I've had a lt of problems this week exporting logs to CSV, so I wanted to see if anyone has any suggestions as to what i'm doing wrong!

The first request was for all logs relating to a single user logging on/off the VPN going back as far as possible. I wrote a quick query to check I was getting the correct logs, which I was, then applied a date range. The first issue was it would only show me logs in the last 3 months, so I checked the log config and found it saves logs for 365 days but only saves indexes for 90 days. So, accepting that, I adjust the time frame to 90 days relative to today and get the logs. Then I ask it to export them to CSV, and I waited, and waited, and waited. After 20 minutes I gave up waiting, assuming it's gone wrong, and tried again but got an error saying a problem with the query and nothing else then worked on the logging side. I restarted the EV system and tried again, this time I got called away to do something else and came back a couple of hours later to find the message saying it was available to download!

So it's taking a significant amount of time to do what I would think is a relatively simple export. (management server is a VM with 8 cores and 16Gb Ram)

If anyone has a better way to get this info in a report i'd be very interested.

Now today, different customer, different criteria, but similar issue!

This time I want all logs for a 1 hour time period, simples, but it took nearly 20 minutes to create the export!

Is this right and to be expected, or am I missing something?

Any pointers greatly apriciated!