|Applies To||RSA Product Set: Security Analytics|
RSA Product/Service Type: Security Analytics UI, Event Source Monitoring (ESM)
RSA Version/Condition: 10.4.x, 10.5.x
O/S Version: EL6
|Issue||If a device is moved from one log decoder to another, then the entry for that device will remain under the event source monitoring statistics. |
|Resolution||Unfortunately it is not possible to delete a single device from Event Source Monitoring statistics in versions previous to 10.6 (in versions 10.6 or later, individual devices can be removed from Administration -> Event Sources and will be cleared from the Event Source Monitoring page after restarting collectd and rsa-sms services on the SA Server).|
The following steps explain how to remove all log statistic information for all devices associated with a particular log decoder.