Video Screencast Help

query refresh timings

Created: 11 Jun 2013 | 2 comments

goodmoring,

 which is the time the clients sends events to the server?

than you.

Operating Systems:

Comments 2 CommentsJump to latest comment

VKalani's picture

They send all the time...that is in real time, unless there is an execution time field specified in the sensor properties.

-VKalani

Milan_T's picture

All appliances / assets integrated with Siem send / fetch logs in real time schenario if it sends logs using push mode(i.e. syslog with udp 514).

In windows server with offbox mode it will take fwe seconds to reach at siem because of pull mode using user request to fetch logs.

If you mention timestamp it will take logs during that perticular time.

In this case real time logs will not fetched instead new logs generated during timestamp will be fetched at a time.