HIP Data Not Being Collected

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

HIP Data Not Being Collected

L2 Linker

Hi!

 

An exciting start to the day - a security policy with a HIP profile ("compliant" - basically running an approved os) that previously worked fine, stopped working for a random selection of people and rapidly became less random and more universal. After ripping out that requirement (so my phone wasn't making quite so much noise), dug into what was going on - seemingly almost all of the HIP data isn't being sent/logged :-

 

msm@helix(active)> debug user-id dump hip-profile-database statistics
WARNING: terminal is not fully functional
- (press RETURN)
Total number of hip in database: 3
Total number of logout records in database: 19577
Total size of hip reports: 67926KB used / -931840KB

 

(there's currently a touch under 600 users logged in)

 

And that negative size worries me.

 

Any ideas for fixes/areas to look at? This has of course been logged to our support team.

2 REPLIES 2

L2 Linker

No progress, but one additional clue from the client logs :-

 

P1827-T17939 09/17/2021 09:27:49:048 Debug(1679): SendHipReportToGateway ${somefqdn} returns FALSE.

 

So the gateway is telling the client not to send HIP data after the portal has told it to collect it? Has some daemon on the firewall crashed and not restarted?

L2 Linker

For the benefit of anyone who manages to break things this way, it turned out that the problem was that a URL filtering policy was blocking HIP matches! Don't apply URL filtering to accessing your own servers 🙂

  • 2342 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!