries/*
idle_reset/*
Ack_success/*
Send_success/*
Send_failure/*
signal/*
Ack_failure/*
load_all_success/*
prepare_unregister/*
Message/*
HeartbeatTimeout/*
Disconnected/*
StatusMessageEvent/*
reconnect/*
OnStompError/*
FunctionErrorEvent/*
<Timer/* 8:MainThread (queued=0) [S]>
generate_events/*
<StompClient/stomp 8:MainThread (queued=0) [S]>
generate_events/*
Unsubscribe/*
ClientHeartbeat/*
Connect/*
Send/*
Subscribe/*
Ack/*
Disconnect/*
ServerHeartbeat/*
Message/*
<Timer/* 8:MainThread (queued=0) [S]>
generate_events/*
<FunctionWorker/functionworker 8:MainThread (queued=0) [S]>
stopped/*
task/*
signal/*
unregistered/*
<Debugger/* 8:MainThread (queued=0) [S]>
exception/*
signal/*
<ComponentLoader/loader 8:MainThread (queued=0) [S]>
load_complete/*
exception/loader
load/*
<FunctionComponent/* 8:MainThread (queued=0) [S]>
misp_create_attribute/functions.misp_create_attribute
reload/*, *
<FunctionComponent/* 8:MainThread (queued=0) [S]>
reload/*, *
misp_sighting_list/functions.misp_sighting_list
<FunctionComponent/* 8:MainThread (queued=0) [S]>
reload/*, *
misp_create_sighting/functions.misp_create_sighting
<FunctionComponent/* 8:MainThread (queued=0) [S]>
misp_create_tag/functions.misp_create_tag
reload/*, *
<FunctionComponent/* 8:MainThread (queued=0) [S]>
misp_create_event/functions.misp_create_event
reload/*, *
<FunctionComponent/* 8:MainThread (queued=0) [S]>
misp_search_attribute/functions.misp_search_attribute
reload/*, *
2022-06-29 11:03:59,977 DEBUG [debugger] <registered[stomp] (<StompClient/stomp 8:MainThread (queued=0) [S]>, <Actions/* 8:MainThread (queued=0) [S]> )>
2022-06-29 11:03:59,977 DEBUG [debugger] <reconnect[*] ( subscribe=False)>
2022-06-29 11:04:00,078 INFO [actions_component] STOMP attempting to connect
2022-06-29 11:04:00,079 DEBUG [debugger] <Connect[*] ()>
2022-06-29 11:04:00,079 INFO [stomp_component] Connect to Stomp...
2022-06-29 11:04:00,080 INFO [client] Connecting to soar.jubileelife.com:65001 ...
2022-06-29 11:04:00,080 DEBUG [stomp_transport] stomp_transport.connect()
2022-06-29 11:04:00,138 INFO [client] Connection established
2022-06-29 11:04:00,139 DEBUG [client] Sending CONNECT frame [headers={'login': 'd688e07c-2557-435f-910c-8749645414ef', '*** 'accept-version': '1.0,1.1,1.2', 'host': '', 'heart-beat': '0,15000'}, version=1.2]
2022-06-29 11:04:00,230 DEBUG [client] Received CONNECTED frame [headers={'version': '1.2', 'session': 'ID:resilient.localdomain-37256-1654766743402-4:139', 'heart-beat': '15000,0', 'server': 'ActiveMQ/5.15.14'}, version=1.2]
2022-06-29 11:04:00,230 INFO [client] Connected to stomp broker [session=ID:resilient.localdomain-37256-1654766743402-4:139, version=1.2]
2022-06-29 11:04:00,231 DEBUG [stomp_component] State after Connection Attempt: connected
2022-06-29 11:04:00,231 INFO [stomp_component] Connected to failover:(ssl://soar.jubileelife.com:65001)?maxReconnectAttempts=3,startupMaxReconnectAttempts=3
2022-06-29 11:04:00,231 INFO [stomp_component] Client HB: 0 Server HB: 15000
2022-06-29 11:04:00,232 INFO [stomp_component] No Client heartbeats will be sent
2022-06-29 11:04:00,232 INFO [stomp_component] Requested heartbeats from server.
2022-06-29 11:04:00,234 DEBUG [client] Received heart-beat
2022-06-29 11:04:00,234 DEBUG [debugger] <Connected[stomp] ()>
2022-06-29 11:04:00,235 INFO [actions_component] STOMP connected.
2022-06-29 11:04:00,235 DEBUG [debugger] <registered[*] (<Timer/* 8:MainThread (queued=0) [S]>, <StompClient/stomp 8:MainThread (queued=0) [S]> )>
2022-06-29 11:04:00,236 DEBUG [debugger] <Connect_success[*] (<Connect[*] ()>, 'success' )>
2022-06-29 11:04:00,237 DEBUG [actions_component] Connected successfully. Resubscribe? False
2022-06-29 11:04:00,238 DEBUG [debugger] <Connected_done[stomp] (None )>
2022-06-29 11:04:00,238 DEBUG [debugger] <Connected_success[stomp] (<Connected[stomp] ()>, None )>
2022-06-29 11:04:00,340 INFO [actions_component] resilient-circuits has started successfully and is now running...
2022-06-29 11:04:00,340 INFO [actions_component] Subscribe to message destination 'fn_misp'
2022-06-29 11:04:00,341 DEBUG [debugger] <Subscribe[*] ()>
2022-06-29 11:04:00,341 INFO [stomp_component] Subscribe to message destination actions.202.fn_misp
2022-06-29 11:04:00,342 DEBUG [client] Sending SUBSCRIBE frame [headers={'ack': 'client-indiv*** '*** 'activemq.prefetchSize': 20, 'destination': 'actions.202.fn_misp'}, version=1.2]
2022-06-29 11:04:00,344 DEBUG [debugger] <Subscribe_success[*] (<Subscribe[*] ()>, None )>
2022-06-29 11:04:00,446 DEBUG [client] Received ERROR frame [headers={'message': 'User d688e07c-2557-435f-910c-8749645414ef is not authorized to read from queue://actions.202.fn_misp', 'content-type': 'text/plain'}, body=b'java.lang.SecurityEx...', version=1.2]
2022-06-29 11:04:00,547 DEBUG [debugger] <OnStompError[stomp] ()>
2022-06-29 11:04:00,548 ERROR [actions_component] STOMP listener: Error:
b'java.lang.SecurityException: User d688e07c-2557-435f-910c-8749645414ef is not authorized to read from queue://actions.202.fn_misp\n\tat com.co3.embeddedbroker.activemq.ActiveMQBrokerFilter.newSecurityException(ActiveMQBrokerFilter.java:74)\n\tat com.co3.embeddedbroker.activemq.ActiveMQBrokerFilter.addConsumer(ActiveMQBrokerFilter.java:263)\n\tat org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:104)\n\tat org.apache.activemq.broker.TransportConnection.processAddConsumer(TransportConnection.java:703)\n\tat org.apache.activemq.command.ConsumerInfo.visit(ConsumerInfo.java:352)\n\tat org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:336)\n\tat org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:200)\n\tat org.apache.activemq.transport.MutexTransport.onCommand(MutexTransport.java:45)\n\tat org.apache.activemq.transport.AbstractInactivityMonitor.onCommand(AbstractInactivityMonitor.java:301)\n\tat org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:97)\n\tat org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:179)\n\tat org.apache.activemq.transport.stomp.ProtocolConverter.onStompSubscribe(ProtocolConverter.java:671)\n\tat org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommand(ProtocolConverter.java:249)\n\tat org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:85)\n\tat org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)\n\tat org.apache.activemq.transport.tcp.SslTransport.doConsume(SslTransport.java:171)\n\tat org.apache.activemq.transport.stomp.StompSslTransportFactory$1$1.doConsume(StompSslTransportFactory.java:73)\n\tat org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:233)\n\tat org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:215)\n\tat java.lang.Thread.run(Thread.java:825)\n'
2022-06-29 11:04:00,549 DEBUG [client] Received heart-beat
2022-06-29 11:04:00,550 DEBUG [debugger] <Event[*] ('exception', 'Actions', 'User d688e07c-2557-435f-910c-8749645414ef is not authorized to read from queue://actions.202.fn_misp', b'java.lang.SecurityException: User d688e07c-2557-435f-910c-8749645414ef is not authorized to read from queue://actions.202.fn_misp\n\tat com.co3.embeddedbroker.activemq.ActiveMQBrokerFilter.newSecurityException(ActiveMQBrokerFilter.java:74)\n\tat com.co3.embeddedbroker.activemq.ActiveMQBrokerFilter.addConsumer(ActiveMQBrokerFilter.java:263)\n\tat org.apache.activemq.broker.BrokerFilter.addConsumer(BrokerFilter.java:104)\n\tat org.apache.activemq.broker.TransportConnection.processAddConsumer(TransportConnection.java:703)\n\tat org.apache.activemq.command.ConsumerInfo.visit(ConsumerInfo.java:352)\n\tat org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:336)\n\tat org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:200)\n\tat org.apache.activemq.transport.MutexTransport.onCommand(MutexTransport.java:45)\n\tat org.apache.activemq.transport.AbstractInactivityMonitor.onCommand(AbstractInactivityMonitor.java:301)\n\tat org.apache.activemq.transport.stomp.StompTransportFilter.sendToActiveMQ(StompTransportFilter.java:97)\n\tat org.apache.activemq.transport.stomp.ProtocolConverter.sendToActiveMQ(ProtocolConverter.java:179)\n\tat org.apache.activemq.transport.stomp.ProtocolConverter.onStompSubscribe(ProtocolConverter.java:671)\n\tat org.apache.activemq.transport.stomp.ProtocolConverter.onStompCommand(ProtocolConverter.java:249)\n\tat org.apache.activemq.transport.stomp.StompTransportFilter.onCommand(StompTransportFilter.java:85)\n\tat org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)\n\tat org.apache.activemq.transport.tcp.SslTransport.doConsume(SslTransport.java:171)\n\tat org.apache.activemq.transport.stomp.StompSslTransportFactory$1$1.doConsume(StompSslTransportFactory.java:73)\n\tat org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:233)\n\tat org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:215)\n\tat java.lang.Thread.run(Thread.java:825)\n' )>
2022-06-29 11:04:00,550 DEBUG [debugger] <OnStompError_success[stomp] (<OnStompError[stomp] ()>, None )>
2022-06-29 11:04:30,183 DEBUG [client] Received heart-beat
2022-06-29 11:04:30,234 DEBUG [debugger] <ServerHeartbeat[*] ()>
2022-06-29 11:04:30,235 DEBUG [debugger] <ServerHeartbeat_success[*] (<ServerHeartbeat[*] ()>, None )>
2022-06-29 11:04:45,205 DEBUG [client] Received heart-beat
2022-06-29 11:04:59,302 DEBUG [debugger] <retry_failed_deliveries[*] ( )>
2022-06-29 11:05:00,207 DEBUG [client] Received heart-beat
2022-06-29 11:05:00,235 DEBUG [debugger] <ServerHeartbeat[*] ()>
2022-06-29 11:05:00,236 DEBUG [debugger] <ServerHeartbeat_success[*] (<ServerHeartbeat[*] ()>, None )>
------------------------------
Farhan Saleem
Original Message:
Sent: Thu June 30, 2022 08:03 AM
From: Mark Scherfling
Subject: IBM Resilient connection error of fn_misp.
Hi Farhan,
There are probably more lines below the selftest logs you've posted here with error messages. Can you post them? So far there's nothing in the logs showing the issue.
Thanks,
Mark
------------------------------
Mark Scherfling
Original Message:
Sent: Wed June 29, 2022 02:59 AM
From: Farhan Saleem
Subject: IBM Resilient connection error of fn_misp.
Hi Team,
I try to integrate MISP on IBM Resilient after fulfill configuration, I face these errors.
Kindly help me out this.
------------------------------
Farhan Saleem
------------------------------