Unique index for each user

JavaDeveloper · May 9, 2020, 7:23am

Hi everyone.
I'm sending my application's logs to logstash as json and I want to save them in elasticsearch by different indices.
In fact, I want to save logs of each user in a unique index that is equal to user key in the incoming json document. Because I want to provide different services to different users.
For example:

document storage time and also services for users can vary.
log content of each user may increase and I intend to increase the query speed by separating the indices.

Therefore:
Q1: Is it a good idea to separate each user's index?
Q2: How can I do it in logstash output config file?

Christian_Dahlqvist · May 9, 2020, 7:37am

Having lots of small indices and shards is very inefficient and does not d ale well. Separating indices per user can work for relatively small number of users though. If you however have lots of small users it is generally better to have them share indices and filter the queries.

How many users do you expect to need to support?

JavaDeveloper · May 9, 2020, 8:05am

About 100,000 users. So do you recommend have same index for all users?

Christian_Dahlqvist · May 9, 2020, 8:07am

With that amount of users you need to at least group them and could possibly benefit from using routing.

JavaDeveloper · May 9, 2020, 8:12am

@Christian_Dahlqvist
Thank you.

system · June 6, 2020, 8:12am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Multiple indices vs. routing Elasticsearch	5	796	July 6, 2017
How correct create indexes in Elasticsearch Elasticsearch	15	1898	April 7, 2017
Setting unique _id Elasticsearch	1	596	April 25, 2018
Elasticsearch as Logstash output Logstash	14	344	April 11, 2019
Help me understand the use case for indices Kibana	6	1161	April 6, 2017

Unique index for each user

Related topics