Host collected logs on another drive?

gmorin · September 26, 2022, 8:39am

Dear Graylog Community,

Has anyone successfully managed to put all the data collected by Graylog on a second hard-drive or partition, in order to have the place where the logs are stored and the OS space separated ?

If yes, can you explain how you did ?

Here is my configuration :

Debian 11
Graylog 4.3.7
Elasticsearch (transitionning to OpenSearch in the next few weeks)
60G drive for OS, 2To drive for data

Many thanks in advance,

G. MORIN

H077E · September 26, 2022, 8:51am

Hi @gmorin,

The data collection is located in the Elastic DB (default /var/lib/elasticsearch/) and The journal is located at /var/lib/graylog/journal (default). GL-Configurations is here (default /var/lib/mongodb).
You can set that as a separate mount points. Is this what you mean?

gmorin · September 26, 2022, 8:53am

Hum yes maybe, what I don’t want is having my 60G drive filled with logs ^^
So playing with fstab may be the solution to get the /var/lib/elasticsearch/ on the 2To drive ?

H077E · September 26, 2022, 8:57am

Yes it is. You can just set /var/lib of /dev/[2TB-Dev] as your own mount point in fstab.

gmorin · September 26, 2022, 9:00am

Hi @H077E,

That’s great ! Many thanks !

system · October 10, 2022, 9:00am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Log storage with installing Graylog cluster Graylog Central (peer support)	2	357	October 30, 2019
Change location of log files to an external location - Please help Graylog Central (peer support)	2	2683	March 21, 2021
Graylog set up and working, but trying to move data directory Graylog Central (peer support) elastic	11	2462	May 26, 2022
Small HD on Host- Secondary Storage Options Graylog Central (peer support)	2	236	July 18, 2023
Where are Graylog logs stored in a VM? Graylog Central (peer support)	4	474	July 7, 2022

Host collected logs on another drive?

Related topics