Hello,
I would like to know if it is possible to store logs on different disks.
For example, considering an environment where there are two different index sets (PRE,PRO), it would be possible to store the logs indexed in the PRO index on one disk, and the logs stored in the PRE index on a different disk. (Different paths)?
If this is possible, would it be positive for the performance of Graylog?
I would not try to be more smart then elastic/opensearch with the selection of the disks. If you are running into issues with performance the first step is to add more nodes to your cluster.
Good afternoon,
We currently have no performance issues, the customer has asked us to store the logs for different environments on different disks and we wanted to know if this would be possible.
Our idea is to classify the PRE and PRO records in two different index sets in order to configure different retentions.
Once this is done, would it be possible to store each index set on a separate disk? If not, is there another way to do it?
Thank you very much, greetings.
Greetings! As far as I’m aware this is not something supported within graylog.
Do you have any details about what is driving this requirement? Do you know if this is related to any audit and/or compliance frameworks or regulations?
Thanks!
Hello,
They want to know if there is the possibility of hosting the logs on different disks differentiated by environment.
In this case we have separated them into different index sets and to comply with this requirement we thought of storing each index set on a different disk, but if that is not possible we will leave it as before.
In the Elastic configuration file, the path where the data is stored can be modified, but it can only be a single path, and we also don’t see that there is a way to indicate the path for a specific index set.
Thanks greetings.
While you can define more than one data path in the Opensearch config, you don’t have direct control over which disk is uses for an individual index. However, you do have the ability to specify on which node a particular index should be stored, so you could achieve what they are asking for with a second OS node and a command to keep all shards and indices for each environment on an assigned node.
Thank you very much, I understand that it is not possible to separate them on different disks and I will apply the solution separating the logs from different environments by streams and index them in different index sets.
Thank you.
Greetings.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
