Hi Mark,
the Elasticsearch node used internally by Graylog is just a client node by
default, which means that it doesn't store any data at all.
The message regarding -XX:PermSize and -XX:MaxPermSize=256m is probably
caused by the switch from Java 7 to Java 8. With Java 8 the JVM doesn't
have
Next question...
Why do all of the elastic stored records appear to reside in the default
dynamic named node, but the apparently empty graylog2-server elastic node
is the one gobbling up heap memory? According to my elastic node diags the
empty graylog2-server node, that according to the grayl
Still flailing without guidance I have some more questions. I
changed elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1:9300,
and with 9300 it appears that the default index (node) is being filled.
Graylog creates a second node that I don't believe I need (port 9350 which
I didn't set
I'm not sure if it's considered a best practice to tweak the default
/etc/sysconfig/graylog-server?
GRAYLOG_SERVER_JAVA_OPTS="-Xms2g -Xmx2g -XX:NewRatio=1 -XX:PermSize=128m
-XX:MaxPermSize=256m -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC
-XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEn
