Hi,
Is there a way to have different retention periods for logs coming in from different hosts? For example I want to retain logs from some Linux servers for 1 month and others for 6 months?
Also, is it possible to know how much logs(MB/GB) are received per day from each host?
Per host retention and used space
Re: Per host retention and used space
This is a fairly common request but not one that has been implemented yet. If one were inclined though something could be set up as a cron job. The command to delete all of 192.168.55.2's logs from yesterday's index would like like:
curl -XDELETE 'http://localhost:9200/logstash-2018.11. ... 2.168.55.2'
As far as getting the size of data in bytes that an host sends, there isn't a good way to do this on the NLS end. You can however see the number of events a host sends which should give you an idea of how much data it is sending. This can be done by applying a filter like "host:192.168.55.2" on the dashboard.
curl -XDELETE 'http://localhost:9200/logstash-2018.11. ... 2.168.55.2'
As far as getting the size of data in bytes that an host sends, there isn't a good way to do this on the NLS end. You can however see the number of events a host sends which should give you an idea of how much data it is sending. This can be done by applying a filter like "host:192.168.55.2" on the dashboard.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.