000035769 - Out-of-bound values are caped when configuring parameters for Event Stream Analysis trial rules in RSA Security Analytics 10.6

Document created by RSA Customer Support Employee on Nov 23, 2017Last modified by RSA Customer Support Employee on Nov 25, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000035769
Applies ToRSA Product Set: NetWitness Logs & Packets, Security Analytics
RSA Product/Service Type: Event Stream Analysis (ESA)
RSA Version/Condition: 10.6.x
Platform: CentOS
O/S Version: EL6
IssueWhen configuring parameters for trial rules, you can configure the following values:
  • MemoryCheckPeriod: Defines the polling interval to check the ESA memory consumption.
  • MemoryThresholdForTrialRules: Defines the threshold value; when reached, all trial rules will be disabled.
CauseIf you configure these parameters with out-of-bound values, the values are capped to the system’s minimum or maximum values rather than the values defined in the parameters.
ResolutionThis issue is currently being investigated by the Engineering team in order to resolve it in a future release.