The graylog server.log file is getting out of control. Due to warning error for Elasticsearch no security. I only have 1 node and careless about security
How Do I stop this from eating all my free space on the drive
/var/log/graylog-server#
root@Syslog:/var/log/graylog-server# ls -la
total 19444
drwxr-xr-x 2 graylog graylog 4096 Dec 2 20:38 .
drwxrwxr-x 11 root syslog 4096 Dec 2 22:38 …
-rw-r–r-- 1 graylog graylog 19897561 Dec 2 23:45 server.log
root@Syslog:/var/log/graylog-server# ls -lah
total 20M
drwxr-xr-x 2 graylog graylog 4.0K Dec 2 20:38 .
drwxrwxr-x 11 root syslog 4.0K Dec 2 22:38 …
-rw-r–r-- 1 graylog graylog 20M Dec 2 23:45 server.log
root@Syslog:/var/log/graylog-server#
root@Syslog:/var/log/graylog-server# ls -lah
total 21M
drwxr-xr-x 2 graylog graylog 4.0K Dec 2 20:38 .
drwxrwxr-x 11 root syslog 4.0K Dec 2 22:38 …
-rw-r–r-- 1 graylog graylog 21M Dec 2 23:52 server.log
root@Syslog:/var/log/graylog-server#
What is the specific error message you are seeing, Graylog doesn’t normally care that much about running without security to ES/OS as that’s it’s default config.
Backto Graylog site:
Modify the Elasticsearch configuration file (/etc/elasticsearch/elasticsearch.yml), set the cluster name to graylog, and uncomment action.auto_create_index: false to enable the action.
I’m not sure, Graylog only supports up to elastic 7.10 so you may have all kinds of weird things happen. You may be able to stop the warning from the elastic side, but you won’t be able to stop Graylog from sending that command.