Hello,

I have a mid-size installation of Eventlog (11.03, I will update it soon), with around 400 Windows servers to monitor and 10 Domain Controllers (also with AdAudit) and I need to add soon a bit more servers/devices/file servers. The VM hosting both product have 8 core and 16GB

All, Domain Controllers and Servers are on AdAudit, so I have some questions:

1- Do I need to optimize AdAudit or Eventlog Analyzer in order to improve performance?

2- Is it normal to have a the cpu between 80% and 100% of load with this number of Servers to monitor? It's the Java process of Eventlog that consume much of these resources

3- Except of wrapper MaxMem and java comand line parameters, there are other optimization possible?

4- If I plan to not use correlation, is it possible to disable it? Does it free some cpu resources or is it negligible?

Many thanks

Manuel