Cuando ePO está configurado para reenviar eventos a un receptor syslog, se reenvían tres copias de cada evento.
Si el registro de depuración (nivel de registro 8) está habilitado en el servidor de ePO, verá mensajes similares al siguiente registrados en el archivo
EventParser_systemname.log (
<ePO installed folder>\DB\logs):
20220614112238 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(274): SSL callback, where = 0x00000010, ret = 1
20220614112238 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(312): SSL_CB_HANDSHAKE_START
20220614112238 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(274): SSL callback, where = 0x00001001, ret = 1
20220614112238 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(282): SSL_CB_CONNECT_LOOP
20220614112238 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(274): SSL callback, where = 0x00001001, ret = 1
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(282): SSL_CB_CONNECT_LOOP
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(291): SIO_getsockopt(2276, SO_RCVTIMEO ) returned 0, value=10000
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(274): SSL callback, where = 0x00001001, ret = 1
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(282): SSL_CB_CONNECT_LOOP
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(291): SIO_getsockopt(2276, SO_RCVTIMEO ) returned 0, value=10000
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(274): SSL callback, where = 0x00001001, ret = 1
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(282): SSL_CB_CONNECT_LOOP
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(291): SIO_getsockopt(2276, SO_RCVTIMEO ) returned 0, value=10000
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(274): SSL callback, where = 0x00000020, ret = 1
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(317*): SSL_CB_HANDSHAKE_DONE*
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(323): SIO_setsockopt(2276, SO_RCVTIMEO, 0 ) returned 0
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(274): SSL callback, where = 0x00001002, ret = 1
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(197): ** Handshake success*
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(241): Peer cert chain count: 1
==============================================================================================================
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(409): Wrote 3201 SSL bytes, trying to write 3201 bytes to 10.10.10.100:6514
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(151): Using cached connection for 10.10.10.100:6514
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(409): Wrote 3201 SSL bytes, trying to write 3201 bytes to 10.10.10.100:6514
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(151): Using cached connection for 10.10.10.100:6514
20220614112239 X #04980 MFEFIPS mfefips_SSLSubSys.cpp(409): Wrote 3201 SSL bytes, trying to write 3201 bytes to 10.10.10.100:6514
==============================================================================================================
The important part here is the same number of bytes are written three times to the same IP address in rapid succession. In the syslog system, three identical copies of the same event are recorded.
