Should I have elasticsearch and logstash on different machines when deploying the ELK stack in production (as I've read that somewhere in the internet)? or can they be installed on the same server with the following logstash output:
output{
elasticsearch {host => "localhost"}
}There is no technical reason they couldn't be installed on the same machine. Performance is another angle though. We separated off Logstash from the ES cluster shortly after going into production as they were constantly competing for resources as we have a very index heavy cluster.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.