Dear graylog community,
we have a long running Graylog setup that is currently running Version 4.2.5.
As we plan to upgrade the setup first to version 4.2.9 we observed that our table of graylog.audit_log is more than 4 GB in size.
Is there some way to have a housekeeping on this table? Is this part of a newer Version of Graylog? Did you have a prepared query to delete everything that is older than a month?
We have our Elasticsearch cluster updated to Version 7.11.1. Taking license topics out of the game, to what version can we upgrade elasticsearch that Graylog can still work an communicate and work with it?
If there is no-way to continue using elasticsearch, is there a way of migration or path of migration that you can recommend? Most important is easy migration and keeping all data in place.
Thank you for the support