I have received a few questions around what the different statuses mean on the Event Forwarding page. While I have covered Event Forwarding in the past, I realized I do not talk about the statuses. In this post, I will close the gap.
Three different statuses are possible:
- Active — this means event forwarding is configured, events are being received that match the given defined filters and the remote destination is online and successfully accepting events. With this status, it is clear to see that events are being forwarded, though it does not confirm that the filters are matching the desired events.
- Idle — this means event forwarding is configured, but no events are being received that match the given defined filters. While this status may be normal for event forwarding that matches only a small subset of the ingested events, like the active status the filters need to be verified.
- Pending — this means event forwarding is configured, events are being received that match the given defined filters, but the remote destination is either not online or not successfully accepting events. This status indicates an issue that requires investigation. While the issue may be transient, depending on the length of the unavailability events may be dropped. The reason why I recommended increasing the disk cache in my original event forwarding post was to better address this situation.
© 2015, Steve Flanders. All rights reserved.
