Based on that both the Process and the Output buffers are full, I would say your elasticsearch nodes are not fast enough. They seem undersized in my eyes and should have more CPU and RAM. Also check if you set your -Xms and -Xmx settings (for both graylog and elasticsearch) to reasonable values, it helped me alot to increase them to half of my RAM size. (eg. -Xms8g -Xmx8g )
-- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/fab340d0-e0b6-4182-8fe3-b4230c92a962%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
