Home

Forums
       Operations Manager
       MP Development
       Config Manager
       CP Development
       Data Protection Mgr
       Essentials (SCE)
       Hyper-V
       SCVMM
       Service Manager
       Cross-Platform
       Opalis

Articles
       Operations Manager
       MP Development
       Config Manager
       CP Development
       Data Protection Mgr
       Essentials (SCE)
       SCVMM
       Hyper-V
       Virtualization
       Service Manager
       Cross-Platform

Web/Podcasts
       Virtualization
       Essentials (SCE)
       SCVMM
       Hyper-V
       Data Protection Mgr
       Operations Manager
       Config Manager

Downloads
       Operations Manager
       Config Manager
       Data Protection Mgr
       Essentials (SCE)
       SCVMM
       Scripts
          Samples (SCOM 2007)
       Service Manager
       Cross-Platform

Pack Catalog
       MP Catalog
       CP Catalog
       Mgmt Pack Extensions Contest

WIKI

Community
       Blogs
       Community Feedback
       Events

User Groups
       Arizona Systems Management User Group
       Atlanta Systems Management User Group
       Microsoft Enterprise Management User Group (Denver
       System Center Professional's User Group of Jax (Fl
       New York System Center User Group
       Portland EPG System Center User Group
       Northwest System Center User Group (Seattle)
       System Center User Group (Netherlands)
       System Center User Group (Belgium)
       System Center User Group (Malaysia)
       System Center Virtual User Group
       Powershell Virtual User Group

RSS
       Support Forum
Unix/Linux Log File Monitoring - How does it work?
Home  » Operations Manager  » Unix/Linux Log File Monitoring - How does it work?

Unix/Linux Log File Monitoring - How does it work?
Posted: Wed, Dec 23, 2009 10:47 PM :: Rank: 23
Author
Points: 270
Level: System Center Hero

I am setting up linux log file monitoring, but I want to understand how it functionally works.  I cannot find a good explanation anywhere.  My concern is large log files.  Is there a recommended log file size limit for most efficient operation?

Once the monitor is set up,  how is it actually monitored by the cross plat agent.  Does the agent scan the entire file every "X" amount of time?  Does it maintain a tail on the log watching for the regex coming through?  If the agent scans the log every so often I would anticipate increased overhead due to large log files.

Anyone have a good explanation for me?  What can I expect as way of performance for large log files?
   Report Abuse
Re: Unix/Linux Log File Monitoring - How does it work?
Posted: Thu, Dec 24, 2009 1:23 AM :: Rank: 5
Author
Points: 7035
Level: System Center Specialist
I am not sure how large your log files is but, agent is not scanning whole log file over and over. It puts the check mark after each scanning so, it maintains tails. In our environment we have almost 40 AIX and Solaris server and we are monitoring log files, for example; Hardware errors, authentication failure, some custom script outputs, backups and etc. only issue so we have seen on Solaris Sparc5.9 average 10-15% CPU usage on a very busy DB server. Except that everything is pretty stable.
   Report Abuse

Home  » Operations Manager  » Unix/Linux Log File Monitoring - How does it work?
Tag Cloud
Quick Links
Top Contributors
Featured Members
Pete Zerger
Points: 41211
Level: System Center Expert
Simon Skinner
Points: 30429
Level: System Center Expert
Tommy Gunn
Points: 29964
Level: System Center Expert
Stefan Koell
Points: 20109
Level: System Center Expert
Tenchuu
Points: 15261
Level: System Center Expert
    
Copyright 2009 by System Center Central