If i have an SRX sending data plane security logs in stream mode to an external syslog server, and that server is unreachable for some reason, does the SRX cache or buffer those security logs until the connection is restored? Its seems like i read somewhere that it did with available memory but once that memory buffer was full it would start dropping the messages. I can't seem to find any documentation about what happens to the log messages when the remote syslog system is unavailable.
I know you can configure multiple syslog servers but I am curious what happens if you only have 1.
Thanks for the help.