cancel
Showing results for 
Search instead for 
Did you mean: 
feickholt
Level 10

Upload Speed for LogFile s

Is there a way to control this?

I believe the throotle command will only effect webtraffic?

Frank

0 Kudos
3 Replies
McAfee Employee

Re: Upload Speed for LogFile s

Correct Frank!

What's the issue?

Michael

0 Kudos
feickholt
Level 10

Re: Upload Speed for LogFile s

Out siem requires to receive the logfiles once an hour.

Currently we send out the files from all proxies together the same time. So the load on the Siem interface is loaded 100% for a few minutes.

I know we can configure each proxy seperatly to upload the files one after another: (1:00, 1:02 1:04...)

But throttleing the upload would it make much easier for us :-)

Frank

0 Kudos
btlyric
Level 12

Re: Upload Speed for LogFile s

Is there a specific reason that you cannot send the logs more frequently and therefore reduce the overall load on the SIEM? We currently push our log data at the lowest configurable increment of every 5 minutes.

I'm not sure if the field for Enable scheduling of log file rotation affects the field for Enable interval based log file rotation. If it does, you might be able to set up different Policy -> Settings -> File System Logging entries for each system and offset the daily rotation time value by a minute or so for each individual proxy. But I think that's what you were referring to when you said you could configure each proxy to upload the files one after another.

Another possibility, if your architecture supports it, would be to stream the log data via syslog to the SIEM.

0 Kudos