Hi Everyone, I am thinking of the centralized architecture / model so that I can deploy and scale the ELK stack for high availability. Anyone tried this? If so, any documentation sharing is really appreciated. Thank you.
I'm afraid it's a too vague question. I'm not sure I understand what you are looking for.
Elastic stack (not ELK anymore) is designed for HA, centralized architecture, clustering...
@dadoonet I am sorry for the confusion. Right now I have the Elastic stack running on one ubuntu box (16.04) and beat agents on 40 hosts (winlogbeat and metricbeat) I do not have any filters in place that can filter out the data and the ubuntu server is running out of memory (logstash and elasticsearch are at 100% process and ram utilization). I did some search and came across how to scale and deploy logstash and I think this would help me.But I have few questions before I start any work in my environment. In the second diagram it mentions logstash on X number of nodes so I should have logstash running on multiple servers? how about elasticsearch it says master nodes and data nodes so I should have 3 servers running elasticsearch?
Once again I am novice with elastic stack, wish you could help me. Thank you.
https://www.elastic.co/guide/en/logstash/current/deploying-and-scaling.html
You normally want to have elasticsearch on its own machine, alone.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.