This simulates cloud firewall log entries that are arriving as fast as a CPU can process them. The goal of this exercise was to understand how well the log compresses under such a circumstance. Oh, and I felt the need to write a rust program that didn't bear a striking resemblance to those found in "the book".
$ time ./target/release/logen | gzip --verbose >/dev/null
95.2%
real 0m4.909s
user 0m7.587s
sys 0m1.917s
$ ./target/release/logen | gzip -9 --verbose >/dev/null
95.3%
$ time ./target/release/logen | bzip2 --verbose >/dev/null
(stdin): 33.624:1, 0.238 bits/byte, 97.03% saved, 297144041 in, 8837326 out.
real 0m45.347s
user 0m46.122s
sys 0m2.779s
$ time ./target/release/logen | xz --verbose >/dev/null
100 % 11.4 MiB / 285.3 MiB = 0.040 3.9 MiB/s 1:12
real 1m12.719s
user 1m16.609s
sys 0m1.132s
gzip
gives about 20x compression and gzip -9
does not improve it enough to matter. While bzip2
gives almost 33.6x compression, it also took 9 times longer. This translates in going from 200,000 events per second down to about 22,000 events per second. And don't even get me started on xz
(lzma).