Limit of graylog OpenSource 5.0

Hi Community

I have various question so here we go
What is the limit of graylog 5.0 Open source? I mean how many logs can graylog store in gigabytes, in time and before it overwrites the data? What is the traffic limit that graylog supports? What file do I have to copy to make a backup? Can logs be loaded from a file on disk without being sent by agents?
If anybody want tell me something more than this please tellme about that.

Thank you all.

  • Graylog 5 Opensource limits are essentially only that you have no access to enterprise features.
  • The Opensource version doesn’t limit the amount of data you store, but archiving data (moving from hot to warm/cold storage) is an enterprise feature. You can store as much data as you have disk.
  • Graylog Opensource scales outward nicely, you can cluster Graylog/Mongo and cluster ElasticSearch (OpenSearch preferred) to scale accordingly. There are adjustments to your environment that you might need outside Graylog, such as perhaps a load balancer for the data coming in… you can find more on the clustering and balancing in the community forums
  • Graylog keeps its settings in MongoDB, the messages/data you receive is stored in Elasticsearch/OpenSearch - use tools for those DB’s to back them up, Graylog Opensource doesn’t have that.
  • Generally speaking you need an agent of some sort to pull data from files. Elastic Beats and NXlog are the two agent most used.
1 Like

Thanks Mr tmacgbay, it means a lot to me.
graylog 5 + Opensearch 2.x + mongodb with beats and nxlog in production. Load balancer is optional if the size of the structure is small, don´t?
I am using filebeat and Nxlog with sidedecar with 4.3 graylog and elasticsearch 7.9.3 and mongodb 4.x beacuse my jobs is onlyone to take logs and I am using virtual box 7.0.4, all of this in laboratory environment.

if you want tell me more please I am all ears… hahahahahaha.

Best regards.

1 Like

If you have any other questions, post them up! :smiley: