Graylog external log data

I have been following the Graylog: Your Comprehensive Guide to Getting Started Open Source Log Management. Which works perfectly of course. I have also used Ubuntu 22.04. Unfortunately my Linux skills are very basic so please take that into consideration.

I am a little confused on how to setup the log data to go to a cifs share on a NAS.

I have added a share in fstab and was able to mount the share ok:

// /media/graylog_data/ cifs vers=3.0,credentials=/etc/.truenas_creds,iocharset=utf8,gid=1000

I am unsure what I need to change in the volumes section of the docker-compose.yml

  - "log_data:/usr/share/opensearch/data"

Any help would be gratefully appreciated.

My data mount is:

Filesystem                                           Size  Used Avail Use% Mounted on  235T   20G  235T   1% /mnt/graylog_logs

And the mount syntax in my docker-compose.yml is:

       - "/mnt/graylog_logs:/usr/share/opensearch/data"

If I am reading your post correctly and your mount is /media/graylog_data/ then yours should be:

       - "/media/graylog_data:/usr/share/opensearch/data"

Thank you I did try - “/media/graylog_data:/usr/share/opensearch/data” however I then get the following error on bringing docker up:

graylog | 2024-01-25 10:21:09,613 ERROR: - Unable to retrieve version from Elasticsearch node: Failed to connect to opensearch/ - Connection refused.
graylog | 2024-01-25 10:21:09,615 INFO : - Elasticsearch is not available. Retry #8

It’s not a issue for me to just run local storage as I only need this for pfsense openvpn logs.

If it works locally but not remote, it’s likely that you have a permissions issue.