|Applies To||RSA Product Set: Security Analytics|
RSA Product/Service Type: Security Analytics Hosts
RSA Version/Condition: 10.6.0.0
O/S Version: 6
|Issue||After upgrading to Security Analytics 10.6.0.0, /var/log/messages is flooded with rsa_audit_onramp messages as shown in the example below.|
Jun 2 02:30:52 SA_HOST rsa_audit_onramp: Publishing to MessageBus failed.
Due to the extensive number of such events logged, /var/log/messages rolls out meaningful events more quickly.
|Cause||The issue is caused by a bug in /usr/sbin/rsa_audit_onramp.|
|Resolution||This issue has been resolved in Security Analytics 10.6.0.1.|