Critical System Protection

 View Only
Back to discussions
Expand all | Collapse all

Critical system protection seems to reject syslogs traffic for certain ports after a period of time even though respective ports and IP addresses has been opened on global policies

  • 1.  Critical system protection seems to reject syslogs traffic for certain ports after a period of time even though respective ports and IP addresses has been opened on global policies

    Posted Sep 17, 2015 11:54 PM

    Hi Guys,

    i seems to be having some problems recently with SCSP agent installed on a RHEL 6.4 machine. It is meant to be used for as Arcsight smart connector service and therefore syslogs is sent via different ports to the agent machine. However we noticed that syslog traffic for some ports is rejected after some time but no blocked logs is found in manager's log viewer. syslog traffic resume after SCSP unix core policy is disabled and syslog service is restarted on the agent server.

    Wonder if there's anyone who faced similar problems before?