Hi Anant, On Tuesday, 18 October 2016 14:10:45 UTC+2, Anant Sawant wrote: > > Q1. Does Graylog stores all the logs pointed to it in elasticsearch? >
Yes. > If we have sent 1gb of logs from x.x.x.x to y.y.y.y, does it mean that 1gb > of the same logs are also stored onto the y.y.y.y elasticsearch. > Yes, although it will require more than 1 GB of disk space because of secondary data structures like the inverted index for full-text search. Q.2 If the logs are stored into elasticsearch, where are they stored into > elasticsearch? > The messages are stored in the Graylog-managed indices in Elasticsearch (index names beginning with elasticsearch_index_prefix <https://github.com/Graylog2/graylog2-server/blob/2.1.1/misc/graylog.conf#L245-L246> ). Q.3 Or if the logs are not stored in graylog does it only stores the > pointers to the location from which the logs are stored and where are the > pointers stored? > See previous answers. Cheers, Jochen -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/a4ed7e14-ef9d-4598-ac8a-3e3aceb1d294%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
