Requirements production cluster

diegz · May 31, 2022, 11:11am

Hello everyone,

I would like to implement the elk stack for log management for a SIEM.
In a production context I would like to create a cluster of 3 elastic nodes.
What are your advices and best practices?
2 x node.roles: [ master, voting_only, ... ]
1 x node.roles: [ master, voting_only, data ... ]

How many nodes for logstash?
And for kibana?

And what are the hardware recommendations for each node in a virtualized environment?
Number of cores? RAM? How many disks? What size?

Thank you very much in advance for your advice

RabBit_BR · May 31, 2022, 1:09pm

Hi!!
Maybe this discussion can help you.

diegz · June 1, 2022, 7:18am

Hi,

Thank you @RabBit_BR.

Someone who has worked on a virtualized architecture with a cluster of 3 elastic nodes, 2 logstash and 1 kibana can share his hardware configuration.
CPU ? RAM ? number of disks and their sizes ?

I know that the infrastructure can be evolving but I would like to have an idea.

Best regards,

system · June 29, 2022, 7:19am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
New installation questions Logstash	2	397	June 16, 2017
Installation questions Elasticsearch	5	631	May 22, 2017
Is it okay to make 7 nodes of cluster in one machine(server)? Elasticsearch	11	360	July 21, 2021
Configuration of ELK Stack Elasticsearch	3	345	July 11, 2019
Sizing ELK cluster for 12GB daily logs Elasticsearch	3	781	December 25, 2018

Requirements production cluster

Related topics