Hello,
I have a question on how log files are filtered.
I have a large log file. Large as in averaging 80-90 new lines every second. Way above what Zabbix sends (I believe it is capped at 10 lines/sec by the agent). If I want to capture the line whenever ERROR appears I know that I can use:
log[/path/to/my/file.log,ERROR]
However, I am not certain on how Zabbix will handle this. Is the keyword filtered on the Agent side sending only the line with ERROR or will the agent send the entire log file and the server pulls out ERROR? If it is on the agent side is it capable of sifting through 80 new lines every second or is it capped to 10 lines as well?
I believe I remember someone telling me once that it was filtered on the agent side but I can't remember where I heard/read/was told that and have not been able to confirm it. If someone could do so, I would be grateful.
Thanks,
cstackpole
I have a question on how log files are filtered.
I have a large log file. Large as in averaging 80-90 new lines every second. Way above what Zabbix sends (I believe it is capped at 10 lines/sec by the agent). If I want to capture the line whenever ERROR appears I know that I can use:
log[/path/to/my/file.log,ERROR]
However, I am not certain on how Zabbix will handle this. Is the keyword filtered on the Agent side sending only the line with ERROR or will the agent send the entire log file and the server pulls out ERROR? If it is on the agent side is it capable of sifting through 80 new lines every second or is it capped to 10 lines as well?
I believe I remember someone telling me once that it was filtered on the agent side but I can't remember where I heard/read/was told that and have not been able to confirm it. If someone could do so, I would be grateful.
Thanks,
cstackpole
Comment