mahrz24
commented
7 years ago Good Idea, as I have no use case for this currently, I'm not sure if I'll have time to implement this soon. If you have a PR I am happy to review though!
Closed madchap closed 4 years ago
mahrz24
commented
7 years ago Good Idea, as I have no use case for this currently, I'm not sure if I'll have time to implement this soon. If you have a PR I am happy to review though!
valentin-krasontovitsch
commented
4 years ago hi @madchap - if this is still relevant, could you please describe in detail the use case you see? I'm only familiar with a one instance setup of graylog.
how does the two (or more) instance setup work? do you expect to get different results from the differnet servers, or the same results? should the results be ordered by timestamp, or blockwise by server? do you need to be able to distinguish results coming from different servers?
a user story would definitely help (me) in assessing this request.
madchap
commented
4 years ago No longer relevant for me.
But yea, imagine a graylog cluster in the USA, another one in the EU, both collecting and processing different sources, but possibly in sync stream-wise and rules wise through configuration-as-code.
valentin-krasontovitsch
commented
4 years ago gonna go ahead and close this due to lack of interest. feel free to bump if this should become relevant for any of you!
Hi,
It'd be great to be able to query 2 or more nodes with a single query without having to resort to a custom outside script to call bonfire.
Thanks :+1: fred