what are the minimum hardware requirements for high availability elk cluster.
You need a minimum of 3 nodes. The size and configuration will depend on your use case and expected data volumes.
At least 32GB RAM and 4 cores, per node. Forget about anything else in 2024.
i am going to setup ELK for an enterprise application
daily logs: 2GB
retention period: 6 months
Lets assume your data takes up the same amount of space on disk as the raw size. This ratio will depend on your mappings , levels of enrichment and index settings. You can find a discussion around this in this old blog post. As you want high availability you will need a replica shard, which means you will add 4GB of indexed data per day. With 6 months retention period this results in approximately 700GB - 750GB of indexed data in the cluster. With 3 nodes that is 250GB per node, which is not a lot for Elasticsearch. I would expect 8GB or 16GB of RAM to be sufficient for this together with 2-4 CPU cores.