| 2 Nov 2022 |
|  twotwenty joined the room. | 21:01:10 |
| 13 Dec 2022 |
|  mf joined the room. | 15:52:53 |
| 10 Jan 2023 |
|  clevence joined the room. | 08:27:39 |
| clevence | hi | 08:27:43 |
| clevence | anyone here ? | 08:27:49 |
| 13 Jan 2023 |
|  Shivam Tiwari joined the room. | 06:10:06 |
| Shivam Tiwari | hello everyone | 06:10:25 |
| Shivam Tiwari | i have one question | 06:10:34 |
| Shivam Tiwari | can we implement multinode graylog on k8s ? | 06:10:57 |
| Shivam Tiwari | if yes how ? | 06:11:03 |
| Shivam Tiwari | antoine: da_habakuk | 06:11:46 |
| 6 Jun 2023 |
|  @archive:matrix.org joined the room. | 19:01:39 |
| 22 Jun 2023 |
| @archive:matrix.org set their display name to archive.matrix.org/faq. | 05:27:12 |
|  @presgas:mozilla.org joined the room. | 15:54:46 |
| 26 Jun 2023 |
|  @hjalti:one.ems.host left the room. | 01:57:04 |
| 20 Jul 2023 |
|  @sky:matrix.thunderwater.net joined the room. | 19:57:55 |
| @sky:matrix.thunderwater.net left the room. | 22:31:20 |
| 18 Aug 2023 |
| @archive:matrix.org left the room. | 18:21:47 |
| 11 Sep 2023 |
|  phildoot joined the room. | 07:46:52 |
| phildoot | Hi graylog team, since recklessly 'apt upgrade'ing on a single node ubuntu deployment, i continue to see normal messages via 'inputs' (and read logs from /var/lib/graylog-server/journal/), but none hit the default (or any other) 'stream' since the upgrade. Could someone suggest where I might find the issue? | 07:53:11 |
| 17 Oct 2023 |
|  cash$ joined the room. | 09:13:59 |
| 9 Jan 2024 |
|  vbits.es changed their profile picture. | 14:12:49 |
| vbits.es changed their profile picture. | 14:33:33 |
| 25 Jan 2024 |
| @presgas:mozilla.org left the room. | 12:38:48 |
| 29 Jan 2024 |
|  mattvw joined the room. | 15:00:37 |
| mattvw changed their display name from vwz74n77bw to mattvw. | 15:01:07 |
| 17 Mar 2024 |
|  kralya joined the room. | 22:57:29 |
| 8 Apr 2024 |
|  hsmailhari joined the room. | 05:42:41 |
| 14 Apr 2024 |
|  hsmailhari007 joined the room. | 15:58:38 |
| hsmailhari007 |
I have graylog and elasticsearch deployed in kuberenetes. Three graylog nodes as cluster and three elasticsearch with 1 master and two master eligible nodes. The spec of the worker nodes is 64 core and 128gb ram and 20TB disk on each worker node. We are getting 2tb logs per day. Logs are coming from kuberentes cluster and other applications each with differnet size. Right now Iam only getting 7000 message output per sec so getting around 20 to 25k messages processed per second but the input rate is 20k to 100k per second so most of the messages are going to journal with millions of unprocessed messages and Iam unable to view the logs from the dashboard most of the time.
The CPU usage of the graylog and elasticsearch is low so I am unable to figure out the bottleneck here..
Graylog -5-0 32gb heap
elasticsearch - 7.10 32gb heap
mongo -5.0
Graylog leader and elasticsearch master is on dedicated workernodes and the remaining are on shared workernodes.
Please help I want to use all my cpu resources and increase the processing to 100k message per second. What elase I need to do add more data nodes but the current servers are underutilized. What iam missing here need assistance
| 15:58:46 |
