SDEE Collection: Troubleshoot

Document created by RSA Information Design and Development on Jun 25, 2017Last modified by RSA Information Design and Development on Jul 28, 2017
Version 2Show Document
  • View in full screen mode
  

This topic highlights possible problems that you may encounter with SDEE Collection and suggested solutions to these problems.

Troubleshoot SDEE Collection Issues

In general, you receive more robust log messages by disabling SSL.

You can select the Save Raw XML Files configuration parameter to save the raw XML files from the server to /var/netwitness/logcollector/runtime/sdee/saved_sdee_files to further investigate SDEE issues. The file name for these file contains the event source name and a timestamp. You can control the the amount of files (data) Security Analytics stores with the Saved File Quota configuration parameter.  The value that you enter for the quota is the number of bytes Security Analytics stores, in kilobytes, megabytes, or gigabytes.

You are here
Table of Contents > SDEE Collection Configuration Guide > Troubleshoot SDEE Collection

Attachments

    Outcomes