Hi, Everyone.
I am new to graylog and I want to learn use it my home lab. I have set it up in my xcp-ng hypervisor as vmguest. I gave it 2 virtual disk a 20 GB drive and a 40 GB drive. My intention is place the OS and application to the 20 GB drive and all the logs that will be gathered will go to 40 GB drive.
My question are:
- Is my intention possible with graylog (if not I can always destroy and recreate it)
- If it is possible which config file I need to configure so i can move all the logs it will receive to the 40 GB drive
Yes, most of the data in the the Elasticsearch Data section so you would mount that location to the second drive:
https://docs.graylog.org/v1/docs/file-locations
1 Like
Hi, Tom.
Thanks for responding, I have already finished installing graylog before I have posted this question. So I am not sure what you mean by mount that location to 2nd drive. I apologize if this is a noob question I am still learning.
Can’t I just change the config file to point to the second disk directory?
Learn how mount points work and you will then better understand how to do that.
1 Like
Hi, Tom.
Thanks for giving me some tips, I have to go back to my Linux 101 notes to get what you are pointing but I eventually able to properly mount it. Again thank you so much for the knowledge you are sharing 