|Applies To||RSA Product Set: Security Analytics|
RSA Product/Service Type: Virtual Log Collector (VLC), SFTPAgent
RSA Version/Condition: 10.4.1.x, 10.5.x
O/S Version: EL6
|Issue||In some situations, it may be necessary to send logs in the gz formats originally generated by the Event Source rather than log, txt or XML formats.|
The Standard Configuration of SFTPAgent does not understand anything except for simple ASCII to send the files to Log Collector or VLC. Instead, it treats the gz files as simple text and hence it sends corrupt files.
|Resolution||The solution to this issue is to treat the gz files as binary streams by setting the following parameter in the sftpagent.conf file:|
The steps to do this are as follows: