Coleman Kane

I'll try migrating one of my instances to this sometime over the next week or so and report back with my experience - it might help solve the limitation that...

Seems like DragonflyDB is a decent compromise, along with setting `REDIS__TRIMMING=500000`. DragonflyDB seems to return RAM back to the OS more readily, while it seems like once it gets allocated...

Thanks @pierremahot - I am also suspecting that the issue is a small number of large-size bundles that are ending up in the redis history cache, and stick around for...

Hi @pierremahot - I did some more digging on this tonight, and it appears that what is happening is that it keeps adding new entries to the `stream.opencti` stream key...

Bash script I used to iterate across all entries in the `stream.opencti` in `redis` and write them to individual files on disk for analysis: ```bash export h="0-0" while true; do...

Many of these entries are 100's of kB each, with the largest being 871kB (before the process crashed due to out of memory), and all contain largely redundant information that...

FYI, this should be fixed in PR #1022 - the offending module was the `maec` Python module, which started including `numpy` in one part of it

Might as well drop a mention to https://github.com/Sysinternals/SysmonForLinux/pull/36 in here, as it contains the related changes to the Linux port of Sysmon.

Rebased against current `master` branch, and also updated the version of redlock to latest `1.3.1`

Also not sure what I need to do to clear the "lockfile would be updated" error in the api-tests in the drone CI run. My expectation is I did the...