Carbon Black Cloud: Is There A Cap of Notification Received by Single Syslog Call
search cancel

Carbon Black Cloud: Is There A Cap of Notification Received by Single Syslog Call

book

Article ID: 287506

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

Is There A Cap of Notification Received by Single Syslog Call?

Environment

  • Carbon Black Cloud Backend: All supported versions

Resolution

There is a cap of 2500 notifications that can be pulled in a single Syslog call.

Additional Information

There is a possibility CBC syslog falls a little behind during peak hours depending on the configured polling interval, which will catch up as the flow slows down later.
Powered by Wolken Software