Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

Syslog server: crash when more then 2 million lines a hour

FormerMember

When there are more then 2 million lines a hour , the syslogserver will crash

Add the functionality that it is possible to record more than 3000 lines a second (>11 million lines a hour).

Find more posts tagged with

Status: None

Comments

Aforsythe

At some point, you just need to add another syslog server. If you're processing that many logs you have them going into a database right? And you can have multiple syslog servers writing to the same database so all of your logs end up in the same spot anyway. You can segregate by site or network vs. servers or whatever.

FormerMember

I have only one device that log to the syslogserver, and that device generate about 1000 lines a second. Then it is not possible to split the logs.

csameer

We have a similar problem where the one of the internet firewall was logging more that 8 to 10 Million event per Hour and the Kiwi Syslog server was crashing and had to restart services ever 10 min we want the server better handle the additional flow.

bobmarley

Maybe try adding a load balancer doing round robin up front and add some additional Kiwi's???