01. 07. 2019
Downloads / Release Notes
25. 03. 2019
Oreste Attanasio
Log Management, Log-SIEM, NetEye, Unified Monitoring
Safed improvements since 1.10.1
The Safed agent keeps track of the events it receives from the Eventlog by keeping the LastEventID in registry. At start time the agent tries to retrieve all events from Windows Eventlog since starting from the LastEventID. When the amount of events since LastEventID is too large or the LastEventID has been removed from the EventLog, the Safed Agent may hang and apparently do nothing.
The new Safed version (1.10.1) introduces an important bugfix that avoids the agent to hung. This has been accomplished by modifying the agent’s behavior at start time. The LastEventID ist still taken into account at start time, but it can’t be older than the maximum cache days defined in the agent configuration.
Hence, to maximize performance when using Safed for realtime event monitoring it is advised to set the cache, expressed in days as Number of Cache files under Network Configuration to 0.
This way the agent won’t try to retrieve old events on start.
On the other hand, if Safed is used to collect data for auditing purposes, we advise to keep the above value higher, in order for the agent to try to retrieve all events received by the Eventlog during the agent’s downtime.
Please keep in mind that because of the EventLog design, Safed may slow down anyways if the amount of events it has to receive/recover upon start is too large. We recommend to keep the agent monitored by NetEye itself and to add a restart policy on the service, in order to avoid these situations.
Please find the new version under Downloads
Oreste Attanasio
Team Leader Service & Support at Würth Phoenix
I graduated in Applied Computer Science at the University of Bolzano in 2006. After 3 years of experience as consultant in a small IT business IT I decided to move on, and found Würth Phoenix as a good starting point for a career.
After serving several years as a developer, consultant and support engineer, I now lead the Service & Support Team and aim to deliver best quality services to our customers, by helping them using our products together with the strength of Open Source, in which I strongly believe.
Author
Latest posts by Oreste Attanasio
09. 03. 2021
Contribution, NetEye, Unified Monitoring
NeDi 1.9 security advisory
04. 02. 2020
NetEye, Service Management
Microsoft will Deny Plain LDAP Connections to AD Beginning March 2020
14. 08. 2018
Unified Monitoring
NagMap and Google Maps
14. 07. 2016
NetEye
Accesso al nuovo portale service desk