As the COVID-19 situation continues to evolve and organizations are having to adjust, Alert Logic is here for you, 24/7. Learn More

Can agents white-list traffic?
Can the Alert Logic agent transport network traffic to the Alert Logic appliance on a customizable port?
Do whitelisting policies in the Alert Logic console get applied to appliances and agents?
Does an agent lose cache data if it is restarted?
Does the Alert Logic agent require a reboot after installation?
How can I handle large-scale deployment of agents?
How can I install an Alert Logic agent on a Linux Auto Scaling Instance?
How can I tell if my agent is directed to an appliance or going straight over Port 443 to Alert Logic?
How do agents auto-update?
How do agents cache data?

Does an agent lose cache data if it is restarted?

Alert Logic® log management Syslog agents do not wipe the cache (/var/alertlogic/lib/agent/cache/slc) if the agent service is restarted.

Log management Windows agents do not cache or buffer data to disk since they read from the Windows event log. However, it is possible to lose cache if there is a Windows event log buffer overflow occurring at the time of restart.

Alert Logic network IDS agents do not send traffic for analysis during restarts and will not capture traffic during the time of the restart. No events can be generated, and thus no new incidents will be generated.

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

Related articles