Its been a few months we are using the ELK stack and its pretty amazing.We do planning to get commercial plugins which is seems to be awesome. So we thought we could implement with Production.By seeing some blogs its been noticed and recommended to have cluster setup for elasticsearch for better performance.
We would like to have the syslog messages as central logging in ELK .We have around 600 devices, out of which 100 syslog servers and 500 switches with flows enabled.
Please anybody recommend the hardware requirements for this setup of around 50000 Messages per second in ELK and 40000 flows per second (in two different clusters)
Any feedbacks and suggestions would be really helpful