We’re happy to announce that Graylog v2.3.0-rc.1 is ready for download! Full details below.
I am currently testing this on a small setup (300 messages/min) to see if i can finally consolidate the separate ES 2.x installation I have for Graylog2 into one single ES 5.x cluster.
Looks good after almost a day, so thanks for all the work involved and I’ll keep you posted.
Now the next big step would be to get rid of MongoDB. I would, from the safe distance of the mere user, propose to store Graylog2 configuration in a special ES index, like Kibana does, but, well, I have no idea as to how difficult that might be…
The problem with this is that Graylog should (must) still work if Elasticsearch is down.
That makes sense. MongoDB also just sits there not doing much and not using many resources, so I guess the problem is more academical than practical for most servers nowadays. However, if someone is running Graylog2 in production, his Elasticsearch should be a cluster of more than just one node and be quite available (but then again it would be logical for him to run a MongoDB Replica set…)