Delay in event correlation | US-West
Incident
Report for Alert Logic
Resolved
The outstanding issue with Web Security event correlation delays has also been addressed. In order to re-mediate the issue with Web Security events, traffic collection was paused for two ingestion collectors on the Alert Logic back-end, resulting in no data being received for a number of incident categories during the period of this incident.
All product correlation rates are now back to normal operational levels. This incident is now resolved.
All product correlation rates are now back to normal operational levels. This incident is now resolved.
Monitoring
A fix has been implemented and we are monitoring the results.
Identified
Alert Logic Engineering teams have identified a large increase in traffic to the the Central Processing Platform, causing overall ingestion times to reduce. Steps have been taken to re-mediate the issue and event correlation is now taking place within normal operational levels for Network IDS, Log Management and the Incident API.
Web Security event correlation is still experiencing delays, and the teams are working to resolve the outstanding issues with that product.
Web Security event correlation is still experiencing delays, and the teams are working to resolve the outstanding issues with that product.
Investigating
We are currently investigating a delay in event correlation for Network IDS, Log Management and Web Security products, which is resulting in delayed incident generation. Customers attempting to view Incidents in the Alert Logic console will notice a delay in Incidents being available for review, in addition to real-time data requests via the Incident API.
This incident affected: US-West-1 (Log Management, Web App IDS, Network IDS).