Hi,
I installed ELK to analyze apache logs. I have managed to make it work , but I have a question in relation to the size of the index created by logstash . I just put an input file it was 260MB and once analyzed by logstash , the index on ES was more than 300MB . No problem so far. The thing is that a log for a short day of activity is running at 2GB .
Approximately 2300MB once in ES by logstash . Knowing that I have several servers ( jboss , Apache , Tomcat ) .
How to manage the size of the index in ElasticSearch ?
Can I have multiple indexes in ES and Kibana I work on more indexes for one graph ?
Log files are rotated every day.
Thank you for your response .