Cisco Bug: CSCvt45206 - Event search may fail when searching events that existed before upgrade
Aug 04, 2020
- Cisco Firepower Management Center
Known Affected Releases
Symptom: Event viewer, context explorer, dashboard, and/or reporting queries with constraints on certain event fields may fail if the searched time range includes file, malware or intrusion events that existed before upgrade. httpsd_error_log contains the following error messages: Failed Executing Count Query with DBD::mysql::st execute failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AS event WHERE (event.`reviewed` = '0' AND ((event.`sensor_id` = '2' AND event.' at line 1: /usr/local/sf/htdocs/events/index.cgi, referer: https://XXX.XXX.XXX.XX/events/index.cgi **AND** (Unable to process this query. Please contact support.) in /usr/local/sf/htdocs/events/index.cgi:1077 at /usr/local/sf/lib/perl/5.10.1/SF.pm line 120.: /usr/local/sf/htdocs/events/index.cgi, referer: https://XXX.XXX.XXX.XX/events/index.cgi Conditions: This happens when file, malware, or intrusion events existed in the database before upgrade and those events are searched on certain fields (mostly new fields introduced in the upgrade).
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases