Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Environment

EDR: All supported versions
Linux: All supported versions

Objective

Provide information of how to find the sensors with large queue size

Resolution

Logged into EDR console
Go to Sensors page and select the group of sensor to check
Click Export -> Export Visible (or Export All) to download the export CSV
Open CSV and Sort by column "num_eventlog_bytes" for Event queue size check, and by column "num_storefiles_bytes" for Binary queue size check

Related Content

EDR: Aggregate sensor event queue is growing too large
https://community.carbonblack.com/t5/Knowledge-Base/EDR-Sensor-Backlog-Grows-Unexpectedly-Large/ta-p...
EDR: Sensors Queueing Data Despite Checking Into Server

Article Information

Author:

Creation Date:

‎06-20-2022

Views:

768

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.