Auvik has a transfer volume limit that defines how many messages can be sent, in total, for each site. The total transfer volume limit on a site, for the prior 14 days, is 700,000 messages per managed billable device. For example, if you have 3 billable devices on a site, your transfer limit would be 700,000 x 3 = 2.1 million messages.
While you may have more devices than just your billable devices set up to forward syslog to Auvik, your volume limit will still use your total number of billable devices multiplied. For example, if you have 10 devices set up to forward syslog to Auvik but only 3 are billable devices, your transfer limit will still be 2.1 million messages for 14 days.
It’s also important to note that only messages that are processed and retained will count towards your message limit:
- If you enable messages with severity levels 5, 6, and 7 to be processed in Manage Filters, those messages count towards your message volume limit.
- If a device sends messages with severity levels 5, 6, or 7 but you’ve disabled them in Manage Filters, these messages are discarded by the collector and won’t count towards your message volume limit.
What happens if a site exceeds the volume limit?
We understand that spikes happen and you may occasionally exceed your limit. Auvik has a fair usage policy and will continue to process and retain messages even if the site exceeds the limit.
If the number of messages exceeds twice the volume limit and is sustained for more than 14 days, you may see a notification inside Auvik asking you to modify your severity filters or to investigate the issue further. If there’s no change in volume, Auvik may choose to enforce the limit on a site, meaning incoming messages that are over the limit won’t be processed.
Where can I view the current volume?
You can view the total number of logs processed under Syslog - View Usage. The percentage displayed indicates the number of messages processed divided by the calculated limit.