Hello forum,
I'm looking for any whitepapers/recommendations available about configuring the logging. I know the basics but some more fine tune required. As of now on one of my UTM servers are ~3.500 users connected and generates http log in size of 3.5-5.5 GB/day. Which seems to be a bit high volume and also I lost the ability of live viewing via the GUI (the free space on the /root partition is ~2.2 GB and if I try to open a log file bigger than the free space it eats up all the disk and perform a fail over to the passive node. Which is expected as the size of the log file is much bigger than the free space. I know I can use a syslog server for this, but looking for fine tune methods. Like not logging where the authentication is in skip list or so.
Or is this something more or less normal behaviour and need to focus on the syslog part?
This thread was automatically locked due to age.
