I've been facing this situation regarding to IDM and Sentinel.
I have Identity Manager 4.7.4 and it is configured to send audit events to Sentinel through CEF. Thing is that i'm finding that every once in a while the events are not being sent to Sentinel(consider that Sentinel is always up) and the events are being cached into the file system.
This cached events are not being sent back to Sentinel
Is there any way to force it to sent the events to Sentinel?
Is there any reason or any configuration i'm missing for it not to sent the events automatically?
Thank you so much in advance