How occassional spikes in logs count and the consequence?

bbfunde · February 21, 2020, 9:18am

Good day everyone, I am currently testing the one-year free Enterprise license for my organization.

Because we are ingesting firewall logs, and we are afraid occasional DDoS attacks to multiple devices could bring up the logs exceeding the 5GB/day limit.

We understand that there would be a limited number of warnings given before a firm violation judgment.

But what are the consequences of the violation? Incoming logs will be blocked? Or only the enterprise functions will be inaccessible? Or the web interface will be locked? And will the limit recount after some days?

Please help, someone share the experience, or point me to the reference for it.

Thank you all in advance.

jan · February 21, 2020, 10:43am

he @bbfunde

when you violate the license:

only the enterprise features will stop working
after you have not violated the license in the sliding window of 30 days more than 5 times the features will work again.

bbfunde · February 21, 2020, 11:07am

Great help again, thank you very much.

system · March 6, 2020, 11:12am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Graylog 3.1 - Enterprise License Violation Graylog Central (peer support)	9	3350	November 27, 2019
Graylog enterprise expired Graylog Central (peer support)	2	318	March 2, 2022
New License, Violation Too Much Traffic Graylog Central (peer support)	6	889	May 22, 2020
Graylog Enterprise - License Violation Graylog Central (peer support)	3	448	December 16, 2019
License violation problem Graylog Central (peer support)	4	1045	August 16, 2021

How occassional spikes in logs count and the consequence?

Related Topics