Thanks Jochen. Its very useful information. Can someone please tell me required configuration for graylog setup(If single elastice search node is enough or Do I need to have cluster). Currently we have 150+ servers which will be sending logs(apps/system) to graylog. Along with that we need to send network logs as well.
Thanks in advance. On Wednesday, 6 May 2015 21:20:17 UTC+5:30, Jochen Schalanda wrote: > > Hi Nilesh, > > Graylog is acting as a Elasticsearch node client, which means that it is a > normal part of the Elasticsearch cluster and just doesn't store any indexed > messages or acts as an Elasticsearch master node. > > Since Graylog is essentially a part of the Elasticsearch cluster, it can > route the messages to the correct node which will index it, so messages are > only sent to one node and not to all nodes in the Elasticsearch cluster. As > a part of the Elasticsearch cluster, Graylog also has up-to-date > information about the cluster topology, e. g. which nodes are alive and > which nodes have left the cluster. > > Cheers, > Jochen > > On Wednesday, 6 May 2015 15:05:33 UTC+2, Nilesh Date wrote: >> >> Hi, >> >> I want to create elasticsearch cluster in my orgnization. But I have some >> doubts like exactly how data flows. >> 1) Data get upload on both the elasticsearch node at a time ? >> 2) Does it get split into both the nodes ? >> 3) Does it check first which node is alive and then send data accordingly >> that node ? >> >> please assist. Below is the setup I am considering >> >> single graylog2 server >> single MongoDB server >> Two elasticsearch node forming cluster >> webinterface on graylog2 server. >> > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
