Retention usage

RyanInsolencee · August 29, 2024, 12:28pm

does Graylog have the ability to let’s say after 60 days close the index and then after 90 days delete the index? if not is there a suitable way for me to be able to do this? cronjob python script etc…

Helpful Posting Tips: Tips for Posting Questions that Get Answers [Hold down CTRL and link on link to open tips documents in a separate tab]

drewmiranda-gl · August 29, 2024, 6:32pm

Graylog has this ability. It does this using 2 concepts:

Index Rotation - where messages are stored, determines when to create a new index
Index Retention - how long to keep an index for and what happens when the index is older than the specified limit.

For more details, see Index Model

Topic		Replies	Views
Changing Message Retention Graylog Central (peer support)	4	1537	February 1, 2018
Changin Index rotation type Graylog Central (peer support)	4	1572	December 13, 2017
Indices routing Graylog Central (peer support)	11	1501	March 28, 2017
Archiving / Log Retention without Graylog Enterprise Graylog Central (peer support)	2	2073	September 27, 2023
Indices, rotation, disk space Graylog Central (peer support)	10	8518	March 21, 2019

Retention usage

Related topics