Hi All,

I rarely work with linux so please forgive me if this is a stupid question.

I have a server that is successfully onboarded to arc and sentinel.

The server logs are currently being ingested to Sentinel without any issues. However, the server has apache running and I want to ingest the access logs as well.

I have configured the custom logs connector and the appropriate DCR but I am not able to ingest the apache access logs to Sentinel.

I get the following errors in the mdsd logs:

amacoreagent[xxxxxx]: The required instruction sets are not supported by the current CPU.

Failed to connect port 13005 socketId: Data: 130 to AMACoreAgent: Connection refused.

The AMA agent supported OS page does not specifically mention CentOS 7 but it does mention Red Hat Server 7.9 - 10.

SELinux is disabled, the 13005 port is not being used by another service and is allowed to be used, and I've done the basic troubleshooting.

Thank you in advance.

Hi All,

I have a couple of questions that I would be very grateful if someone can help out with!

Our current set up includes sending off not-so-important logs to auxiliary tables. This was of course done with the intention of reducing costs. However, when I go to Settings -> Pricing in sentinel, I can see that there is an overage when I click on the commitment tier that we are currently on.

I got the break down from the team, and even in the csv that I received, I do not see anywhere specifically mentioned as overage.

I have queried the usage table to get the daily usage from all the tables excluding the auxiliary tables and I have no idea how there is an overage as everything is very well within the limit.

1. Does anyone know where I can track the overage from?

2. The Settings -> Pricing page in sentinel only provides the costing and other details specifically for the analytics tier correct?

Thanks in advance.