upon logging in I noticed this notification
" Uncommited messages deleted from journal
Some messages were deleted from the Graylog journal before they could be written to Elasticsearch. Please verify that your Elasticsearch cluster is healthy and fast enough. You may also want to review your Graylog journal settings and set a higher limit"
Before this notification show up. When I deleted a file for example Filename: sample.txt
and searched it in Graylog I was able to know who deleted that file but now when I do that “Nothing Found”
I added 3 file server in input. Please checked the attachment below
could you please sort your thoughts - you ingest some kind of audit logs into graylog that enables you to see actions on the system.
You are no longer able to do this and notice the message that data is dropped from the journal …
is that all true?
So now, did you checked your Graylog server.log?
You are no longer able to do this and notice the message that data is dropped from the journal
is that all true? = YES
So now, did you checked your Graylog server.log = No.?
I’m checking it right now and it seems working.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.