Hi there, we need to seperate huge amound of data of the Windows AD Servers from all others.
The Windows AD Servers are heavy bullshit talking systems ~300msg per seconds. We do not need to keep this information longer than 5 Days. Because of the heavy load from the AD Servers the Elastic/Graylog Database nodes will be overwirtten around 2 weeks. /var/lib/elasticsearch/graylog2/ So does anyone can give us a hint how we can delete the AD loggs by days or can seperate it in another database store on disk. Thanks Till -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/daf64dab-e6f2-42f2-b5ae-6dcc5d13e323%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
