I'm curious what the recommended max number of "Log Entries" are in one Log Analyzer Rule? How many strings are too many?
That is an interesting question ... I will have to ask the team if there is any limit or a number that is reasonable to keep it under.
I should have asked... Do you already have a rule with quite a lot of them that isn't working or is the question more theoretical in nature?
I have a rule with about 75 different strings in them, and the website freezes when trying to load it, but eventually will load everything. I also have a support case open for this but after 2 days, no one has touched it yet. One rule i need to create has about 399 entries to look for, and in creating one that needed approx 200, i broke it out in chunks of 50 when 70+ seemed unmanageable.
Can you send me the ticket number so I can check on the progress of the case?
Can you be a bit more specific about the nature of your rule? If there are 400 variations on the log message is that really all tracking back to a single type of issue or is this lots of different situations?
Ticket 00439036. So far they just requested more time to look into it.
Thanks. I'll keep an eye on that ticket.
