High-Speed Logging (HSL) Configuration

High-Speed Logging (HSL) is used to efficiently distribute and manage logs, ensuring quick and reliable log delivery without overloading the system. Here’s how you can configure HSL:

1. Configure a Log Collector Server-Pool:

   • Create a pool of servers that will handle the logging requests. These servers will receive logs from the system.

2. Configure a Remote High-Speed Logging Destination:

   • You need to define a remote destination for log distribution and load balancing.

   • For the Distribution field, you can select from three choices:

     • Adaptive: Logs are sent to the first available pool member. If performance degrades or the member is unavailable, the system will switch to the next available member.

     • Balanced: The logs are distributed using the Load Balancing Method defined for the pool.

     • Replicated: Logs are sent to all available pool members to ensure redundancy.

3. Configure a Formatted Logging Destination to Point to “Syslog”:

   • Define a destination where logs are stored, such as a Syslog server, for centralized log management.

4. Configure a Log Publisher to Determine the Source Log Initiator:

   • The log publisher specifies which source or system initiates the log generation, such as a security event or transaction.

5. Configure a Log Filter to Tune the Log Publisher:

   • A log filter can be applied to refine what gets logged. This helps avoid excess logging and focus on critical security events.