Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Environment

EDR Event Forwarder: 3.8
EDR Server: 7.6.x

Question

Can the Event Forwarder's log rotation time be modified?

Answer

No, the Event Forwarder's log rotation time is hard coded to 00:00 UTC.

Additional Notes

Event Forwarder is using lumberjack log rotating package written in Go and the time is included in the package.
Cron jobs can be added to rotate the logs more often, but continue to rotate at midnight UTC.

Related Content

EDR: Event Forwarder Sending Events with No Type

Article Information

Author:

Creation Date:

‎03-04-2022

Views:

439

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.