Elasticsearch cluster config requirement for graylog setup

Nilesh_Date · June 17, 2015, 12:06pm

Hi ,

I will be configuring graylog cluster in my oragization which will have elasticsearch cluster in it.
I would like to know the configuration required for my elasticsearch cluster . I will be having 3 nodes in ES cluster.
Below is my requirement -

Assumptions
11k messages/second (peak)
150 bytes per message (based on average message size for syslog messages)
30 days retention (4.5TB for raw data and 9TB total including replica indices)
Data redundancy (Clustered ES with replicas)
6-12 concurrent users actively executing search queries
4-8 streams & extractors
Full HA support for Graylog application nodes and ES
Assumes no significant growth in data volume over time

Please assist

warkolm · June 18, 2015, 2:50am

What sort of things are you after exactly?

Have you read this part of the Definitive Guide?

Nilesh_Date · June 18, 2015, 12:36pm

I want to know required configuration for each server in elasticsearch cluster since it will part of my graylog setup in production environment.

yes, I have read the guide. After reading I come up with below config details.

16 Cores (Intel 64-bit CPUs)
48GB RAM
4TB RAID 0 (SSD preferred or 15K RPM SATA)

Topic		Replies	Views
Cluster sizing & scalability for ES version 5.x Elasticsearch	1	497	August 16, 2017
Need help in scaling up my elasticsearch-logstash-graylog setup Elasticsearch	3	872	July 5, 2017
Graylog in kuberenetes cluster Elasticsearch	2	80	May 13, 2024
Problems with GrayLog2 + ES setup [long] Elasticsearch	15	1998	July 6, 2017
Hardware requirement in ELK Elasticsearch	3	8014	July 5, 2017

Elasticsearch cluster config requirement for graylog setup

Related topics