Hi
We have the EPO configured with Kiwi and it works fine for general events, but some times Solidcore sends a SYSLOG event that has to be split up over several log entries and then this hangs the EPO Event Parser. The only solution is to restart the Event Parser service.
We have a SR in with Trellix for this, but it has been months now and they are still working on it. They actually blamed Kiwi at one stage!
Have any others had similar issues ?
