Version

Argent Advanced Technology 8.0A-1401-D and below

Date

Thursday, 13 Feb 2014

Summary

Argent for Compliance does not fire events for matching SYSLOG messages when combining alerts for log event is enabled (registry COMBINE_ALERTS_ON_LOG_EVENT.

However, SYSLOG messages are archived correctly.

Technical Background

This is caused by a coding error

Resolution

Upgrade to Argent AT 3.1A-1401-E or later.

For customers who cannot upgrade immediately, set registry ‘HKLM\Software\Argent\ARGENT_FOR_COMPLIANCE\COMBINE_ALERTS_ON_LOG_EVENT’ to zero.

However, customers should consider the side effects that Argent for Compliance will fire one alert for each matching log event with this registry key setting.