https://github.com/ndrive/graylog-archiver

Archives graylog indices.
https://github.com/ndrive/graylog-archiver

graylog logs

Last synced: 8 months ago
JSON representation

Archives graylog indices.

• Host: GitHub
• URL: https://github.com/ndrive/graylog-archiver
• Owner: NDrive
• License: mit
• Created: 2017-03-03T14:29:54.000Z (over 9 years ago)
• Default Branch: master
• Last Pushed: 2018-10-16T14:24:27.000Z (over 7 years ago)
• Last Synced: 2025-07-21T06:33:27.195Z (11 months ago)
• Topics: graylog, logs
• Language: Python
• Homepage:
• Size: 19.5 KB
• Stars: 13
• Watchers: 5
• Forks: 6
• Open Issues: 5
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Graylog Archiver

Archives graylog indices to `backup_dir`, keeping the latest ones (`max_indices`).

For example, if you have the following indices:

- graylog_49

- graylog_48

- graylog_47

And `max_indices` is set to 1, it will archive and delete 48 and 47.

## Install

Install __Python 3__ and use pip:

    pip3 install graylog-archiver

## Usage

Configure `path.repo` in `elasticsearch.yml` to allow the creation of backup

repositories at `backup_dir`.

Example:

```

path.repo: /srv/backups/elasticsearch

```

Create a configuration file for graylog archiver `graylog_archiver.json`:

```json

{

  "elasticsearch": {

    "hosts": "localhost"

  },

  "max_indices": 3,

  "backup_dir": "/srv/backups/elasticsearch/graylog",

  "delete": false

}

```

Run with:

    graylog-archiver

Use your strategy to backup:

    rsync -r --remove-source-files /srv/backups/elasticsearch/graylog backups@backups.company.com:/srv/backups/graylog

## Test

Start docker containers:

    cd test && docker-compose up -d

Setup Graylog with an input and send some logs.

Run graylog_archiver with the test configuration:

    graylog-archiver --config test/config.json