Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000029322 - How to increase the event payload size on an RSA Security Analytics Malware Analysis appliance

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support on Sep 6, 2019

Version 3Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000029322
Applies To	RSA Product Set: Security Analytics RSA Product/Service Type: Malware Analysis RSA Version/Condition: 10.x Platform: CentOS O/S Version: 6
Issue	Some events sources generate logs bigger than 16K in size. By default, the length of the maximum message size the log collector can collect is set to 16K. This default value may however be increased up to 64K (maximum).
Resolution	To increase the maximum payload, begin by logging in as an administrative account to the Security Analytics UI, then select Administration > Devices (or Services if using 10.4), and select the Malware device (or service if using 10.4). On the device/service, Navigate to Explore > Event-Processors > <instance name>> Destinations > Logdecoder > Consumer > Processors> Tcpconnector > Config/Connector > Event size Set the value of an appropriate size in bytes, noting the maximum event size that can be set is 65536 (64K).

Attachments

Outcomes

0 Comments

Recommended Content