Troubleshoot SEC Onboarding Failures
The troubleshooting scenarios describe a variety of symptoms associated with Secure Event Connector (SEC) onboarding and operational failures. Use this topic to identify and resolve the issue impacting your deployment.
SEC onboarding failed
Symptom: SEC onboarding failed.
Repair: Remove and onboard the SEC again.
Tip | Always use the copy link to copy the bootstrap data when on-boarding an SEC. |
Note | If this procedure does not correct the problem, gather the troubleshooting logs and contact your Managed Service Provider or the Cisco Technical Assistance Center. |
Downloading, decoding, or extracting bootstrap data failed
Messages:
-
[Error] Downloading the bootstrap package failed.
-
[Error] Extracting the bootstrap package failed.
-
[Error] Max retries exceeded for bootstrap download.
Diagnosis: Decoding bootstrap data failed.
Repair:
-
Wait briefly and retry the bootstrap operation.
-
Add a new SEC in the UI and attempt to bootstrap the new one instead.
Adequate CPU and memory not available
Message: [Error] Secure Event Connector minimum system requirements not met.
[sdc@localhost ~]$ /usr/local/cdo/toolkit/sec.sh setup
[2020-06-10 04:37:26] ERROR unable to setup Secure Event Connector, minimum 4 cpus and 8 GB ram required, exiting.
Diagnosis: Adequate CPU and memory not available.
Repair: Increase the resources of your virtual machine to meet the minimum required specifications.
Host already has an SEC
Message: [Error] This host currently has an SEC enabled for the same tenant. Please remove the SEC before trying to bootstrap it again.
Diagnosis: SEC already running.
Repair: Ensure that there is no existing operational SEC in your environment. If one is present but not operational, remove it and then re-bootstrap the SEC.
Note | Ensure that you are removing an active SEC. This error message can occur when a bootstrap progresses far enough for the system to assume normal operation but fails to fully complete. As a result, it is possible that a bootstrap error is causing this situation. To confirm, run the command |
Contact Security Cloud Control Support
If none of the scenarios described above match your issue, open a case with Cisco Technical Assistance Center.