Thread Info
  • State Verified Answer
  • Replies 5 replies
  • Subscribers 3 subscribers
  • Views 1445 views
  • Users 0 members are here
Options
Suggested

IPS live log - 8 Minutes to get logs

lferrara

Dear All,

log viewer is still a pain for me. All the time I switch from Firewall log to Application or IPS, I need to wait 8 minutes to get results.

Community: are you experiencing the same?

Merry Christmas to all.

Regards

Parents
  • 0

    Hi, on my appliances, it opens quickly, but does it delivery data back or an empty view? 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    You are lucky, Luca.

    For application, the list is empty. For the IPS engine, the list is not empty.

    Live log makes me crying, Luca! It is very bad and useless for small appliances. It is not the first one I see where you need to wait or close and open the pop-up log viewer window.

  • 0 in reply to lferrara

    Hello Luk,

    what type of hard drive does have your HW appliance? 

    A similar behavior was observed with the hardware appliance in the case of conventional rotary disks, typically 2.5 "notebook hard drives with 5400 rpm. All Sophos HW appliances have SSDs (only XG86 has 16GB eMMC), so I would assume that developers assume they all use SSDs only. So the developers (in my opinion) do not really try to optimize disk operations during v18 development. And this behavior can be a consequence. 

    I have two pairs of 2.5 "classic 500GB and 1 TB drives on my ESXi hypervisor, and the transition from firewall logs to IPS or application logs is really about one or two minutes for these drives. In the office now for v18 EAP I use XG210 (which has SSD) and there is a transition between the logs in seconds. 

    I don't know if my experience help you solve the problem.
     
    Regards
    alda

     

Reply
  • 0 in reply to lferrara

    Hello Luk,

    what type of hard drive does have your HW appliance? 

    A similar behavior was observed with the hardware appliance in the case of conventional rotary disks, typically 2.5 "notebook hard drives with 5400 rpm. All Sophos HW appliances have SSDs (only XG86 has 16GB eMMC), so I would assume that developers assume they all use SSDs only. So the developers (in my opinion) do not really try to optimize disk operations during v18 development. And this behavior can be a consequence. 

    I have two pairs of 2.5 "classic 500GB and 1 TB drives on my ESXi hypervisor, and the transition from firewall logs to IPS or application logs is really about one or two minutes for these drives. In the office now for v18 EAP I use XG210 (which has SSD) and there is a transition between the logs in seconds. 

    I don't know if my experience help you solve the problem.
     
    Regards
    alda

     

Children
Unfiltered HTML