We had version 5.1.6 of the script running fine with FMC 7.0.x. We then upgraded FMC to 7.2.4 and the script quit working. We upgraded estreamer to 5.2.6 but are not seeing all the CEF data being sent to the output. Issue #18 did not fix our issue.
We tried some adjustments to both the Worker count and the batch size still only a small number of logs which are only PKT logs. Again, we had been running find until FMC was upgraded to 7.2.4. We are running on Redhat. To get this to work prior we had to set RUA to FALSE. Output module is streaming data to tcp://127.0.0.1:514
2023-07-26 06:56:09,243 Monitor INFO Running. 15396 handled; average rate 0.33 ev/sec;
2023-07-26 06:58:07,761 Monitor INFO Running. 15464 handled; average rate 0.33 ev/sec;
2023-07-26 07:00:07,949 Monitor INFO Running. 15542 handled; average rate 0.33 ev/sec;
2023-07-26 07:02:07,432 Monitor INFO Running. 15644 handled; average rate 0.33 ev/sec;
2023-07-26 07:04:07,916 Monitor INFO Running. 15758 handled; average rate 0.33 ev/sec;
2023-07-26 07:06:10,911 Monitor INFO Running. 15884 handled; average rate 0.33 ev/sec;
2023-07-26 07:08:08,097 Monitor INFO Running. 15986 handled; average rate 0.34 ev/sec;
2023-07-26 07:10:08,475 Monitor INFO Running. 16062 handled; average rate 0.34 ev/sec;
2023-07-26 07:12:07,314 Monitor INFO Running. 16152 handled; average rate 0.34 ev/sec;
2023-07-26 07:14:09,565 Monitor INFO Running. 16238 handled; average rate 0.34 ev/sec;
Seems like data is being retrieved but not all going to output.
We had version 5.1.6 of the script running fine with FMC 7.0.x. We then upgraded FMC to 7.2.4 and the script quit working. We upgraded estreamer to 5.2.6 but are not seeing all the CEF data being sent to the output. Issue #18 did not fix our issue.
We tried some adjustments to both the Worker count and the batch size still only a small number of logs which are only PKT logs. Again, we had been running find until FMC was upgraded to 7.2.4. We are running on Redhat. To get this to work prior we had to set RUA to FALSE. Output module is streaming data to tcp://127.0.0.1:514
2023-07-26 06:56:09,243 Monitor INFO Running. 15396 handled; average rate 0.33 ev/sec; 2023-07-26 06:58:07,761 Monitor INFO Running. 15464 handled; average rate 0.33 ev/sec; 2023-07-26 07:00:07,949 Monitor INFO Running. 15542 handled; average rate 0.33 ev/sec; 2023-07-26 07:02:07,432 Monitor INFO Running. 15644 handled; average rate 0.33 ev/sec; 2023-07-26 07:04:07,916 Monitor INFO Running. 15758 handled; average rate 0.33 ev/sec; 2023-07-26 07:06:10,911 Monitor INFO Running. 15884 handled; average rate 0.33 ev/sec; 2023-07-26 07:08:08,097 Monitor INFO Running. 15986 handled; average rate 0.34 ev/sec; 2023-07-26 07:10:08,475 Monitor INFO Running. 16062 handled; average rate 0.34 ev/sec; 2023-07-26 07:12:07,314 Monitor INFO Running. 16152 handled; average rate 0.34 ev/sec; 2023-07-26 07:14:09,565 Monitor INFO Running. 16238 handled; average rate 0.34 ev/sec;
Seems like data is being retrieved but not all going to output.