How many indices / shards for graylog

lkeijser · December 2, 2021, 6:55am

Hi there,

I'm running Graylog which uses Elasticsearch as backend. RIght now we have about 1.5TB data (about 2 weeks of logging) and I've created 10G indices (about 120 in total, I expect, it's still a process) and 4 shards. Is this a sane number? How can I find out what the best settings for indices (size) and shards are?

kind regards,

Léon

warkolm · December 2, 2021, 7:00am

I'd probably go for 3 primary, keeps it under the 50GB max recommendation and gives you room to grow.

Topic		Replies	Views
How big should an index be for 2x data node cluster Elasticsearch	6	219	December 5, 2022
Elasticsearch Shards/Indices planning Elasticsearch	4	1227	December 20, 2018
Balance between number of indices and shards per index Elasticsearch	2	487	July 6, 2017
Best config for Performance Elasticsearch	11	2583	November 5, 2018
[Help!] Number of indexes and shards per node Elasticsearch	9	3564	May 5, 2017

How many indices / shards for graylog

Related topics