Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Working With Log Files > Collating event log files
Collating event log files
Help | Content Gateway | Version 8.1.x
You can use the log file collation feature to keep all logged information in one place. This allows you to analyze Content Gateway as a whole rather than as individual nodes and to use a large disk that might only be located on one of the nodes in a cluster.
Content Gateway collates log files by using one or more nodes as log collation servers and all remaining nodes as log collation clients. When a node generates a buffer of event log entries, it determines whether it is the collation server or a collation client. The collation server node simply writes all log buffers to its local disk, just as it would if log collation were not enabled.
The collation client nodes prepare their log buffers for transfer across the network and send the buffers to the log collation server. When the log collation server receives a log buffer from a client, it writes it to its own log file as if it were generated locally. If log clients cannot contact their log collation server, they write their log buffers to their local disks, into orphan log files. Orphan log files require manual collation. Log collation servers can be stand-alone or they can be part of a node running Content Gateway.
 
Note 
 
Note 

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Working With Log Files > Collating event log files
Copyright 2016 Forcepoint LLC. All rights reserved.