Out of Box index and shard settings

manylogs · April 10, 2019, 1:28pm

Hi all,

I have a basic set up. The stack is installed on a Windows 2012 box. I have only configured it to take windows logs through winlogbeat. I have not configured any other settings.

I am ingesting from 3 assets: 2 remote and itself.

I started looking into the concepts of Index and Shards as a result I check what my current solution looked like.

Is it normal for the stack to create this many Indexes for such a small set up?

Would it be better to create one index because the log types are the same?

Thanks

system · May 8, 2019, 1:28pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
My logstash output is creating hundreds of shards per index Elasticsearch	9	1807	July 5, 2017
Testing Elastic Stack and winlogbeat / query exceeds 1000 shards Elasticsearch	32	4151	April 8, 2017
Winlogbeat many shards Elasticsearch	4	1361	April 15, 2017
Balance between number of indices and shards per index Elasticsearch	2	479	July 6, 2017
Custom indexes didn't create using winlogbeat-7.2.1 version Beats winlogbeat	5	978	January 8, 2020

Out of Box index and shard settings

Related topics