When I run a search in AMP4E console, I get results showing that a file was encountered recently by a number of hosts in my environment. When I do the same search in Cisco Threat Response (CTR), no targets are returned, and I get the error message:
"There was a client error in the AMP module: API client does not have write access "
Why is this and how can I fix it?
This condition is likely due to the combination of an AMP API key that is set as read-only, combined with setting the AMP module in CTR as "Act in the Name of the Active User". When CTR calls AMP for results, a dynamic API key is created using your native credentials, which lacks the privileges to find hosts in the AMP environment.
You can either:
1. Disable the setting "Act in the Name of the Active User", and you should see all the hosts you're expecting in your query, or
Hi all, I'm not fully familiar with ASA's but I'm really stumped and need help. I have a HA pair of 5510's with a current ISP connection in them. We now have a new ISP connection which I have connected to Eth0/3. The link has been p...
I have imported the ACS certificate, with valid ACS GUI credentials, hardcoded hosts file, and enable migration in CLI. But when I try to export with Migration Tool I get the following. Does anyone know how to fix it? ERROR Thread-21 Unable to connec...
Good Morning,When our users are at work, they can access the internet and the network status icon shows they are on the internet. When our users are at home and on the VPN, they can access the internet but the network status icon shows they do not ha...
I have a VPN between Cisco ASA and AWS and is not coming up. Seems like it stuck after 5th Main Mode message. Need some help to understand the VPN debug taken on ASA. #####Below is the debugs::::Sep 24 15:30:26 [IKEv1]IP = 188.8.131.52, IKE Init...