USM Anywhere Service Issue With Syslog Events Appearing As Generic Events
Incident Report for USM Anywhere
Resolved
The fix has been rolled out to all customer sensors and is verified to be working. Further syslog events will be detected normally. If you have further issues after this point, please contact AlienVault Support.
Posted 4 months ago. May 10, 2018 - 13:41 UTC
Monitoring
The update to fix the syslog issue has been released. We are now monitoring the situation to ensure all customers have been updated appropriately.
Posted 4 months ago. May 10, 2018 - 12:45 UTC
Identified
The issue has been identified and a fix developed, and is being thoroughly tested now. Assuming testing is successful, we anticipate rolling out sensor updates in the early AM Central time to correct the issue, but we will let you know when we have a solid timeframe.
Posted 4 months ago. May 10, 2018 - 03:23 UTC
Investigating
There is an issue with the USM Anywhere service's handling of syslog events.

This Tuesday's ( May 8) release of USM Anywhere introduced an issue with the processing of non-standard syslog packets. The issue presents as all such syslog packets getting ingested into the system as Generic Events. This behavior could impact some functionality such as reporting and alarm generation.

AlienVault technical staff is working on a fix. You can monitor the USM Anywhere status page (status.alienvault.cloud) for further developments. We will continue to send you additional information as we work to resolve the issue.
Posted 4 months ago. May 10, 2018 - 02:24 UTC
This incident affected: USM Anywhere Service.