Just curious what's the best option for ingesting static logs by balancing performance and availability. The default is 5 shards w/ 1 replica.
Since new index will be created at daily based does it make sense to have a small shards, like 3 shards with 1 replica? I wonder what is the threshold to decide the best of it. Is it the volume of the data ingestion or something else.
Thanks in advance.
This blog post provides some guidance on shards and sharding and may be useful. It does however often depend on the use case, types of data and retention period.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.