This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

O365 event not collect each events

Hi All

 Base my revious discuss about O365  file rotation interval . I change it to 600 (10 mins) to fast check testing event.

then I create O365 policy....each policy set monitor All events.

Then I test common testion cenarios like mail move/delete , user delegation(send as / send on behalf)  in 10 mins.

But I find these testing events ....sometimes could be receive...sometimes not receive (I have wait 1 hours). 

Who has use O365 module to monitor Exchange Online ??

Wencheng

Tags:

  • 0  

    Hi Wencheng,
    Could you please provide few details to fix this issue?
    May I know the addon agent install OS version?
    After the Change Guardian server upgrade is CG agent upgraded?

    Thanks,

    Suresh S.

  • 0 in reply to   

    Hi

        the CGAppliance is refresh install ...6.2 then using offline patchcd to upgrade to 6.2.0.2

    after appliance upgrade to 6.2.0.2, I start testing

    the agent install to Win10 x64 2004 version (Chinese tranditional version.)

    Yesterday, I find it has a problem that I saw at old version.it is easy random hangup (not process CEF log...like my lab..the registry show it process date at 2 days ago...the CEFlog still generate in 2 days.)

    Wencheng

  • 0   in reply to 

    Hi Wencheng,

     

    Thanks for providing this information,

    Looks like you have installed an event collector on windows 10 workstation (Win10 x64 2004 version (Chinese traditional version). Currently Change Guardian event collector addon not supported on this OS version. Please find below supported OS version

    • Microsoft Windows Server 2019
    • Microsoft Windows Server 2016
    • Microsoft Windows Server 2012 R2

    For more information on system requirements please find below the link for reference

    https://www.microfocus.com/documentation/change-guardian/6.2/change-guardian-6-2-system-requirements/change-guardian-6-2-system-requirements.html

    Install the Event collector addon on supported OS and make sure CG agent also should be installed on the same machine.

    Feel free to post back to us if you need further assistance

    Thanks & Regards,

    Suresh S.

  • 0 in reply to   

    Hi Suresh

         I install another WIn2016 (New Install)  to replace previous addon agent (Win10 2004, I have uninstall this workstation)

    But the result still same ==> it still stuck and no process later "done" files as screenshot

    you could see the registry , it process at 2022-03-24-13-34.cef , the OSs's clock is PM2:53. it still has 6 done files need process to import..

  • 0   in reply to 

    Hi Wencheng,

    Could you please confirm this, After 2022-03-24-13-10.done.cef  (86KB) file is there any events processed from O365?

    Thanks,

    Suresh S.

  • 0 in reply to   

    Hi Suresh

        this screenshot is 2022-03-24-13-34-10 (86KB).

    it indeed be processed and import to CG Appliance.

    But now it stuck on this file , no process next other files.

    Wencheng