ElasticSearch usage for logs with big size of entries

andsm · November 12, 2020, 10:28am

Hello,

I think about usage of ElasticSearch for logging.
System generates about 5-10k log entries per second, average, total size is about 500 Mb per second. Most of log entries are small, but some log entries have size in range 300-500 kb. Such log entries have data in xml format. In case of growth of load, logging subsystem should be able to handle it, if add more servers.
Time to store logs in Elastic is undefined yet. I thinking about 1 month, but it is possible to set less duration, like 2 weeks.
So, logging system should be able to efficiently compress data, to not requires lots of drives, and be able to handle the amount of data.
Can ElasticSearch handle the amount of data efficiently, it is suitable for case when log entries have big size?

afgomez · November 17, 2020, 2:24pm

Hi @andsm, welcome to the Elastic community!

Your use case is possible and Elasticsearch can handle that volume of data. To minimise disk usage you might want to look into how to tune the index mappings, to make sure you don't waste space for your use case.

system · December 15, 2020, 2:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elastic Search Index Data Compression (v1.4.2) Elasticsearch	11	4118	July 6, 2017
Unexpected large disk usage in ES Elasticsearch	2	1045	March 27, 2017
Compression in ElasticSearch Elasticsearch	6	2340	July 5, 2017
Logs is sending into Elasticsearch takes much more disk space than in txt format Elasticsearch	7	709	June 5, 2017
Is Elasticsearch capable of storing this amount of data? Elasticsearch	10	2468	July 6, 2017

ElasticSearch usage for logs with big size of entries

Related topics