High-Speed Logging (HSL) Configuration

High-Speed Logging (HSL) is used to efficiently distribute and manage logs, ensuring quick and reliable log delivery without overloading the system. Here’s how you can configure HSL:

  1. Configure a Log Collector Server-Pool:

    • Create a pool of servers that will handle the logging requests. These servers will receive logs from the system.

  2. Configure a Remote High-Speed Logging Destination:

    • You need to define a remote destination for log distribution and load balancing.

    • For the Distribution field, you can select from three choices:

      • Adaptive: Logs are sent to the first available pool member. If performance degrades or the member is unavailable, the system will switch to the next available member.

      • Balanced: The logs are distributed using the Load Balancing Method defined for the pool.

      • Replicated: Logs are sent to all available pool members to ensure redundancy.

  3. Configure a Formatted Logging Destination to Point to “Syslog”:

    • Define a destination where logs are stored, such as a Syslog server, for centralized log management.

  4. Configure a Log Publisher to Determine the Source Log Initiator:

    • The log publisher specifies which source or system initiates the log generation, such as a security event or transaction.

  5. Configure a Log Filter to Tune the Log Publisher:

    • A log filter can be applied to refine what gets logged. This helps avoid excess logging and focus on critical security events.

Last updated