FMOS
System Configuration Issue
Warning
The FMOS News cache has not yet been populated.
FireMon occasionally publishes news items to provide customers with information about new product releases, security vulnerabilities, and other important notices. These items can be accessed from within FMOS using the fmos news command. To avoid contacting the web service that distributes these items, FMOS caches the most recent items.
By default, the fmos news command will display news items found in the local cache if possible, or query the web service if necessary. It has an option to only display items found in the cache, When invoked in this way, it will not attempt to query the web service even if the cache has expired or has not yet been populated. If there are no items in the cache, a warning message will be printed.
FMOS displays news items on the console when a user logs in to the FMOS command-line interface. To avoid adding a potentially long delay while contacting the FMOS news web service, it only displays news items from the local cache. If the cache has not yet been populated, a warning message will be printed.
Users will not be able to read FMOS news items without contacting the FMOS news web service until the cache has been populated. This warning will continue to be displayed when users log in to the FMOS CLI.
There are two possible causes for this warning:
The FMOS news cache is populated during initial deployment. If a user logs in to the FMOS CLI before the cache has been populated, this warning will be displayed.
The FMOS machine cannot contact the FMOS news web service
If the warning is being displayed because FMOS initial deployment is still in progress, wait for the initial deployment to complete and try again. Once the initial deployment process has completed successfully, if the warning is still displayed, see Resolution 2 for information on how to troubleshoot communication problems with the FMOS news web service.
The FMOS news web service is a service available to all customers via the Internet. FMOS machines need to be able to communicate with it using HTTPS in order to fetch the latest news items. If your organization has a firewall in place that may block outbound communication to the Internet, please ensure that there is a rule allowing FMOS machines to contact the following services:
fmosupdate.firemon.com HTTPS (TCP port 443)
news.fmos.firemon.com HTTPS (TCP port 443)
If possible, avoid creating exception rules for IP addresses; the FMOS news service may occasionally change its IP address.
If your organization requires clients to use a proxy in order to connect to the Internet, please be sure the https_proxy and no_proxy System Configuration variables are set correctly.
If your organization explicitly forbids outbound communication to the Internet and an exception cannot be made to allow FMOS machines to contact the FMOS news web service, you may wish to disable displaying news items when users log in to the FMOS CLI. The show_news_at_login System Configuration Variable controls this behavior; set it to false to disable the feature.