Requirements production cluster

diegz · May 31, 2022, 11:11am

Hello everyone,

I would like to implement the elk stack for log management for a SIEM.
In a production context I would like to create a cluster of 3 elastic nodes.
What are your advices and best practices?
2 x node.roles: [ master, voting_only, ... ]
1 x node.roles: [ master, voting_only, data ... ]

How many nodes for logstash?
And for kibana?

And what are the hardware recommendations for each node in a virtualized environment?
Number of cores? RAM? How many disks? What size?

Thank you very much in advance for your advice

RabBit_BR · May 31, 2022, 1:09pm

Hi!!
Maybe this discussion can help you.

diegz · June 1, 2022, 7:18am

Hi,

Thank you @RabBit_BR.

Someone who has worked on a virtualized architecture with a cluster of 3 elastic nodes, 2 logstash and 1 kibana can share his hardware configuration.
CPU ? RAM ? number of disks and their sizes ?

I know that the infrastructure can be evolving but I would like to have an idea.

Best regards,

system · June 29, 2022, 7:19am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Is it okay to make 7 nodes of cluster in one machine(server)? Elasticsearch	11	360	July 21, 2021
Recommended ELK architecture for production? Elasticsearch	15	12160	July 5, 2017
Hardware requirements for production cluster Elasticsearch	3	14437	March 29, 2019
Designing elasticsearch cluster for a SOC Elasticsearch	5	855	February 19, 2023
Elastic stack hardware requirements Elasticsearch	4	9448	September 1, 2020

Requirements production cluster

Related Topics