Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question. Don’t forget to select tags to help index your topic!
1. Describe your incident:
I want to check the size of my logs send to graylog as I am using free version and I can only consume less then 5G.
2. Describe your environment:
OS Information:
Ubuntu 18.04
Package Version:
4.1
Service logs, configurations, and environment variables:
3. What steps have you already taken to try and solve the problem?
It is not clear how you want that information from your post - here are some ideas that may help:
Under the System Menu, Select Overview, this tells you the daily log use
Under System Indices you can get an overview list of all the indices including number of documents in each and size.
Click into a particular index and it will give you more detail on each index file (docs and size)
If you want to dive a bit deeper, you can run a command against elastic to see details on the indices curl -X GET --netrc "elastic-server:9200/_cat/indices/*?v&s=index&pretty"
You can set up a widget and count messages by source - this won’t give you size but you can sort it to see who is sending the most messages.
If you exceed 5G on the free <5G Enterprise version on any 3 days over a month it only disables the enterprise features. The <5G Enterprise license is somewhat limited in that you don’t get illuminate or support but you can process and store as much information as you want.
