Hi everyone!
I’m running Graylog 6.0.4+9759bc7 on Ubuntu 22.04.4 on a small ISP.
Today when I try to find some NAT info, I’ve noticed the DB are without infos older than Feb 9.
The server was made on Aug/2024, we had an network issue from Oct 16 to Nov 14 and except from this period, I was able to find until Jan/2025, my last search…
I don’t know how to get those records back or what could have caused this…
What are your settings for retention under system>Indices?
Default index set
Index prefix:graylog
Shards:1
Replicas:0
Field type refresh interval:5 seconds
Field type profile:Not set
Rotation strategy:Data Tiering
Max. in storage:40 days
Min. in storage:30 days
Graylog Events
Index prefix:gl-events
Shards:1
Replicas:0
Field type refresh interval:5 seconds
Field type profile:Not set
Rotation strategy:Data Tiering
Max. in storage:40 days
Min. in storage:30 days
Graylog System Events
Index prefix:gl-system-events
Shards:1
Replicas:0
Field type refresh interval:5 seconds
Field type profile:Not set
Rotation strategy:Data Tiering
Max. in storage:40 days
Min. in storage:30 days
Guess this means I’ve lost the older data, right?
Yep, unless you have backups, but even them restoring them wouldnt be trivial
I’ve ajusted for a year…
Thks for the help.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
