ELK Cluster Design

fir3wall · January 7, 2016, 1:14pm

Hello,

I'm trying to design a POC for my boss. I've got client at remote
location who will need to feed our new elastic cluster in cloud.

Currently I've got:

Client Side :: Redis (queue) -> Logstash
Cloud Side :: 3 x Elastic machines in cluster + 1 small VM with Kibana

Data will go over Site to Site VPN .

My question is do I need another Logstash in my cloud to receive this data and forward to cluster or I
can directly feed it to my cluster - I know both solutions will work just wonder what is best practice

In addition can I stick another Elasticsearch instance on cilent side to agregate data on cliend side and then send it to my cloud cluster? Our development team proposed this as way to maybe reduce the network traffic etc (if we can send ready data to cluster).

Thanks
D

warkolm · January 8, 2016, 4:05am

I'd have a LS + broker instance setup in the remote site, so that if the link goes down you can queue things up there.

Putting an ES instance won't do much.

Topic		Replies	Views
Elasticsearch Cluster design - Need help Elasticsearch	1	354	July 24, 2019
Recommendations needed for large ELK system design Elasticsearch	7	1153	July 6, 2017
Several questions about a cluster Elasticsearch	6	969	July 5, 2017
Deploy Cluster ES with multiple node? Elasticsearch	10	3373	July 5, 2017
Cluster expansion Elasticsearch	1	439	September 21, 2018

ELK Cluster Design

Related topics