EDR: S3 Output Stops after bundle_send_timeout hit
Article ID: 289464
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Issue/Introduction
The output to s3 stops after the configured bundle_send_timeout is hit.
Environment
- EDR Event Forwarder: 3.8.0 and 3.8.1
Cause
This is a known defect.
Resolution
- This issue will be fixed on 3.8.2 EF release.
- The workaround is to downgrade to 3.7.5 version:
#systemctl stop cb-event-forwarder #yum clean all #yum downgrade --disablerepo=* --enablerepo=CbOpenSource* cb-event-forwarder-3.7.5-1.el7
Feedback
Yes
No
Powered by
