The short story is Graylog stores it information and settings with it’s use of MongoDB but not the messages you are sending in. Once Graylog is finished processing a message it is sent out to Elasticsearch for storage and future retrieval.
You can search the community for recommendations for sizing to find information that is relevant to your installation (future installation?) Here is an example. There are many factors to take into consideration from clustering to shards in Elasticsearch/Opensearch etc. etc. OF NOTE: If you are creating a new Graylog instance it is likely better to start with OpenSearch as that seems to be the current Graylog direction.