It looks like it is not  5min  but 15min

here is from cloud_proxy.elg  end of one request to push changes to gateway and start of the other

04/10/24 18:39:36,063 INFO ida.api.IDACpridRequestSenderClient [gateway-updater_CP1]: Response from gw xx.xxx.xxx.xxx is 'OK'
04/10/24 19:43:35,344 INFO ida.api.IDACpridRequestSenderClient [gateway-updater_CP1]: Sending update to gw xx.xxx.xxx.xxx: #!/bin/bash

one set of objects were changed at 04/10/24 19:29, and the other at 04/10/24 19:35

(there were no more changes since last push at 04/10/24 18:39)

Where can I look for this push interval value?

I thought there was command to check it, but I could be wrong.

Andy

there are only 2 gateways where these objects used in the policy rules

here is from vsec.conf

# delay time between GW update cycles
enforcementUpdateIntervalTime=10

# TTL (mins) for objects expiration on GW in case
# there are no updates from the Controller
enforcementSessionTimeoutInMinutes=10080

autoUpdateIntervalInSeconds=30

# max number of GWs to update concurrently
enforcementThreadPool=5

# Generic Data Center scanner config
ctf.scannerInterval=60
ctf.deleteTemporaryFiles=true
ctf.ignoreInvalidContent=false
ctf.scanningLogsOn=false
ctf.scanFlatListFiles=false

I suppose this parameter ( ctf.scannerInterval=60 ) determines push interval. So it should be 1min.

here is a full timeline from another test:

05/10/24 20:23  - Object changed,  1 IP address (lets say it 192.0.2.2) added 

05/10/24 20:38  - Object changed,  IP address removed (the same as was added 15min ago, i.e. 192.0.2.2)

05/10/24 20:40 - Changes detected and pushed to gateways but with IP address 192.0.2.2 that was added 17min ago and removed 2 min ago

05/10/24 20:49 - Changes detected and pushed to the gateway with IP address  192.0.2.2 removed

No other Generic Datacenter objects where changed during that period, so no interference from other changes.