Graylog Sizing / Architecture

zoscail · August 28, 2017, 6:24am

Dear all,

we are currently using the Graylog OVA image.
We have about 10.000.000 Logs per day. Our Server runs with 8 vCPU’s, 16 GB RAM and about 300 GB disk space.
The performance is pretty good.

We now have some requirements to increase the daily Logs up to 100.000.000 per day. Do we now have to change our environment to a Multi-Node Setup or what is the recommendation?

If so, how many servers do you recommend?

Thank you!
BR
Steffen

jan · August 28, 2017, 9:00am

dear @zoscail

it highly depends how long did you want to keep the logs and how much you are searching on them and how much processing you do.

But having Graylog and Elasticsearch not on the same Host should be the first step.

system · September 11, 2017, 9:03am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Graylog Sizing/Optimzation Graylog Central (peer support) sidecar , nxlog , nodatanx	4	6397	December 15, 2017
Server sizing guide? Graylog Central (peer support)	3	7493	August 7, 2019
Graylog Enterprise production infrastructure setup Graylog Central (peer support)	2	1225	June 21, 2017
Best hardware setup for medium sized Graylog Central (peer support)	5	1459	August 13, 2022
Performance Scaling Graylog Central (peer support)	5	1532	November 25, 2021

Graylog Sizing / Architecture

Related topics