Due to the so much number of our windows events, so we want to sparate windows event into other index
How to create a new index to store windows eventlog to separate from syslog?
how to create new index?
Re: how to create new index?
You can create a separate index, but NLS won't be able to manage it for you--you'd be creating it outside of NLS.
Is that OK for your environment? Would you be able to maintain that index separately with your own filters and everything?
--Jeffrey
Is that OK for your environment? Would you be able to maintain that index separately with your own filters and everything?
--Jeffrey
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: how to create new index?
Ok i got itjdunitz wrote:You can create a separate index, but NLS won't be able to manage it for you--you'd be creating it outside of NLS.
Is that OK for your environment? Would you be able to maintain that index separately with your own filters and everything?
--Jeffrey
But our log is too large, if we want to further improve the query speed, in addition to increasing the number of nodes to 10, maybe manually separating and managing the index is our only option to improve the query speed.
-
benjaminsmith
- Posts: 5324
- Joined: Wed Aug 22, 2018 4:39 pm
- Location: saint paul
Re: how to create new index?
Hi @winsonlee,
Going to check with the team internally on this one, but how many nodes to you have right now?
Going to check with the team internally on this one, but how many nodes to you have right now?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: how to create new index?
We have 8 nodes now, and we plan to add 2 nodes more into cluster at next month
-
benjaminsmith
- Posts: 5324
- Joined: Wed Aug 22, 2018 4:39 pm
- Location: saint paul
Re: how to create new index?
Hi @winsonlee,
Adding more nodes will certainly help improve performance and query speed, but I would also recommend reviewing the overall system to make sure there are no bottlenecks as far as memory, CPU, and disk performance. For example, if one of those nodes do not have sufficient memory or as much as the other nodes, the slower instance will slow down the query result.
The following guide has some more details on Nagios Log Server performance recommendations, let us know if you have more questions.
Performance and Storage Walkthrough
Adding more nodes will certainly help improve performance and query speed, but I would also recommend reviewing the overall system to make sure there are no bottlenecks as far as memory, CPU, and disk performance. For example, if one of those nodes do not have sufficient memory or as much as the other nodes, the slower instance will slow down the query result.
The following guide has some more details on Nagios Log Server performance recommendations, let us know if you have more questions.
Performance and Storage Walkthrough
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Be sure to check out our Knowledgebase for helpful articles and solutions!