Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000030580 - Performance issues with Log Decoders due to large number of Event Source groups in RSA Security Analytics 10.5.0.0

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000030580
Applies To	RSA Product Set: Security Analytics RSA Product/Service Type: Log Decoder RSA Version/Condition: 10.5.0.0 Platform: CentOS O/S Version: EL6
Issue	Adding many Event Sources that have the same Device Type to one or more groups results in increased CPU utilization on Log Decoders when events of that device type are received.
Resolution	This issue is resolved in Security Analytics 10.5.0.1.
Workaround	To avoid this issue, do not create many large groups that include a large number of the same Event Source type. The sum of the event sources across groups should be limited to 150,000 when viewed in the Administration -> Event Sources -> Manage tab.

Attachments

Outcomes

0 Comments

Recommended Content

Incoming Links

000030419 - RSA Security Analytics 10.5.0.0 Known Issues Master List