Centralized independent architecture

soc · September 23, 2022, 2:21pm

Hello Graylog Community.

I’m planning a new Graylog architecture.

Our needs are to log on premises from the source and to be able to query them locally and on a central node.

A setup like that is needed because, in any moment, we have to be able to disconnect and isolate any node from one another, keeping the ability to access to the local client browser.

The local nodes should be 3, this an example:

What do you suggest?

gsmith · September 24, 2022, 12:11am

Hello @soc && Welcome

Are all these DC’s in the same DMZ or are they separate?

If there in the same DMZ then one Graylog node would be good.
If they are in different DMZ’ you could place a graylog server in each DMZ and forward the log/s to a central Graylog server.

Basically and loosely speaking, turn Graylog server/s into proxy’s and forwarding the log/s to one Graylog server for monitoring.

system · October 8, 2022, 12:12am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Advice for multi side setup Graylog Central (peer support)	1	358	April 4, 2019
Graylog for Muliple Datacenter without replication with single pane of glass Graylog Central (peer support)	2	466	February 23, 2019
Making the most of Graylog Graylog Central (peer support)	1	491	September 1, 2017
Graylog Multi-Node Setup and Configure Graylog Central (peer support)	2	893	July 26, 2019
Extend architecture Graylog Central (peer support) sidecar , nxlog , nodatanx	5	792	December 11, 2017

Centralized independent architecture

Related Topics