Netskope Help

Known Issues for Virtual Appliance Version 93.0.0

The following are the known issues included in this release.

Issue Number

Issue Description

Workaround

An error occurs when upgrading the appliance to version 93.0.0.

Error: Install cannot proceed without downloading pkg: threat-intel-ns

Download the package listed in the error message and continue with the upgrade.

To learn more: Upgrade the additional Appliance Packages.

182357

After upgrading the appliance to version 93.0.0, the process of logging into the appliance can take more than 15 minutes.

There is no workaround.

176981

If you have configured an auth proxy in your network using a Virtual appliance or a Physical Appliance with the option Enable Direct Authentication for Managed Devices enabled, and have the Netskope Client, then you will be prompted to login twice when connecting to a website.

There is no workaround.

155957, 174165

Uploading log files from AWS S3 to Netskope tenant fails when S3 is connected through proxy in secure mode.

When accessing AWS S3 through proxy in secure mode, the OPLP appliance suppresses the proxy information.

To connect to S3 through proxy, you must turn off secure mode.

151069

Netskope forward to proxy feature cannot forward requests to the destination specified in forward to proxy profile if DNS cannot resolve the origin domain.

Add a DNS entry to resolve the origin domain.

113634

If timezone is configured on the OPLP appliance and timezone is also specified in the parser, then the date and time for the logs uploaded through the OPLP appliance is incorrect in Skope IT.

There is no workaround.

127783

'Failed to get hostname' error message in the nsforwarder.log file.

The error message does not impact the functionality and can be ignored.

127734

'Unable to read file' error message in the os_list.json file.

The error message does not impact the functionality and can be ignored.

127686

Traffic which is on non-standard HTTP(S) ports is getting dropped. You may see the following error: ERROR lcforwardproxy 111 APPMODULE 227: ...

The error message does not impact the functionality and can be ignored.

127290

The following error can be ignored: ERROR lcforwardproxy 101 SYNTHETIC 228:SyntheticTemplateConfig.cpp: trid= rqid= tenantid= user='' config block 'activity' is not allowed to be empty

There is no workaround.

127095

Time-based inline security policies is broken for customers using DPoP.

There is no workaround.

Currently, discovery / OPLP can accept log files, system logs, and custom parsers files in UTF-8 encoding only.

If these files are encoded using other encodings, we may fail to parse them properly. This will manifest as UnicodeDecodeError in our logs.

The best practice is to set UTF-8 as the default encoding in all pipelines feeding into OPLP. UTF-8 can handle any character set, so this will not result in any information loss.

For the log files that are already encoded without using UTF-8, convert these files to UTF-8 before uploading them to OPLP.

The following is an example using a file that is encoded in UTF-16.

  1. Unzip if log files are zipped.  In this example, the unzipped text file is logsample.log.

  2. Check current encoding used: file logsample.log > outputs “Little-endian UTF-16 Unicode text,”

  3. Convert it to UTF-8 as  iconv -c -f utf-16 -t utf-8 logsample.log > logsample_utf8.log

  4. Send logsample_utf8.log to OPLP either as a text file or zipped file.