Export Data by Command Line


I would like to retrieve data for one Input on my Graylog Server.
But index of databae was broken so I could’nt export from web interface.

Can I retrive those data by command line and export hem ?


Which database’s index? Elastoicsearch or mongodb?
Mongodb store the graylog’s settings.
The GL’s web interface use the GL’s api, so you will see the same if you export is thru cli (API).
But you can try it.

Do you have backup about your mongodb’s database?

Elasticsearch’s index is broken.

How can I use GL’s API ?

if elasticsearch is broken, you can use graylog web interface.
under system,nodes, you will see an api browser for each node.
you can browse GL’s api. After that, you can export at here, or with curl.

but @Exploitation you can’t export data when elasticsearch is broken - because the data is actually stored in elasticsearch.

Thanks, I misunderstand the original request. I thought for the input settings, not the logs.

Ok, thanks.
I need to create a new index ?

If your elasticsearch crashed you can’t create new index.
First you have to start the elasticsearch well.
You can try to google how can you restore a broken cluster, but as far as I know it is not possible without data loss.
Or if the data loss not problem, you can remove all data from elasticsearch’s data directory, and try a start.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.