I’m using Logwatch to catch messages in the secure Log on Linux hosts. There are only a few patterns configured, but the logfile itself can get pretty big.
I then get the (critical) message “unacknowledged messages have exceeded max size, new messages are dropped (limit 500000 Bytes)”
The filesize (plugin config) is already set to ~600MB. In WATO config I adapted the “Maximum number of cached log messages” value in the Monitoing Core section by factor 10 and ended up setting it to ‘0’. This doesn’t make any difference, I still get the critical message.
Am I missing some other parameter that must be adjusted? Does the agent or the monitoring core generate this message? My guess is the latter.
The Checkmk Version is currently: 1.5.0p19 (ent)