Hello all,
I am new here and looking forward to using Graylog for my logging needs. I have deployed the OVA with no issues but noticed only a 20 gig partition was allocated. I would like to implement a second partition of 100 gig and move the logs collected to this partition. Is there a document that decribes being able to do this?
Thanks,
Steve
@SteveFP
Not sure if this still works, and it been a really long time since I used OVA. Have you tried this?
Yes that document is old. The directories to copy is not correct.
@SteveFP
I’m sure that you can expand the partion to your needs.
Other then that Im not to sure I’m sorry, maybe some one else here can help you.
@SteveFP 
I’ll echo what @gsmith posted. Resizing the partition is going to be a standard linux operation, so that’s a bit outside of the scope of what we’d typically put in the docs. To keep things simple, I’d recommend just expanding the existing partition (it’s LVM, so expanding should be relatively straightforward), unless you’ve got a need to create a separate partition for Elasticsearch data.
Ok maybe I can be a little more specific. I now how to partition and add a new drive, but I would like to just set the new partition up so that message ingestion goes to this new drive. Are there instructions for moving the data directories to the new drive and then configure Graylog to use this new drive?
Good afternoon, with Graylog using Elastic Search and MongoDB I would think you would need to move where those are. Maybe? Thank you, Zach.
Elastic Search stores data in /var/lib/elasticsearch.
If you want to use new volume to store data . e.g /data
Here are a couple of links I found:
https://docs.graylog.org/en/4.0/pages/configuration/file_location.html
Thank you, Zach.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
