Hello everyone,
I have installed Graylog as a cluster. In this cluster, I have one master node with the IP address 192.168.3.63, and two data nodes with the IP addresses 192.168.3.64 and 192.168.3.65 respectively. MongoDB and Graylog have been installed and clustered on all three servers. Four Elasticsearch servers have been separately clustered with the IP addresses ranging from 192.168.3.66 to 192.168.3.69. Three of them are master nodes, and one of them is a data node. The problem I’m facing is that I have created an input for testing with port 9010 and also created a sidecar with port 9010. I have messages and receive Throughput/Metrics for this input on port 9010, but when I click on “Show Received Messages,” it doesn’t display any logs. Please guide me on how to troubleshoot this issue so that I can resolve it.
I reviewed the graylog configuration file related to the masternode and found the following two values:
is_leader = true
is_master = true
I also checked the graylog configuration file for the datanode and found the following two values:
is_leader = false
is_master = false
I commented out the is_leader values in both the masternode and datanode configurations and restarted the graylog-server service, which resolved my issue.
The question that arises for me is whether setting only the is_master value is sufficient for clustering graylog, and whether there is no need for other values in the graylog configuration file on both the masternode and datanode?
Another problem that occurred is that after the changes I made, the Message Count feature is not working and does not display any charts. Please guide me on this matter.
