Click here to expand

    Switching threat stores

    To switch between the two threat stores (in-memory threat store and disk-based threat store) available in EventLog Analyzer, please follow the steps given below.

    Note: In-memory threat store requirements: The in-memory threat store requires a minimum of 2 GB RAM allocated to EventLog Analyzer; of which at least 500 MB should be available for use.

    Prerequisites: Product must be running in order to make the switch.

    To switch from disk-based threat store to in-memory threat store, please follow these steps.

    1. Go to <Installation_folder>\ManageEngine\EventLog Analyzer\bin, open the Command Prompt using Run as administrator, and then execute switchThreatStore.bat for Windows and switchThreatStore.sh for Linux.
    2. A message about current store information and confirmation prompt will be displayed.

      Switching threat stores

    3. Press y and click on the Enter key to continue.
    4. You will see a success message that the threat store has been switched from disk-based to in-memory.
    5. Restart EventLog Analyzer for the changes to take place.

      Switching threat stores

    To switch from in-memory threat store to disk-based threat store, please follow these steps.

    1. Go to <Installation_folder>\ManageEngine\EventLog Analyzer\bin, open the Command Prompt using Run as administrator, and then execute switchThreatStore.bat for Windows and switchThreatStore.sh for Linux.
    2. A message about current store information and confirmation prompt will be displayed.

      Switching threat stores

    3. Press y and click on the Enter key to continue.
    4. You will see a success message that the threat store has been switched from in-memory to disk-based.
    5. Restart EventLog Analyzer for the changes to take place.

      Switching threat stores

    Get download link