Hi Anant, On Tuesday, 18 October 2016 14:10:45 UTC+2, Anant Sawant wrote: > > Q1. Does Graylog stores all the logs pointed to it in elasticsearch? >
Yes. > If we have sent 1gb of logs from x.x.x.x to y.y.y.y, does it mean that 1gb > of the same logs are also stored onto the y.y.y.y elasticsearch. > Yes, although it will require more than 1 GB of disk space because of secondary data structures like the inverted index for full-text search. Q.2 If the logs are stored into elasticsearch, where are they stored into > elasticsearch? > The messages are stored in the Graylog-managed indices in Elasticsearch (index names beginning with elasticsearch_index_prefix <https://github.com/Graylog2/graylog2-server/blob/2.1.1/misc/graylog.conf#L245-L246> ). Q.3 Or if the logs are not stored in graylog does it only stores the > pointers to the location from which the logs are stored and where are the > pointers stored? > See previous answers. Cheers, Jochen -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/a4ed7e14-ef9d-4598-ac8a-3e3aceb1d294%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
