Github user JonZeolla commented on a diff in the pull request:
https://github.com/apache/metron-bro-plugin-kafka/pull/2#discussion_r232405800
--- Diff: README.md ---
@@ -144,23 +194,35 @@ event bro_init() &priority=-5
#### Notes
* `logs_to_send` is mutually exclusive with `$pred`, thus for each log
you want to set `$pred` on, you must individually setup a `Log::add_filter` and
refrain from including that log in `logs_to_send`.
+ * In Bro 2.5.x the bro project introduced a [logger
function](https://www.bro.org/sphinx/cluster/index.html#logger) which removes
the logging functions from the manager thread, and taking advantage of that is
highly recommended. If you are running this plugin on Bro 2.4.x, you may
encounter issues where the manager thread is taking on too much responsibility
and pinning a single CPU core without the ability to spread the load across
additional cores. In this case, it may be in your best interest to prefer
using a bro logging predicate over filtering in your Metron cluster [using
Stellar](https://github.com/apache/metron/tree/master/metron-stellar/stellar-common)
in order to lesson the load of that thread.
--- End diff --
As a part of the review process, this improvement was split into #17
---
