I want run graylog as root user:
And change "setuid" and "setgid" from "graylog" in
"/etc/init/graylog-server.conf" to "root" and from "graylog-web" in
"/etc/init/graylog-web.conf" to "root" too. After I change back to
"graylog" and "graylog-web" respectively.
But now, if i run search for last week, graylog cant see my indicies up to
16 september. I see only new entries, which received after i back up
setuid/setgid settings. Additionaly, because only up to 16 september i cant
see and see more old indicies, that depend on how graylog been install. Up
to 16 september he run manual, from tar folder. After 16 september i
install it from deb packages and because i think i can see from this date
entries. How it may depend? I dont now.
My question is: How i tell graylog do search in all indicies? Lost for one
week entries not very good way.
Also my "rotation_strategy" was "time" and set in 1 day. With this setting
I see strange time range of indicies.
Now i change to count, with it no have this problem.
Thank for answer to all.
<https://lh3.googleusercontent.com/-sgD2FyyprwA/VgJtOpNSnYI/AAAAAAAAAHE/eUvmtQhkvLw/s1600/%25D0%25A1%25D0%25BD%25D0%25B8%25D0%25BC%25D0%25BE%25D0%25BA%2B%25D1%258D%25D0%25BA%25D1%2580%25D0%25B0%25D0%25BD%25D0%25B0%2B2015-09-23%2B%25D0%25B2%2B11.11.36.png>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/286e0e64-074a-460b-9ac5-af302f047108%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
