Host collected logs on another drive?

gmorin · September 26, 2022, 8:39am

Dear Graylog Community,

Has anyone successfully managed to put all the data collected by Graylog on a second hard-drive or partition, in order to have the place where the logs are stored and the OS space separated ?

If yes, can you explain how you did ?

Here is my configuration :

Debian 11
Graylog 4.3.7
Elasticsearch (transitionning to OpenSearch in the next few weeks)
60G drive for OS, 2To drive for data

Many thanks in advance,

G. MORIN

H077E · September 26, 2022, 8:51am

Hi @gmorin,

The data collection is located in the Elastic DB (default /var/lib/elasticsearch/) and The journal is located at /var/lib/graylog/journal (default). GL-Configurations is here (default /var/lib/mongodb).
You can set that as a separate mount points. Is this what you mean?

gmorin · September 26, 2022, 8:53am

Hum yes maybe, what I don’t want is having my 60G drive filled with logs ^^
So playing with fstab may be the solution to get the /var/lib/elasticsearch/ on the 2To drive ?

H077E · September 26, 2022, 8:57am

Yes it is. You can just set /var/lib of /dev/[2TB-Dev] as your own mount point in fstab.

gmorin · September 26, 2022, 9:00am

Hi @H077E,

That’s great ! Many thanks !

system · October 10, 2022, 9:00am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Log storage with installing Graylog cluster Graylog Central (peer support)	2	324	October 30, 2019
Change location of log files to an external location - Please help Graylog Central (peer support)	2	2253	March 21, 2021
Small HD on Host- Secondary Storage Options Graylog Central (peer support)	2	177	July 18, 2023
Where are Graylog logs stored in a VM? Graylog Central (peer support)	4	393	July 7, 2022
Extend Disk Size in installation not OVA Graylog Central (peer support)	5	2271	September 26, 2018

Host collected logs on another drive?

Related Topics