Th4nat0s / eventlog-to-syslog

Automatically exported from code.google.com/p/eventlog-to-syslog
0 stars 0 forks source link

Ping before #16

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
An enhancement would be to have a "Ping before send" option in case the syslog 
server is temporarily down or otherwise unavailable. This means that the 
evtsys.exe sets a pointer in the evt/evtx logfile and starts reading from that 
position as soon the syslog server comes back up.

Original issue reported on code.google.com by J.E.Hagl...@gmail.com on 16 Nov 2010 at 11:12

GoogleCodeExporter commented 9 years ago
This is possible, but I'm not certain it is very beneficial right now. It can 
put a large load on a server if the syslog server goes down for long periods of 
time and all logs need to be transmitted. The utility can utilize the majority 
of server CPU cycles in such cases. I will put some more thought into this.

Original comment by sherwin....@gmail.com on 17 Nov 2010 at 5:55

GoogleCodeExporter commented 9 years ago
This issue should be resolved with the TCP support that will be rolled out in a 
few weeks. Logs will not be sent to an unavailable server in TCP mode. Logs can 
be buffered for a period of time.

Original comment by sherwin....@gmail.com on 23 Feb 2011 at 5:11