Limiting amount of logs received daily | Log collection solutions

#1 JC_570223 4 years ago

Hello,

I configured my conf file (comm. edition) with a query for certain event id's. The output works, however, is there a way to prevent every event from creating it's own log file? For instance, create 1 large file for the date vs having 200k+ logfiles daily.

Permalink

#2 rafDeactivated Nxlog ✓ 4 years ago

#1 JC_570223

Hello, I configured my conf file (comm. edition) with a query for certain event id's. The output works, however, is there a way to prevent every event from creating it's own log file? For instance, create 1 large file for the date vs having 200k+ logfiles daily.

Hello,

I'm not sure if I understand you correctly - what do you mean by " every event from creating its own log file"? Did you mean limit/filtering events to be stored?

If the filesize is your issue, you may want to check the filecycle directive.

In case I misunderstood you - please, provide your conf file & bring us more details on your case.

Best regards,
Rafal