Hi, We are using several instances of syslog-ng OSE to send logs to SIEM. Of course, I'm using diskbuffer and throttle to limit the number of logs sent and keep my licensing happy :) However, every time when I change the config and reload syslog-ng it seems all the logs in the disk buffer is sent in once, so there is some event drop in SIEM Is there any way to avoid this? Here is my relevant part of the config destination d_siem { network( "xxx.xxx.xxx.xxx" port(514) suppress(5) throttle(500) frac_digits(0) log_fifo_size(500000) time_zone("Europe/Budapest") persist-name("siem_standard") transport(tcp) disk-buffer( mem-buf-length(2000) disk-buf-size(50000000000) reliable(no) dir("/data/syslog-ng/diskbuffer") ) ); }; Thanks Laszlo