Centralized independent architecture

soc · September 23, 2022, 2:21pm

Hello Graylog Community.

I’m planning a new Graylog architecture.

Our needs are to log on premises from the source and to be able to query them locally and on a central node.

A setup like that is needed because, in any moment, we have to be able to disconnect and isolate any node from one another, keeping the ability to access to the local client browser.

The local nodes should be 3, this an example:

What do you suggest?

gsmith · September 24, 2022, 12:11am

Hello @soc && Welcome

Are all these DC’s in the same DMZ or are they separate?

If there in the same DMZ then one Graylog node would be good.
If they are in different DMZ’ you could place a graylog server in each DMZ and forward the log/s to a central Graylog server.

Basically and loosely speaking, turn Graylog server/s into proxy’s and forwarding the log/s to one Graylog server for monitoring.

system · October 8, 2022, 12:12am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Advice for multi side setup Graylog Central (peer support)	1	359	April 4, 2019
Graylog over MPLS link in second DC Graylog Central (peer support)	3	410	July 20, 2021
Graylog Centralized Graylog Central (peer support)	2	388	May 21, 2018
Multiple Datacenter Setup Graylog Central (peer support)	7	1719	July 24, 2017
Graylog for Muliple Datacenter without replication with single pane of glass Graylog Central (peer support)	2	466	February 23, 2019

Centralized independent architecture

Related topics