# Set the root user's timezone
root_timezone = UTC

# Log rotation settings
elasticsearch_max_size_per_index = 5368709120
elasticsearch_max_number_of_indices = 20
rotation_strategy = size

# Define how many Elasticsearch shards and replicas to use
elasticsearch_shards = 1
elasticsearch_replicas = 0

# Optimize Graylog's process buffers (for better throughput)
processbuffer_processors = 4
outputbuffer_processors = 3

# Increase Journal storage limit to prevent crashes
message_journal_max_size = 5gb

# Email Alerts Configuration (SMTP for notifications)
transport_email_enabled = true
transport_email_hostname = smtp.gmail.com
transport_email_port = 587
transport_email_use_auth = true
transport_email_auth_username = your-email@gmail.com
transport_email_auth_password = your-email-password
transport_email_use_tls = true

# Adjust how many indices to keep before deleting old logs
elasticsearch_max_number_of_indices = 20
retention_strategy = delete