Logger Performance Seems to be Slow
Does anyone have any tips on improving logger performance? I know on the manager you can increase Java Heap and this helps sometimes. We have approximately 6 receivers and 6 forwarders. The logger is very sluggish. EPS is not where I think it should be. Also searches run very slow.
No. We are forwarding to one ESM. The problem is that we need to know which location the data came from once we look in the console. There is a field - I think OriginalHostName that does not get sent from the logger to the console. We can not use the Customer fields because the values are not consistent. So what we did was create six forwarders and named them according to the SourceName which show up as six connectors in the Console. Our users are able to create active channels, dashboards, reports, etc based on AgentID/AgentName of the connector. Do you know of an alternative that would allow us to do this?
I have not worked with the forwarding connector in Logger. Do the forwarded logs include the deviceAddress or deviceHostName fields? If so, those indicate the device that originated the logs and could be used to sort or filter by origin in ESM.