Re: Issues with Microsoft Exchange On-Premise EWS ...

danieldelacasa · ‎10-19-2020

Hi,

We are using Microsoft Exchange On-Premise EWS app version 2.0.29 (Upgraded from 2.0.17) and we are experiencing some issues with Polling.

First of all the "oldest first" parameter seems to work as "latest first" and the "latest first" works as "oldest first".

Secondly the Scheduled/interval polling is working this way (more or less in every single test I have made):

- First iteration: brings the Max emails per scheduled polling.

-Second iteration: brings the first iteration number of emails.

-Third iteration: brings the max emails per scheduled polling.

-After that it does not bring any more emails despite the fact that there are more pending emails to bring.

As well it seems that there is a cache when I try the same emails and there are some emails missing when I execute the Scheduled polling over the same set of emails.

Can you help please?

Thank you!

WalshyB · ‎01-05-2021

Hi,

Have you tried the previous version 1.0.105? We raised a support case for the latest version for similar issues and they are looking into a fix as the state file isn't filled out correctly.

Oldest first for us didn't work at all, so we had to use latest which puts everything out of order.

carl72086 · ‎12-26-2020

Hey,

For app related issues, you can try reporting it Phantom Support / or to the developer of the App.

In the meantime, just revert to the working app version while the issue is being identified / fixed in the newer version.

Issues with Microsoft Exchange On-Premise EWS polling

troubleshooting

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases