Alert sentry latency (NETIQKB71094)

  • 7771094
  • 06-Jun-2008
  • 11-Jun-2008

Environment

Security Manager 6.0

Situation

Alerts are taking five minutes before being picked up by the alert sentry.

Resolution

To recreate the registry keys for alert sentry polling go to HKEY_CURRENT_USER\Software\NetIQ\Security Manager\IMC

1. Create a 'Count' DWROD value at the 'Databases' level.

2. For each of the database, starting with zero, create a separate key under IMC. e.g. Database0

3. Under the 'Database0', create the following 4 keys,
 'Active' - DWORD - 1
 'Default' - DWORD - 1
 'Name'  - REG_SZ - The name of the one point database server with Instance if applicable.
 'Refresh' - DWORD - The refresh interval in seconds.

I have added the sample key. You can compare that with your machine and figure out what needs to be done.

[HKEY_CURRENT_USER\Software\NetIQ\Security Manager\IMC]

[HKEY_CURRENT_USER\Software\NetIQ\Security Manager\IMC\Database0]
"Name"="onepoint_db_server"
"Default"=dword:00000001
"Active"=dword:00000001
"Refresh"=dword:0000001e

[HKEY_CURRENT_USER\Software\NetIQ\Security Manager\IMC\Databases]
"Count"=dword:00000001

[HKEY_CURRENT_USER\Software\NetIQ\Security Manager\IMC\Settings]
"FirstTime"=dword:00000000
"Autorun"=dword:00000000
"Sound"=dword:00000001

Cause

The default refresh rate is 5 minutes. And there are registry keys to override it. Unfortunately these keys were created and maintained by IMC and when we removed IMC in 5.6, these keys went away. So if you really want to override the default value, the registry key will need to be recreated.

Additional Information

Formerly known as NETIQKB71094

Feedback service temporarily unavailable. For content questions or problems, please contact Support.