Hi everybody,
i have a problem with my Graylog appliance:
in System\Graylog-Cluster\Outgoing-messages i see that on 26 October we had 7.86 Gb of messages stored, but if i search for those messages, i have no results.
How can i retrieve these logs? Can i serach for them on ssh terminal?
Usually it’s related to timestamp parsing.
Try to check other dates
Hi zoulja,
thanks for your answer.
Can you please tell me how should i do that?
Have you tried to check “Show all messages” in the Input/Sidecar?
So no matter when log was received you will see it
Tried to put Show all messages, and went backwards to retrieve the Log, but it showed this error
esult window is too large, from + size must be less than or equal to: [10000] but was [132600]. See the scroll api for a more efficient way to request large data sets. This limit can be set by changing the [index.max_result_window] index level setting
Oh wow. Need someone from Graylog team to comment on this, I’ve never met such error before
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.