on Jun 14, 2016Article Content
| Article Number | 000029322 |
| Applies To | RSA Product Set: Security Analytics RSA Product/Service Type: Malware Analysis RSA Version/Condition: 10.x Platform: CentOS O/S Version: 6 |
| Issue | Some events sources generate logs bigger than 16K. By default, the length of the maximum message size the log collector can collect is set to 16K. This default value may however be increased up to 64K (maximum). |
| Resolution | To increase the maximum payload, begin by logging in as an administrative account to the Security Analytics UI, then select Administration->Devices (or services if using 10.4), and select the Malware device (or service if using 10.4) On the device/service, perform the following: Explore/Event-Processors/<instance name>/Destinations/Logdecoder/Consumer/Processors/Tcpconnector/Config/Connector/Event size Set the value of an appropropriate size in bytes, noting the maximum event size is set at 65536 (64k). |