View Alerts and Troubleshoot

A Hybrid Data Security deployment is considered unavailable if all nodes in the cluster are unreachable, or the cluster is working so slowly that requests time out. If users cannot reach your Hybrid Data Security cluster, they experience the following symptoms:

  • New spaces cannot be created (unable to create new keys)

  • Messages and space titles fail to decrypt for:

    • New users added to a space (unable to fetch keys)

    • Existing users in a space using a new client (unable to fetch keys)

  • Existing users in a space will continue to run successfully as long as their clients have a cache of the encryption keys

It's important that you properly monitor your Hybrid Data Security cluster and address any alerts promptly to avoid disruption of service.

Alerts

If there is a problem with the Hybrid Data Security setup, Control Hub displays alerts to the organization administrator, and sends emails to the configured email address. The alerts cover many common scenarios.

Table 1. Common Issues and the Steps to Resolve Them

Alert

Action

Local database access failure.

Check for database errors or local network issues.

Local database connection failure.

Check that the database server is available, and the right service account credentials were used in node configuration.

Cloud service access failure.

Check that the nodes can access the Webex servers as specified in External connectivity requirements.

Renewing cloud service registration.

Registration to cloud services was dropped. Renewal of registration is in progress.

Cloud service registration dropped.

Registration to cloud services terminated. Service is shutting down.

Service not yet activated.

Activate a trial, or finish moving the trial to production.

Configured domain does not match server certificate.

Ensure that your server certificate matches the configured service activation domain.

The most likely cause is that the certificate CN was recently changed and is now different from the CN that was used during initial setup.

Failed to authenticate to cloud services.

Check for accuracy and possible expiration of service account credentials.

Failed to open local keystore file.

Check for integrity and password accuracy on local keystore file.

Local server certificate is invalid.

Check the server certificate's expiration date and confirm that it was issued by a trusted Certificate Authority.

Unable to post metrics.

Check local network access to external cloud services.

/media/configdrive/hds directory does not exist.

Check the ISO mount configuration on virtual host. Verify that the ISO file exists, that it is configured to mount on reboot, and that it mounts successfully.

Troubleshoot Hybrid Data Security

Use the following general guidelines when troubleshooting problems with Hybrid Data Security.
1

Review Control Hub for any alerts and fix any items you find there.

2

Review the syslog server output for activity from the Hybrid Data Security deployment.

3

Contact Cisco support.