Uncommited messages deleted from journal

Hi,

upon logging in I noticed this notification
" Uncommited messages deleted from journal
Some messages were deleted from the Graylog journal before they could be written to Elasticsearch. Please verify that your Elasticsearch cluster is healthy and fast enough. You may also want to review your Graylog journal settings and set a higher limit"

Before this notification show up. When I deleted a file for example Filename: sample.txt
and searched it in Graylog I was able to know who deleted that file but now when I do that “Nothing Found”

I added 3 file server in input. Please checked the attachment below

image1147×567 44.2 KB

Please help.

he @orbieabanilla

could you please sort your thoughts - you ingest some kind of audit logs into graylog that enables you to see actions on the system.

You are no longer able to do this and notice the message that data is dropped from the journal …

is that all true?

So now, did you checked your Graylog server.log?

You are no longer able to do this and notice the message that data is dropped from the journal
is that all true? = YES

So now, did you checked your Graylog server.log = No.?

I’m checking it right now and it seems working.

image1343×727 50.7 KB

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.