Question regarding Log File Monitoring
I want to start monitoring some offsite servers for specific log entries, but I want to confirm how the log file checking is done.
Does the agent only send the lines that match the pattern or does it send all the lines in the log file to the server which then checks for the pattern?
I'm assuming the agent only sends the matching lines, as if it sends the whole log file it could get quite costly bandwidth wise when you start doing this for a lot of servers?
Does the agent only send the lines that match the pattern or does it send all the lines in the log file to the server which then checks for the pattern?
I'm assuming the agent only sends the matching lines, as if it sends the whole log file it could get quite costly bandwidth wise when you start doing this for a lot of servers?
Comment