Graylog delay index in a single topic

rafaelsilvaa10 · April 17, 2019, 2:36pm

Hello there,

I have 3 clusters of Kubernetes (Dev, QA, Prod) that send their logs to Kafka with the logdriver gelf;
The Kafka + Zookeper is clustered;
I have 1 kafka topic for each Cluster Kubernetes (topic-DEV, Topic, QA, Topic-PROD);

My graylog connect in the zookepers and collects the logs according to my topic informed in my input.

My Graylog is clustered: 3 nodes
For Graylog I have a clustered mongoDB of 3 nodes;
I have an Elasticsearch with 5 nodes for the graylog;
I have 3 Inputs (input-DEV, input-QA, input-PROD) with the same settings;

2 Inputs work everything ok.
However, 1 of the Inputs has a very large delay in indexing the logs; And it’s always the same Input has this delay (Input-QA).

The time now is 11AM o’clock, but my logs are coming at 4AM

There was nothing wrong with it, because I created a new topic in kafka and sent the inputQA logs to it.

Yet he continued with this slowness.

Anyone have any idea what’s going on?

Thanks

jan · April 18, 2019, 6:18am

did you find anything in the Graylog server logs?
did you see the same delay if you only have this single one running?

rafaelsilvaa10 · April 24, 2019, 5:05am

My problem was with the logging driver gelf, i changed to json, now work.

thanks

system · May 8, 2019, 5:05am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Graylog Throughput / Metrics problem Graylog Central (peer support)	6	1594	January 22, 2019
Graylog cluster not load balancer for all node Graylog Central (peer support)	13	925	December 28, 2022
Graylog Kafka Input Processing is slow Graylog Central (peer support)	12	2283	July 14, 2017
Championing Graylog and need performance advice Graylog Central (peer support)	10	4100	September 14, 2017
Kafka input plugin and topic offsets Graylog Central (peer support)	3	1924	September 18, 2018

Graylog delay index in a single topic

Related topics