Hi,

In the Admin Guide, I read the following statement:

“Check Point recommends using dedicated Log Servers in environments that generate a high volume of logs.”

Could you please clarify what is considered a high volume of logs in numbers in this context?

cpstat mg -f log_server

Log Receive Rate:                   1395
Log Receive Rate Peak:              8585
Log Receive Rate Last 10 Minutes:   2295
Log Receive Rate Last Hour:         1239
Access Session Log Receive Rate:    329
Access Connection Log Receive Rate: 874

Doctor log shows:

Current Logging Rates

Test Result IconOK
Logging Rate/sec	1242
Indexing Rate/sec	1252

Daily Average Logging Rates

Test Result IconOK
Yesterday Avg Logs/sec	280.5
Yesterday Avg Index/sec	147


Yesterday Hourly Average Index/sec:
Domain	Mode	0-1	1-2	2-3	3-4	4-5	5-6	6-7	7-8	8-9	9-10	10-11	11-12	12-13	13-14	14-15	15-16	16-17	17-18	18-19	19-20	20-21	21-22	22-23	23-24
System Data	Files	226	146	119	108	122	123	131	153	145	152	141	153	176	146	149	155	133	142	145	132	138	164	121	120