Hi there,
I'm running Graylog which uses Elasticsearch as backend. RIght now we have about 1.5TB data (about 2 weeks of logging) and I've created 10G indices (about 120 in total, I expect, it's still a process) and 4 shards. Is this a sane number? How can I find out what the best settings for indices (size) and shards are?
kind regards,
Léon
I'd probably go for 3 primary, keeps it under the 50GB max recommendation and gives you room to grow.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.