I’m trying to change where Graylog stores the syslog data from /var/lib/elasticsearch and /var/log/elasticsearch to another drive i have seutp as /data
Following other topics on this forum i tried changing the elasticsearch.yaml file in /etc/elasticsearch and changing the path.data and path.logs values. However after restarting graylog and elasticsearch, it appears as though logs just no longer get stored.
I am running this on Oracle Linux 8
You aren’t giving very much to go on. When you repointed elasticsearch did you copy the files from the old area to the new area? What steps did you take specifically to change it? Post relevant portions of the config files… Have you checked the elasticsearch and/or the Graylog logs? Anything interesting and relevant that you can post to help us help you? Make sure you use the forum formatting tools (Like </> ) when you post logs/code so it is readable.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
