Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2294
Views
5
Helpful
2
Replies

Maximum Log Length settings in ISE

mbotham75
Level 1
Level 1

‎08-17-2020 03:10 AM

Hi,

 

I'm working on an issue with my SIEM partner and they have reported that the syslogs being sent from our ISE installation are being split into multiple messages - this is causing issues when the logs are injested into their system.

 

I have set the maxmimum logs size to is upper limit of 8192 and the issue is still present.  Is there any other way to increase this limit further or are there any other settings I could review that would keep the logs in one message ?

 

ISE is version 2.4 patch 10.

 

Thanks

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎08-17-2020 03:20 AM

that is the best value you can go, what SIEM product, can you provide more information how other product seeing as an issue ( some Logs ?)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

mbotham75
Level 1
Level 1
In response to balaji.bandi

‎08-24-2020 04:38 AM

Example of logs attached - you'll see that the log is in 2 parts when it reaches our SIEM collector.  The format of the underlined bit at the beginning of each is this: “[LOG ID] [NO. OF MESSAGES] [MESSAGE SEQUENCE NUMBER]” – the message sequence starts at 0 to make it more confusing !ISE Log Issue.png

0 Helpful
Customers Also Viewed These Support Documents