Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000031813 - How to purge the VLC shovel queue in RSA Security Analytics

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 5Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000031813
Applies To	RSA Product Set: Security Analytics RSA Product/Service Type: Virtual Log Collector (VLC), Security Analytics UI Platform: CentOS
Tasks	This article addresses how to purge the data in the data queues if they utilize the bandwidth between a remote Log Collector and a Local Log Collector.
Resolution	To purge the data in the shovel queue, follow the steps below. Connect to the Virtual Log Collector (VLC) via SSH as the root user. Issue the command below. curl -s --user 'admin:netwitness' 'http://<VLCIP>:50101/event-broker?msg=purge&force-content-type=text/plain&expiry=600&<shovel.queue.name<%20%20>>' Where: VLCIP = The Virtual Log Collector IP address shovel.queue.name = The shovel queue name that you want to purge. You can get that from the explore view of the VLC as per snapshot below This example assumes using the default admin password.
Notes	Remember to replace the underscore "_" with the dot "." as per the command above.

Attachments

Outcomes

0 Comments

Recommended Content