- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
09-28-2016 09:16 AM
I think I read something that said you can configure the PA to shut off logging if the dataplane was running a very high percentage of load and I would also like to be sent an alert if anyone has any information on this process.
09-28-2016 11:58 AM
Hi,
I don't think you can dynamically turn off logging, this is something that you are manually configuring either "on" or "off". Article below will help you to configure email alerts for the high DP utilisation etc:
Thx,
Myky
09-29-2016 03:12 AM
There is a setting under Setup -> Management -> Logging and Reporting Settings -> Log Export and Reporting called "Enable Log on High DP Load". Select this check box if you would like a system log entry generated when the packet processing load on the firewall is at 100% CPU utilization. Disabled by default. Is that what you were thinking of? I don't know of any way you can disable logging under high DP load, but at least this will alert you in case you don't have any other monitoring of your firewall..
09-29-2016 06:23 AM
Well when I think that the choice is enable log on High DP load it makes it sounds like it will continue to log even when the load is high and this was the definition on the machine. But I think this is close to what I was thinking, though my thought was that logging did not continue until the load on the DP reduced, so I am not sure
Enable Log on High DP Load—(Firewall only) Select this check box if you would like a system log entry generated when the packet processing load on the firewall is at 100% CPU utilization.
A high CPU load can cause operational degradation because the CPU does not have enough cycles to process all packets. The system log alerts you to this issue (a log entry is generated each minute) and allows you to investigate the probable cause.
Disabled by default.
09-29-2016 06:32 AM
I could be wrong here, but most of the logging functions happen on the MP, not the DP. If you have 100% DP utilization, disabling logging probably won't do a whole lot to ease the problem.
You're better off directly addressing the cause of high DP utilization, whether it be a DoS attack, applications being tagged as unknown-tcp/udp, using app-override where it makes sense, or looking at a larger platform with more DP resources.
09-29-2016 08:43 AM
Thats a very good point, I just wish I could find the information that suggested it
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!