Hi Nilesh, Graylog is acting as a Elasticsearch node client, which means that it is a normal part of the Elasticsearch cluster and just doesn't store any indexed messages or acts as an Elasticsearch master node.
Since Graylog is essentially a part of the Elasticsearch cluster, it can route the messages to the correct node which will index it, so messages are only sent to one node and not to all nodes in the Elasticsearch cluster. As a part of the Elasticsearch cluster, Graylog also has up-to-date information about the cluster topology, e. g. which nodes are alive and which nodes have left the cluster. Cheers, Jochen On Wednesday, 6 May 2015 15:05:33 UTC+2, Nilesh Date wrote: > > Hi, > > I want to create elasticsearch cluster in my orgnization. But I have some > doubts like exactly how data flows. > 1) Data get upload on both the elasticsearch node at a time ? > 2) Does it get split into both the nodes ? > 3) Does it check first which node is alive and then send data accordingly > that node ? > > please assist. Below is the setup I am considering > > single graylog2 server > single MongoDB server > Two elasticsearch node forming cluster > webinterface on graylog2 server. > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
