Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000017459 - WinRM Log Events get Truncated in RSA Security Analytics

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 22, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000017459
Applies To	RSA Security Analytics RSA Security Analytics Log Collector Microsoft WinRM
Issue	WinRM Log Events get Truncated in RSA Security Analytics. Event logs from Windows servers might get truncated to Security Analytics when using WinRM. For instance:
Resolution	The root cause of this issue is currently being investigated. However, the following workaround can be applied: From the Security Analytics GUI go to Administration ? Devices ? Log Collector ? View ? Config ? Event Sources ? ? Select ?Windows? from the drop down menu on the left ? select the ?Event Cetegory? ? select the ?Host? on the right and edit it. ? Select the ?Advanced? down arrow and fill the ?Render Locale? field with ?en-US? ? click OK ? Restart Windows collection
Legacy Article ID	a65982

Attachments

Outcomes

0 Comments

Recommended Content