YOU’RE NOT VIEWING PANDA SECURITY USA. CLICK TO IMPROVE YOUR EXPERIENCE
VISIT PANDA SECURITY USA
x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with 50% off
RENEW NOW
x
48-HOUR OFFER
50%
RENEWALS
Home users only
RENEW AT A DISCOUNT
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET 50% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET 50% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET 50% OFF
x
UP TO
-60%
BUY NOW
x
UP TO
-60%
BUY NOW

Technical Support

Need help?

 

What is the operation logic used by the SIEMFeeder service when no logs are received?

Information applies to:

Products
Adaptive DefenseAdaptive Defense 360
Adaptive Defense 360 on Aether PlatformAdaptive Defense on Aether Platform

Situation

No activity logs are received from the SIEMFeeder service.

Explanation of SIEMFeeder's log send retry logic

Panda Security's SIEMFeeder service implements a feature to retry sending of log files to the customer's FTP server in order to ensure the delivery of data to its destination. This feature works as follows:

  • Connection pools are created to allow each thread to send its files without requiring a proprietary connection.
  • There is a retry login in place by which a thread will try to retrieve those connections that have failed. This logic works as follows:

    • If an error occurs sending a file, the server is marked as unavailable and SIEMFeeder saves the file to disk. As a result, all other threads will also save their files to disk.
    • Additionally, there is a collector thread that is constantly searching for unavailable servers and will try to send one of the files to the server.

      • If the problem persists, only files older than 48 hours will be deleted.
      • When the connection is reestablished, the collector thread informs the main threads that the server is operational and ready to receive their logs.

Also, the accumulated files are reintegrated into the SIEMFeeder service to be processed again.

For more information, refer to the SIEMFeeder Administration Guide.

Help nº- 20170811 50110 EN

Have you resolved your query with this article?

yes no

Thanks for your answer


Why didn't you find it helpful?


The instructions are too complex.
The instructions are too long.
The instructions don't work.
I'd rather have a video.
Other reasons.




Talk to a technician!

 

Business hours: Mondays-Fridays 9:00 to 18:00 CET

Outside business hours, please use the online form.





ALWAYS ONLINE TO HELP YOU TWITTER FORUM RATE US CHAT
ALWAYS ONLINE TO HELP YOU TWITTER FORUM RATE US CHAT