Splunk event forwading rate is very low on SEDR 4.6.8
Article ID: 251909
Updated On:
Products
Endpoint Detection and Response
Issue/Introduction
The throughput of events from the Symantec Endpoint Detection and Response (SEDR) appliance to Splunk is very low.
Cause
A configuration issue caused the the low end platform configuration to be loaded which caused the EDR to use smaller batch sizes
Resolution
Broadcom Engineering has resolved this issue in EDR version 4.7.0. Please update to EDR 4.7.0 to receive this fix.
Feedback
Yes
No
Powered by
