Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

"DDAN Critical Alert - Virtual Analyzer Stopped" error message appears in Deep Discovery Analyzer (DDAN) 5.8

    • Updated:
    • 13 Sep 2017
    • Product/Version:
    • Deep Discovery Analyzer 5.8
    • Platform:
    • N/A N/A
Summary

DDAN 5.8 users with SMTP alerts enabled may encounter an issue where alerts are sent with the following information:

Subject:  DDAN Critical Alert - Virutal Analyzer Stopped
Description:  Virtual Analyzer encountered an error and was unable to recover. Analysis has stopped.

Details
Public

This issue may indicate a larger problem and should be further investigated by the DDAN administrator. In situation in which you have received very few of such messages over a long period of time, the error can be disregarded.

However, in some cases if the issue is repeatedly happening or on multiple VMs, the sample analysis process may be halted, causing the queue to grow rapidly.

Recommended Action(s)

Trend Micro is currently investigating a permanent resolution for the issue, but in the interim does have a verified workaround which includes adjusting the DDAN configuration to change a couple of key variables.

The following two adjustments can be done by the administrator directly. If neither of the suggested two improve the situation, contact your designated Trend Micro technical support representative for further assistance.

  • Option 1:

    Lower the number of Virtual Sandboxes in steps of 10%. This limits the use of the designated TMPFS space which in most cases causes the alert to trigger.

  • Option 2:

    Increase the available TMPFS space by changing the setting on the DDAM RDQA page:

    1. Open your browser and enter the following address:

      https://<DDAN-IP>/pages/rdqa.php

    2. Click Change U-Sandbox Ramdisk Size and adjust the ramdisk size to maximum 24576 MB (24GB).
    3. Click Save.
 

Please revisit this page as we are continuously updating available solutions.

For DDAN 5.8, Hot Fix 1207 addresses this problem. Contact Trend Micro Technical Support to request a copy of Hot Fix 1207 or any later Hot Fix versions.

Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
1118162
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.