|Applies To||RSA Security Analytics|
RSA Security Analytics 10.3
RSA Security Analytics Server
|Issue||Jetty 9 logs fill rapidly due to noisy LoggingFilter entries on the RSA Security Analytics server.|
The logs in the /opt/rsa/jetty9/logs directory become very large due to frequent org.apache.mina.filter.logging.LoggingFilter entries similar to the example below.
Navigating to Administration -> System -> Logging -> Realtime in the Security Analytics UI displays frequent HeapBuffer entries.
Large Jetty 9 logs cause the root ( / ) partition on the appliance to reach 100% capacity, which results in issues such as the appliance becoming unlicensed, etc.
In order to prevent these entries from rapidly filling the Jetty 9 logs, set the "log level" for this function to log fewer entries using the steps below.
If you are unsure of any of the steps above or experience any issues, contact RSA Support and quote this article ID for further assistance.
Be aware that, if the log messages above are not reporting, the org.apache.mina.filter.logging.LoggingFilter option may not appear in the Security Analytics UI under Administration -> System -> Logging -> Settings.
The following screenshot demonstrates the workaround procedure described above.
|Legacy Article ID||a67879|