Hi there, we need to seperate huge amound of data of the Windows AD Servers from all others.
The Windows AD Servers are heavy bullshit talking systems ~300msg per seconds. We do not need to keep this information longer than 5 Days. Because of the heavy load from the AD Servers the Elastic/Graylog Database nodes will be overwirtten around 2 weeks. /var/lib/elasticsearch/graylog2/ So does anyone can give us a hint how we can delete the AD loggs by days or can seperate it in another database store on disk. Thanks Till -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/daf64dab-e6f2-42f2-b5ae-6dcc5d13e323%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.