Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Remote Elasticsearch
« previous
next »
Print
Pages: [
1
]
Author
Topic: Remote Elasticsearch (Read 840 times)
flyingbird76
Newbie
Posts: 5
Karma: 0
Remote Elasticsearch
«
on:
July 08, 2024, 07:00:50 pm »
I originally installed Zenarmour using SQLite but I wanted more than 2 days data retention. Although my firewall is powerful enough to install elasticsearch (quad core, 8gb RAM), I preferred to keep Elasticsearch separate from my firewall, so I purchased a mini server to act as my Elasticsearch server (I will use it for other data logging as well now that I have it).
The install of Zenarmour went well and everything is working well as far as I can see but when I check the database in settings I get the following warning:
‘We do not advise to set a data retention interval longer than 2 days for elasticsearchRemote backend’
It is currently set to 7 days.
Question; Why would using a much more powerful external Elasticsearch server for Zenarmor give a recommendation to only retain 2 days of logs while using Elasticsearch installed on the vastly less powerful firewall it is happy with a 7 day retention period?
Logged
sy
Hero Member
Posts: 597
Karma: 44
Re: Remote Elasticsearch
«
Reply #1 on:
July 09, 2024, 08:44:26 am »
Hi,
Thanks for reporting. This is a known UI issue. You can dismiss it and set retention period more than 2 days.
Logged
flyingbird76
Newbie
Posts: 5
Karma: 0
Re: Remote Elasticsearch
«
Reply #2 on:
July 09, 2024, 06:53:29 pm »
Thank you.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Remote Elasticsearch