Is it' okay to keep the all the 150 - 300 servers logs data on one cluster three node cluster ?
if we can then how could we set up back up procedure or log rotation and what is best tools that I can use ?
Hi Bjen,
I edited the category to "Elasticsearch" since the question is about guidelines or Best Practices
for Elasticsearch. The "Logs" category is for everything related to the Logs app – setup with Filebeat, Filebeat modules, and using the Kibana Logs app.
I believe the advice is more around the size of the index, and how many shards and nodes you have as opposed to how many sources of data are feeding it. If you include that information in your post, I think you'll get a faster and more satisfying answer.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.