Hi, guys i m facing a weird problem, while pulling the logs from my data source using McAfee agent i have noticed my agent service goes down every time the log rotation happens at the source.
This result in halting of log forwarding toward the SIEM collector( ERC ). First i tried writing a crone to restart the service but the issue is that there is no specific time at which log rotation happens and thus no specific time the crone should run.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.