Get Started with Data Node
A Graylog Data Node is a component of the Graylog architecture that is responsible for managing OpenSearch. This feature allows Graylog to manage your search backend so that you don't have to install and manage OpenSearch separately.
Data Node enhances the security of the data layer in Graylog by implementing certificates, managing cluster membership, and facilitating the addition of new nodes. In addition, it ensures the correct version of OpenSearch and its necessary extensions are installed to enable proper functionality of Graylog.
Install Graylog with Data Node
To install Graylog with Data Node, see the following step-by-step guides covering installation methods for supported systems and services:
Manage the Data Node
Navigate to the Data Node page in the Graylog web interface via System > Data Nodes. This section is the central hub that provides visibility into your data nodes as well as certificate management for increased security. You can also view metrics to help you gain insight into the performance of your search backend. (Note that access to metrics requires a Graylog Enterprise license.)
Data Nodes
The Data Nodes tab lists each of your active data nodes. The table view provides information such as the current node status and certificate expiration. Click any node for more details. From the Actions menu, you can select these additional actions:
-
Renew certificate: Renews the certificate for the node.
-
Stop/Start: Stops or starts the OpenSearch service for the node.
-
Remove: Removes the node from the cluster.
-
Show logs: Opens a dialog box to show OpensSearch logs, which you can view as either STDOUT or STDERR.
Cluster Management
The Cluster Management tab is a pre-made dashboard that displays insights about your search backend, providing real-time data from your OpenSearch data nodes. You can adjust time ranges of the displayed data, but the dashboard is not generally editable.
Configuration
Use this tab to issue or renew certificates. If you opt to manage certificates with Graylog rather than importing your own, you are required to establish a certificate authority (CA) either when you perform your initial preflight configuration or when you go through the migration wizard. Any certificates you issue here are secured by the Graylog CA.
For complete information about managing certificates, see Manage Certificates with Data Node.
Migration
Use the Migration tab if you have an existing search backend that you want to transition to the Data Node architecture.
The migration wizard accessed via this tab walks you through the migration, step-by-step. This in-place migration helps you transition from an existing self-managed OpenSearch instance to Data Node. For complete information, see Data Node In-Place Migration.