Get 50% discount! Discover the plan that suits you best!

See offer

Get 50% discount! Discover the plan that suits you best!

See offer

Renew and get 50% off*

Only available for 48 hours!

::

*For home users only

Renew at a discount
::

Renew and get 50% off*

Renew
*Home users only

*For home users only Renew and get 50% off*

::
Renew

Special offer: Renew and get 50% off**

Only available for 48 hours!

::

*For home users only

Renew at a discount

*For home users only Special offer: Renew and get 50% off*

::04
Renew

Are you a WatchGuard Partner or customer and need help with Panda products?

Welcome to Support!

Get 50% discount! Discover the plan that suits you best!

Click here!

Hello!

You’re about to visit our web page in English
Would you like to continue?

Yes, I want to visit the web page in English No, I want to visit the web page in

If this is not what you’re looking for,

Visit our Welcome Page!

Technical Support

Need help?

 

What is the operation logic used by the SIEMFeeder service when no logs are received?

Information applies to:

Products
Adaptive DefenseAdaptive Defense 360
Adaptive Defense 360 on Aether PlatformAdaptive Defense on Aether Platform

Situation

No activity logs are received from the SIEMFeeder service.

Explanation of SIEMFeeder's log send retry logic

Panda Security's SIEMFeeder service implements a feature to retry sending of log files to the customer's FTP server in order to ensure the delivery of data to its destination. This feature works as follows:

  • Connection pools are created to allow each thread to send its files without requiring a proprietary connection.
  • There is a retry login in place by which a thread will try to retrieve those connections that have failed. This logic works as follows:

    • If an error occurs sending a file, the server is marked as unavailable and SIEMFeeder saves the file to disk. As a result, all other threads will also save their files to disk.
    • Additionally, there is a collector thread that is constantly searching for unavailable servers and will try to send one of the files to the server.

      • If the problem persists, only files older than 48 hours will be deleted.
      • When the connection is reestablished, the collector thread informs the main threads that the server is operational and ready to receive their logs.

Also, the accumulated files are reintegrated into the SIEMFeeder service to be processed again.

For more information, refer to the SIEMFeeder Administration Guide.

Help nº- 20170811 50110 EN

Have you resolved your query with this article?

yes no

Thanks for your answer


Why didn't you find it helpful?


The instructions are too complex.
The instructions are too long.
The instructions don't work.
I'd rather have a video.
Other reasons.




Talk to a technician!

 

Business hours: Mondays-Fridays 9:00 to 18:00 CET

Outside business hours, please use the online form.





ALWAYS ONLINE TO HELP YOU TWITTER FORUM RATE US CHAT
ALWAYS ONLINE TO HELP YOU TWITTER FORUM RATE US CHAT