[syslog-ng] syslog-ng droping events
Alexander Clouter
ac56 at soas.ac.uk
Fri Nov 10 10:24:21 CET 2006
Hi,
Arya, Manish Kumar <m.arya at yahoo.com> [20061110 01:11:54 -0800]:
>
> Hi,
>
> I have 3 syslog listeners (solaris 10 ) collecting
> log events from about 20,000 devices and fwding them
> on a central syslog box (solaris 10, 16 gb RAM and 3TB
> SAN storage) . the central syslog box stores them in
> oracle db and on filesystem.
>
> I notice that events from many devices are being
> droped on central syslog box.
> I thought it might be because of udp protocol, but
> even after enabling tcp its droping events. I can see
> that events come on listeners boxes (I created temp
> file logs there)
>
> please tell me what could be missing.
>
Munching through the mailing list archives ;)
https://lists.balabit.hu/pipermail/syslog-ng/2006-May/008836.html
Sounds like, what DB monkeys call, 'SQL Exhaustion' or something. You SQL
database is slowing up the whole process...mainly as SQL is not suitable for
*live* realtime processing, thats my opinion though.
Cheers
Alex
> Regards,
> -Manish
>
>
>
> ____________________________________________________________________________________
> Want to start your own business?
> Learn how on Yahoo! Small Business.
> http://smallbusiness.yahoo.com/r-index
> _______________________________________________
> syslog-ng maillist - syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>
More information about the syslog-ng
mailing list