I was curious if there is any limitations on the number of rules you can have in Kiwi and if there are any noticeable performance issues when you have a lot of rules in Kiwi?
hope this helps...
http://www.kiwisyslog.com/help/syslog/index.html?rules_maximumrulecount.htm
That is what I needed though I have a few follow-up questions based on that document...
1. That is correct.
2. 100 is a general suggestion. Try increasing the number in small increments. Observe how the memory usage is affected by looking at the process Syslogd_Service.exe.
wait, did you just get Kiwi to move syslog out of the Orion Database and off the Orion server? I just started on that! I am amazed at how many logs per hour are coming in! I wish Orion had a counter like Kiwi's. Let me know if you find any thing you can pass along, I'll do the same. If thats not what your doing, never mind .
LOL We are not moving to Kiwi though I think that may not be a bad idea for some stuff. I am working on a customer project where we will potentially be providing Log Management as a service and Kiwi is one of the potential products for the job. In all honesty I have really been let down by the options out there as far as Log Management goes.
