Troubleshooting
This section provides troubleshooting instructions for deploying and using the solution.
If these instructions don’t address your issue, see the Contact AWS Support section for instructions on opening an AWS Support case for this solution.
Changing your account ID
You can't change your input to the Account ID where Security Lake is created parameter after you deploy this solution.
Resolution
If your Security Lake account ID changes, uninstall the solution and then re-deploy it with the new account ID.
Problem: QuickSight widgets don't show data
There could be several reasons why your QuickSight widgets aren’t showing data.
Resolution 1: Enable the Systems Manager parameter data source
This error might happen if the value to enable the data source isn’t
set to Enabled
. For example, a typo can result in errors and
data not being shown in the widgets.
To resolve this issue, correct the value and save the parameter again. See Enable data and insights for more detailed instructions.
Resolution 2: Enable the data source in Security Lake
This error can also happen if the data source isn’t enabled in Security Lake. To resolve this issue:
-
Enable the data source in Security Lake. See Data sources for more detailed instructions.
-
Update the
/solutions/securityInsights/region/updatePermissions
Systems Manager parameter by increasing the version number and saving the parameter. This adds the required permissions to the new data source. See Update permissions to new data sources for more detailed instructions. -
Disable and enable the Systems Manager parameter again for the data source.
Resolution 3: Increase the query window duration
If a particular widget isn’t showing data, the data for those events
might not have been generated in the configured queryWindowDuration
parameter.
To resolve this issue, increase the number for this parameter. This results in Athena scanning data for more days. If the corresponding events occurred in that period, then the data will show in the widgets. See Change the duration for more detailed instructions.
Datasource CREATION_FAILED error
You see the following error during the CloudFront deployment:
DataSource: arn:aws:quicksight:region:account:datasource/AthenaDataSourceSecurityInsights is in status CREATION_FAILED’
Resolution
Delete the Athena data source using the following CLI command.
Aws quicksight delete-data-source –-aws-account-id <account id> --data-source-id <AthenaDataSourceSecurityInsights>
For more information, see delete-data-source in the AWS CLI Command Reference.