Modify Platform Manager Advanced Properties

Only Global Admins or Restricted Admins with elevated View and Manage privileges can take this action.

The Advanced Platform Manager properties consist of additional properties that are specific to the Alarming and Response Manager (ARM). To set or modify the advanced properties

On the main toolbar, click Deployment Manager.
Click the Platform Manager tab, and then click Properties in the Alarming, Reporting, and Response Manager Services section.
The Platform Manager Properties dialog box appears.
In the lower left corner, click the Advanced button.
The Advanced Properties window appears.

Configure properties as described in the following table.

Make changes to the Advanced Properties with extreme care! LogRhythm recommends that the Data Processor Advanced Properties only be modified with the assistance of LogRhythm Support, or by advanced users who have attended LogRhythm training.

Property	Range	Default	Description
Case API Group
CaseAPIPort		8501	The port on which the Case API service is running.
CaseAPIURL		https://127.0.0.1/	The URL to which Case API requests should be directed.
Engine Group
AE_AlarmInsertTimeout	1-120	5	The amount of time (in seconds) the process that inserts alarms has to complete before timing out.
AE_EventAgeLimit	1-2880	60	The number of minutes old an event is allowed to be for alarming processing. The age is determined by subtracting the event's date minus the most recent event. When the alarming engine starts, the latest event date is set to the most recent event in the system.
AE_GetEventsMaxRecords	1-10000	1000	The maximum number of events the engine should retrieve at a time.
AE_GetEventsTimeout	1-120	30	The amount of time (in seconds) the get events process has to complete before timing out.
AE_MaxAlarmQueueSize	100-10000	1000	The maximum size of the alarm queue. Additional events are not be processed after this size is reached.
AE_MaxAssociatedEventsPerAlarm	1-1000	100	The maximum number of events that will be associated to a single alarm.
AlarmURL		http://localhost/: 8443/alarms/	The base web URL to be used for the SMTP alarm notification email.
AutoRmdnPluginDir			The directory where the Engine deploys SmartResponse plugins for execution.
Main Group
MaxServiceMemory_ARM	512-64000	2048	Maximum memory allowed for the ARM process (in MB).
ProcessPriority	Low-High	Normal	Process priority for the ARM process. 1) Low 2) Below Normal 3) Normal 4) Above Normal 5) High
SMTP Group
SMTP_BatchEmailInterval	1-120	60	How often (in seconds) the ARM should check to see if batch emails are ready to be sent.
SMTP_MaxAlarmsPerBatchEmail	1-1000	100	The maximum number of Alarms to include in a single batch email notification. This system default is overridden by the Maximum Notifications Per Period value in individual Email Notification Policies. For more information, see Create New Email Alarm Notification Policies.
SMTP_MaxLogLength	100-1000	200	The maximum number of characters to print for log messages included in single or batch email notifications.
SMTP_MaxLogsPerBatchEmail	1-1000	3	The maximum number of log messages to print in the content section of an Alarm within a batch email notification.
SMTP_MaxLogsPerEmail	1-1000	10	The maximum number of log messages to print in the content section of a single email notification.
SMTP_MaxQueueSize	100-10000	1000	The maximum number of email notifications that can be pending transmission before new email notifications are dropped.
SNMP Group
SNMP_MaxQueueSize	100-10000	1000	Specify the maximum number of SNMP traps that can be queued for sending. New SNMP traps are not processed after queue size is reached.

To save and return to the ARM Properties window, click OK, or to save your changes and continue working in the active window, click Apply.