How many shards in one node?

MLdz · December 6, 2017, 10:43am

Hello,
i have install the ELK Stack for apache and php logs. My logstash is connect to my elasticsearch.
At present, logstash create a daily index for elasticsearch.

I have 600Mb of logs per day, and we want to keep the logs for 30 days ( ~18 Gb).
The shards can't support 45Gb of data, but it is a good things to have just one shards per daily index ?

Because i dont know if the best is too create juste one index logstash with 5 shards of 3.6Gb or create a daily index with just one shards of 600Mo (it's easier to delete index to old after 30 days than data on shards ?)

Ps : i have just one node

Thkssssss

Christian_Dahlqvist · December 6, 2017, 1:34pm

Single daily index with 1 primary shards sounds reasonable.

MLdz · December 6, 2017, 2:18pm

Okey, but 30 shards (1 shard per dayly index) it is ok for just one node ? it's not to big for this basic architecture ?

Christian_Dahlqvist · December 6, 2017, 2:21pm

Yes, I think that sounds reasonable, although you could also go with e.g. weekly indices. Have a look at this blog post about shards and sharding.

system · January 3, 2018, 2:21pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How many shards for 60GB daily index? Elasticsearch	13	2838	November 23, 2017
How many Shards / Replicas Elasticsearch	9	9789	July 5, 2017
No. of Shards Per index in ES Cluster Elasticsearch	4	1223	July 5, 2017
[Help!] Number of indexes and shards per node Elasticsearch	9	3430	May 5, 2017
Balance between number of indices and shards per index Elasticsearch	2	454	July 6, 2017

How many shards in one node?

Related topics