Graylog information inquiries (About version)

Tanawat · April 10, 2021, 9:35am

Daer all,

We have a few inquiries and need you to confirm regarding Graylog as following questions.

Now we are using Graylog virtual appliance (OVA). we would like to know how long can keep the file ? and Where is the path for keep file ? and We can select path for keep file ?
As we find more information, please confirm that the virtual appliance version is not suited to use as a production because it is unsecured? Why ?
We would like to know difference between virtual appliance (OVA) and RPM package (Ubuntu). because now, we are using Graylog virtual appliance (OVA) and we would like to change use RPM package ?
We find more information by the link below
Planning Your Log Collection — Graylog 4.0.0 documentation
Topic “Retention”
For “Most Graylog customers retain 30-90 days online (searchable in Elasticsearch) and 6-13 months of archives” What does it mean?

Anyway if you need more information from us, please kindly let us know.

Thank you for your kind support.

Tanawat · April 12, 2021, 2:06am

Daer all,

Anyway if you need more information from us, please kindly let us know.

Thank you for your kind support.

shoothub · April 12, 2021, 7:39am

Data retention in graylog is defined in Index rotation settings. You can define retention by index size, time or number of messages. All data is stored in Elastic Search DB, so you define retention in graylog web UI.
Index model — Graylog 4.0.0 documentation
Better way is to setup own installation by your company standard. For example OVA is based on Ubuntu linux 18.04, which is older LTS version of Ubuntu, and you may prefer Redhat or Debian distribution in your company. Best way is to use distribution you have the most experience with.
OVA is preconfigured virtual machine based on Ubuntu 18.04. RPM is totally different, it’s way to install packages on RPM based distributions like Red Hat, CentOS.
Graylog documentation is very good, I recommend read it all to better understandig the concepts and software.

Tanawat · April 19, 2021, 6:10am

Thank you for your reply. If we have more any questions We would like to ask you again.

Thank you

system · May 3, 2021, 6:11am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Graylog information inquiries Graylog Central (peer support)	8	643	April 23, 2021
Installation graylog ova Graylog Central (peer support)	6	1425	June 19, 2018
Graylog 4.0 RC1 OVA on Ubuntu 18.04.5 LTS ? Why? Graylog Central (peer support)	3	473	December 2, 2020
Graylog Open Log Storage Graylog Central (peer support)	3	363	December 25, 2023
Quick question on OVA Index retention Graylog Central (peer support)	5	537	December 27, 2017