logger large memory usage

Bowen_Li · May 8, 2017, 2:16pm

Hey all,

Im running a bro cluster in 10G network, writing logs to redis server directly use plugins, when the cluster is running, the memory usage of the logger has been growing larger and larger(hundreds of Gb), seems like the logger cannot handle the huge number of the log messages, so the question is whats the processing capacity of the logger? In my case, 25000 msgs/sec to redis. And why not use more loggers in one cluster but only one?

Any insight would be helpful.

Bowen Li

Bortoli_Tomas · May 9, 2017, 8:36am

I might be wrong but using Redis you can’t store more than your actual RAM capacity
Check out: https://redis.io/topics/faq

Hope this helps,
Tomas

Azoff_Justin_S · May 11, 2017, 6:22pm

Multiple loggers is something that is being worked on. broctl git repository has initial support for running more than one worker on a cluster. It doesn't really work right if you are logging to files, but if you are using kafka or redis to aggregate logs it will work fine.

Topic		Replies	Views
Logger Child Memory Leak (logger crashing often) Zeek	5	96	May 6, 2022
cluster manager crash Zeek	7	83	May 6, 2022
Redis Log Writer Zeek	2	82	May 6, 2022
Why does my logger keep crashing - bro version 2.6.3 Zeek	8	139	May 6, 2022
Logging and memory leak Zeek	10	67	May 6, 2022

logger large memory usage

Related Topics