The memory configuration settings allow you to optimize your logging servers performance. You should adjust these settings based on logging traffic and the amount of memory available to your system. Reasonable values depend on your network.
NOTE: If incoming log events exceed the amount of memory you have allocated on your logging server, the Platform Agents temporarily write events to their Disconnected Mode Cache until the logging server clears its cache. This prevents any logged events from being lost.
Minimum |
The amount of memory the server automatically allocates at boot time to handle logging processes. Because allocating additional memory on the fly can slow down code execution, this setting should represent the minimum amount of memory needed to handle your systems baseline level of logging traffic. Pre-allocating the minimum amount of memory required by your system reduces additional blocking delays when the system is under high load and facilitates faster processing of incoming events.
|
Normal |
The amount of memory the server can immediately allocate if logging traffic exceeds the Minimum memory setting. In organizations that require high-performance logging, this parameter should be set high enough to accommodate peak loads. For organizations that must minimize potential data loss, the Normal cache setting should be very small. While this may slow performance, it minimizes the amount of data that may be lost in the event of server failure.
|
Maximum |
The maximum amount of memory that can be allocated to logging processes. Setting a maximum prevents Nsure Audit from monopolizing the servers resources. Ideally, this should be set close to the Normal memory setting. If logging traffic exceeds the Normal memory setting, the server incrementally increases the logging cache 4KB at a time (4KB is the amount of memory required to process a single event). Once the Maximum memory allocation is reached, the server begins dropping Platform Agent connections. If the logging server drops its connection, the Platform Agent simply logs events to its Disconnected Mode Cache, thereby ensuring no information is lost. When free cache is available, the logging server once again accepts Platform Agent connections.
|
For more information on logging server settings, see Configuring the Secure Logging Server.
For more information on using Nsure Audit, see Nsure Audit Help.
A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.