Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IQ Web App Security (ASM)
Known Affected Versions:
7.1.0, 7.1.0.1, 7.1.0.2, 7.1.0.3, 7.1.6, 7.1.6.1, 7.1.7, 7.1.7.1, 7.1.7.2, 7.1.8, 7.1.8.1, 7.1.8.2, 7.1.8.3, 7.1.8.4, 7.1.8.5, 7.1.9, 7.1.9.7, 7.1.9.8, 7.1.9.9
Opened: Dec 31, 2020 Severity: 4-Minor
In rare cases, following an upgrade from a BIG-IQ version 7.1 to 8.0, the Web Application Security Dashboard or Bot Traffic Dashboard might display a 500 error.
The system returns an unexpected error (500 Server Error): status:500, body:{"error":{"httpStatus":"INTERNAL_SERVER_ERROR","code":1002,"message":"INTERNAL_SERVER_ERROR: ElasticsearchStatusException[Elasticsearch exception [type=too_long_frame_exception, reason=An HTTP line is larger than 4096 bytes.]]","errorStack":[],"restOperationId":"0615d70c-8d06-444a-b5bb-e0d7ffe0ca55"}}
Following a period of time that a system is powered down (several days, or more), upgrade a BIG-IQ to version 8.0. Go to the Web Application Security Dashboard (Monitoring : DASHBOARDS : Web Application Security).
Add the 'http.max_initial_line_length: 10mb' parameter to /var/config/rest/elasticsearch/config/elasticsearch.yml on all nodes (CMs and DCDs), and then restart elastic search on each node: bigstart restart elasticsearch
None