Hi All,
I need suggestions if we have data 6TB with 10 datanode ES, how about query performance in Elasticsearch.
Can the query be successful in 2 seconds? Every nodes are 8 core, 64GB RAM, 6TB SSD.
Thanks All
Welcome to our community! 
What sort of data is it? What sort of queries are they?
Hi @warkolm thanks for response. Yes, I'm happy in this community.
All data log(web, server/OS, mail, antivirus, etc) this case use for security analyst.
Query time range one month.
Ok, so time based data. It really depends on how large a month's data is, out of that 6TB.
I would expect that Elasticsearch should do that, though you might want to test to make sure if that's a hard business requirement.
Yes, i want to query data in range one month latest.
One month have 6 TB data.
Ok, thanks.
What is the full output of the cluster stats API? How much data does each node hold? Is the last months data distributed evenly across the nodes?
What type of queries and aggregations you run will also have an impact on performance so some details about this would also be useful. Do you see any errors in the logs? Do you see any evidence of long and/or frequent GC?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.