Objective
When there is a intermittent connection or loss of communication between the agent and EventLog Analyzer server, the agent can perform offline log collection and store the logs to a data directory of a defined size. Once the connection is reestablished, the logs will be forwarded. This article focuses on step-by-step instructions for enabling the offline log collection mechanism and defining the size of the data directory.
Prerequisites
- You need the administrator role or manage agent custom role for the EventLog Analyzer console.
- Ensure the agent is installed and log collection is happening as intended.
- Ensure the agent communication port (application web port) is enabled bidirectionally. The default ports are 8400 for HTTP and TCP and 8445 for HTTPS and TCP.
Steps to follow
Step 1: Log in to the EventLog Analyzer console.
Step 2: Navigate to Settings > Admin Settings > Agent Administration > Agent Settings in the right corner.
Step 3: Toggle the Enable Offline log collection option to on.
Step 4: Set the Maximum size of data directory value (we recommend setting this to a minimum of 2GB).
Step 5: Choose Save to apply the changes made.
Tips
- Updated settings will be synced with the agent during the sync process of the next log collection.
- Define the storage based on the available disk space in the EventLog Analyzer Agent installation folder.
- This will be applicable for the agent-based log collection log sources.