Graylog Test Scenarios

Hello Guys! newbie here.

Graylog Enterprise 5.2.7 Enterprise: 2 nodes
Mongodb 6.0.14: 3 nodes
Opensearch 2.12: 3 nodes

Graylog/mongodb: Ubuntu 22.04
Opensearch: RHEL 8.9

I am making a document to simulate all test scenarious possible. Any body made same documents? Can you share some templates?

Also all the logs should go to opensearch path.data directory right after Graylog proccessed it correct?

I can see .index and .log files on message journal directory. But its not in Opensearch.

How to know if all the logs are correctly stored in Opensearch? Because i dont see it

Same with mongodb nodes in a cluster, it should contain same files in dbPath right?

Thank you in advance

Hello @laruz,

Welcome to the Graylog community!

Opensearch stores the logs within indices and these will be stored under the path specified within the opensearch.yml. Indices are made up of shards and shards will be spread across the available Opensearch nodes within your cluster.

How the logs are stored within the journal and how they end up being stored within Opensearch are different and thus comparing isn’t very useful.

Mongo nodes will have the same folder structure and data as long as they are all members of the same replica set. Only the primary mongo node can be written to.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.