Access log uploads may report a failure uploading when there is a 10 second pause in the upload.

A TCP RST is observed from the proxy toward the log server 10 seconds after the last packet was sent.

The associated event logs are as follows:

2023-04-30 13:16:48-04:00EDT  "Access Log Custom (main): Connecting to primary server xxx.xxx.xxx.xxx:yyyy."  0 E0000:96  alog_stream_custom.cpp:278
2023-04-30 13:17:08-04:00EDT  "Access Log Custom (main): Socket error occured while sending data."  20 E000A:1  alog_stream_custom.cpp:135
2023-04-30 13:17:08-04:00EDT  "Access Log Custom (main): Closing TCP/IP connection."  0 E0000:96  alog_stream_custom.cpp:191
2023-04-30 13:17:08-04:00EDT  "Access Log (main): error in sending log data (no bytes sent from this queue), error code = -1 [32]"  0 E000A:96  alog_stream.cpp:2044
2023-04-30 13:17:08-04:00EDT  "Access Log (main): Log uploading failed.  Remote filename: Not Applicable size: xxxx KB."  0 E0008:1 Mailed alog_manager.cpp:1251

The default keep-alive timer for connections is 10 seconds.

In SGOS 7.3.11, feature functionality was introduced to overcome the issue whereby an administrator can now increase the idle keep-alive timeout for these connections for both FTP and Custom Client upload clients.

1. Edit the corresponding log.
   
   

   ProxySG> en
   ProxySG# conf t
   ProxySG# (config) access-log
   ProxySG# (config access-log) edit log <log name>

   
   
   
2. Increase the timer depending on the type of client in use.
   
   
   1. FTP Client
      
      

      ProxySG# (config log <log name>) ftp-client keep-alive-idle 7200

      
      
      
   2. Custom Client
      
      

      ProxySG# (config log <log name>) custom-client keep-alive-idle 7200