Limits & Standards
This page lists the various limits and standard operating parameters of LogScale. See Best Practice for the best practices relative to ingest via the Ingest API.
General Limits & Parameters
Below is a list of general limits and parameters of LogScale:
Note
Unless otherwise specified, all multiple-bye data sizes in LogScale are expressed in SI units using decimal (Base 10). For example:
1KB = 1,000 Bytes
1MB = 1,000,000 Bytes
1GB = 1,000,000,000 Bytes
1TB = 1,000,000,000,000 Bytes
| Description | Default Limit | LogScale version |
|---|---|---|
| Character set support | UTF-16 | All |
|
Max number of fields in an event
During ingest, fields are sorted alphabetically by name and the first 1000 fields are parsed, the remainder of the named fields are dropped. Please note that the @rawstring is not modified and will contain all data. | 1,000 | All |
|
Max event size
When the configured event size max is reached, either in
@rawstring and/or in other fields, the
overall data will be truncated. Fields will be removed entirely,
and @rawstring will be truncated down to
the allowed max size with added | 1 MB | All |
| Max file upload size (see Lookup Files) | 2048 MB | All |
| Max tag-key size (not configurable) (see Tag Fields) | 65535 | All |
| Max tag-value size (not configurable) (see Tag Fields) | 65535 | All |
| Max query length in characters | 66,000 | All |
Memory limit for the mapper phase of a
collect() function running as a top-level
function i.e., how much data such a function can store.
| 10 MiB | From v1.79 |
Memory limit for the mapper phase of a
collect() function running in a subquery, or
as a subaggregator to another function i.e., how much data such a
function can store.
| 1 MiB | From v1.79 |
Max number of events in tail(),
head(), and sort()
functions.
| 20,000 | All |
Max number of events in an RDNS request, see
rdns() function.
| — | All |
| Max number of data sources in a repository | 10,000 | All |
Sets the max number of rows that join() and
selfJoin() can return.
| 200,000 | All |
Default value for the limit parameter in
groupBy(), selfJoin()
and some other functions, when not specified.
| 20,000 | All |
Max value for the limit parameter in the
groupBy() function.
| 1,000,000 | All (200,000 up until version 1.126) |
| Max number of results that any query can give. |
100,000 or the value of StateRowLimit, whichever is
largest
| All |
| Max memory, in bytes, a historic/static query can consume during its execution. | 100,000,000 bytes (100MB) | Up to v. 1.115 |
| Maximum amount of memory, in bytes, that a worker node can allocate to each historic/static query during its execution. | 100,000,000 bytes (100MB) | From v. 1.116 |
| Max memory a live query can consume during its execution. | 100,000,000 bytes (100MB) | Up to v. 1.115 |
| Maximum amount of memory, in bytes, that a worker node can allocate to each live query during its execution. It cannot be configured directly. | 100,000,000 bytes (100MB) | From v. 1.116 |
| Maximum memory usage that the query coordinator node can allocate during the execution of a query. The memory limits for static and live queries will be computed to 1/4 of the memory limit of the query coordinator. | 4,000,000,000 bytes (4GB) | From v.1.116 |
Max body size in POST requests after
decompression.
| 32M bytes | |
Max body size in POST requests before
decompression.
| 32M bytes | |
| Limits for GraphQL queries on the total number of selected fields and fragments. | 1000 for authenticated and 150 for unauthenticated users. | From v1.121 |