This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Knowledge Base Archive
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to purge the VLC shovel queue in RSA Security Analytics

Article Number

000031813

Applies To

RSA Product Set: Security Analytics
RSA Product/Service Type: Virtual Log Collector (VLC), Security Analytics UI
Platform: CentOS

Task

This article addresses how to purge the data in the data queues if they utilize the bandwidth between a remote Log Collector and a Local Log Collector.

Resolution

To purge the data in the shovel queue, follow the steps below.
  1. Connect to the Virtual Log Collector (VLC) via SSH as the root user.
  2. Issue the command below.

curl -s --user 'admin:netwitness' 'http://<VLCIP>:50101/event-broker?msg=purge&force-content-type=text/plain&expiry=600&<shovel.queue.name<%20%20>>'

Where:
  • VLCIP = The Virtual Log Collector IP address
  • shovel.queue.name = The shovel queue name that you want to purge. You can get that from the explore view of the VLC as per snapshot below
  • This example assumes using the default admin password.
Image descriptionImage description




 

Notes

Remember to replace the *underscore* "_" with the *dot* "." as per the command above.
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2021-04-23 09:41 AM
Updated by:
Administrator Administrator

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.