Documentation forLog Analyzer
Analyzing logs is a key capability of Hybrid Cloud Observability and is also available in a standalone module, Log Analyzer (LA). Hybrid Cloud Observability and LA are built on the self-hosted SolarWinds Platform.

LA agent overload alert

If the LA agent on a remote server becomes overloaded and fails to process events within a designated time (one minute by default), the agent sends a notification event to the Log Analyzer and triggers an alert in the SolarWinds Platform Web Console.

This alert is configured by default and will trigger for Windows events as well as log files: SolarWinds LA Agent: Log File plugin overloaded while reading log entries.

This alert is enabled through a default rule on the Log Processing Configuration page. You can access, view, disable, and enable the alert from the LA Log Viewer toolbar.

  1. In the Log Viewer, click Settings.
  2. In the Processing Policies pane, click to expand Windows Events, and then click Default Logging Rules.
  3. In the rules list, locate Log Analyzer Agent Overloaded - Alert Integration.
  4. Select the check box to view, disable, and enable the alert.

The alert criteria are established in the Global Advanced Configuration settings under LogManagement.WindowsEvents.Settings.

Administrators can adjust the following:

  • Cool down interval: The amount of time to wait before a new Load Monitor alert triggers if the processing delay is still over the limit.
  • Enable alerts: Select the check box to enable alerts.
  • Max processing delay: The maximum amount of time from the reception of an event until the event has been processed by the agent.

The event log displays specific event data in the Entry Details pane, such as the number of unprocessed events and the delay time.