This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

Demisto Service Failed

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Demisto Service Failed

Pavendhan_K
L0 Member

‎05-17-2023 02:54 AM

Hi Everyone ,

 

We are running XSOAR instance with NFR license. 

 

Recently for unknown reasons, the demisto service stopped and is never coming up when we try to start. 

 

Pavendhan_K_0-1684316963694.png

 

 

[root@localhost ~]# systemctl status demisto.service
● demisto.service - Demisto Server Service
Loaded: loaded (/etc/systemd/system/demisto.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2023-05-17 19:43:28 AEST; 45s ago
Process: 2122 ExecStart=/usr/local/demisto/server (code=exited, status=203/EXEC)
Main PID: 2122 (code=exited, status=203/EXEC).

 

Can you help in fixing what is wrong here. Thank you. 

 

Cortex XSOAR 

 

Cortex XSOAR
Thumbnail of Cortex XSOAR
Palo Alto Networks
Cortex XSOAR
Security Operations
View on Product Page
0 Likes Likes
3 REPLIES 3

cpayne26
L2 Linker

‎05-17-2023 07:32 AM

There's not much that exit code  screenshot provides on its own and you should probably open a ticket with support.   In the interim, Assuming a standard installation you can probably see some more hints in /var/log/demisto.service.log  or in the journal logs (journalctl --since "<##>  hour ago" > <jfilename>   (example collecting 12 hours of journalctl logs:  journalctl --since "12 hour ago" > journalctl_12hr.txt)  ) .  Off the top of my head, make sure there's enough space in the filesystems the relevant directories (see link for relevant directories) and demisto has access.  Make sure you're system meets the minimum requirements.   also confirm the docker/podman  service is up and healthy

  https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.11/Cortex-XSOAR-Administrator-Guide/Instal...  (contains relevant filesystem structure and sizing recommendations) 
https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.11/Cortex-XSOAR-Administrator-Guide/System... (system requirements)

0 Likes Likes

MBeauchamp2
L4 Transporter

‎05-17-2023 07:36 AM

Check the /var/log/demisto/server.log to see if the reason presents itself.

 

You can also check the journalctl logs on restart, problem may be there as well. 

0 Likes Likes

atullo
L2 Linker

‎05-17-2023 02:22 PM

Pavendhan_K Have you been using the NFR license for more than 30 days?

Start Your 30-Day Free Trial of Cortex XSOAR ... 

 

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks