Discuss the Elastic Stack

Redis, Logstash indexer, elasticsearch bottleneck

Elastic Stack Logstash

ktella (Kiran Tella) October 13, 2015, 7:22pm 1

I have made a setup of ELK like below.
LS(reading from file) --> REDIS --> LS(indexer) --> ELS

I'm using a bench mark script from here to generate a 1M logs lines to measure performance.

I'm monitoring redis list length with help of LLEN command
/usr/local/bin/redis-cli -h xxx.xxx.xxx.xxx LLEN "logstash-redis"
I'm monitoring the records in ELS with ruby script which uses stats page, which prints COUNT for every second.

What i have observed is that REDIS LIST is empty very quick almost in a ~65 seconds. I can only see only ~60% which ~600K records in ELS.

I'm trying to find the bottleneck here.
Does that mean 400K records are still in LS-indexer queue or in ELS ? How can i speed the things up ?

Is it possible its to do with performance of ES indexing ?

Topic		Replies	Views	Activity
Serious data delay in elasticsearch Elasticsearch	2	327	July 5, 2017
Logstash & Redis Logstash	4	393	July 6, 2017
Logstash reading from Redis Slows Significantly After Several Days Logstash	1	498	November 27, 2019
Issues with logstash sustained throughput Elasticsearch	2	454	July 6, 2017
Redis - Logstash - Elasticsearch is not as fast as I expected Logstash	7	568	July 2, 2019

© 2020. All Rights Reserved - Elasticsearch

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.