Carlos E. R. wrote:
On 2016-03-02 18:37, Per Jessen wrote:
Anton Aylward wrote:
In a corporate setting logging of activity is important. But writing to a file is slow. Some of the higher end activity analysers used by, for example, banks, to detect suspicious (read: 'nefarious') activity end up writing to a database. perhaps that's faster.
Almost certainly not. It's the same data that needs to end up on disk, adding a database to the mix will slow it down, but make analysis and structured access easier.
That's it. It is machine reading without needing to parse the results what is faster, because it is already "parsed", so to speak.
In fact, reading (dumping) the systemd journal is terribly slow because (educated guess) heavy on disk fragmentation. Unless the HD is an SSD.
Yes, I remember reading something about at some point. I don't use the journal myself, I always run syslog-ng. -- Per Jessen, Zürich (1.4°C) http://www.dns24.ch/ - free dynamic DNS, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org