Message Router

With the introduction of Privilege Management for Unix and Linux v10.1.0, a Fast Message Router was developed to better cope with high volumes of event and log information. The log server communicates all of its updates to the Message Router, which then logs the audit and log information to the appropriate places, including the event log, the BeyondInsight Event queues, and the SOLR /Iologcloseaction queues. The pblighttpd service, which previously started the REST and Scheduler services, now also starts the Message Router services. If the Message Router is down, the log server stores all of its data in a temporary queue until the Message Router service is available again.


  • Version 10.0.1 and earlier: messageroutersocketpath setting not available.
  • Version 10.1.0 and later: messageroutersocketpath setting available.

This setting defines the absolute path to the Message Router work area, where sockets and temporary files are stored while the Message Router is unavailable.

  • Policy servers
  • Log servers


  • Version 10.0.1 and earlier: messagerouterqueuesize setting not available.
  • Version 10.1.0 and later: messagerouterqueuesize setting available.

This setting specifies the number of temporary queue entries should the Message Router become available. Generally the default is acceptable, however, in large installations with thousands of events logged per second, it may need to be increased. The maximum value is 4095.

  • Policy servers
  • Log servers


  • Version 10.0.1 and earlier: messagerouterclosewait setting not available.
  • Version 10.1.0 and later: messagerouterclosewait setting available.

This setting specifies the maximum time a policy or log server waits, in seconds, for the Messager Router to become available. If it cannot contact the Message Router after this duration, it writes the entries to temporary queues for later processing.

  • Policy servers
  • Log servers


  • Version 10.0.1 and earlier: writequeuetimeouts setting not available.
  • Version 10.1.0 and later: writequeuetimeouts setting available.

This setting specifies the timeouts for various actions for write queue operation. Although we do not recommend that these are changed in most instances, there may be scenarios, usually when hosts experience high load levels, that configuration of these timeouts can improve performance. The timeout operations include:

  • openread
  • openwrite
  • write
  • lock

Each timeout has three elements:

  • The maximum timeout in milliseconds
  • The incremental delay each time the operation is blocked
  • A backoff component that can be used to increase the delay time each time the operation blocks
writequeuetimeouts openread=1000,20,1.2 openwrite=5000,20,1.2 write=2000,10,1.0 lock=30000,50,2.0

No default value

  • Policy servers
  • Log servers


  • Version 10.0.1 and earlier: writequeuepath setting not available.
  • Version 10.1.0 and later: writequeuepath setting available.

The writequeuepath is the absolute path to a directory that will hold all the temporary write queues. This path should have enough disk space to cope with high volumes of data should the message router become unavailable.

writequeuepath /opt/pbul/msgqueue
writequeuepath /opt/<prefix>pbul<suffix>/msgrouter
  • Policy servers
  • Log servers


  • Version 10.0.1 and earlier: writequeuenum setting not available.
  • Version 10.1.0 and later: writequeuenum setting available.

The writequeuenum setting allows the configuration of the maximum number of write queues that can be stored in the event that the Message Router becomes unavailable. The minimum value of writequeuenum is 10 and the maximum is 9999.

This setting should only be increased in the event of contention due to very high load.

  • Policy servers
  • Log servers