Increase the search speed

isgood · October 12, 2022, 11:47am

I have installed graylog server, mongodb, and Elasticsearch master in 3 servers, and 4 of them have installed Elasticsearch Slave.

If I want increase the search speed , what can I do?
increase graylog server or increase Elasticsearch Master / Slave

gsmith · October 12, 2022, 9:34pm

Hello && Welcome @isgood

I would ensure you have fast drive like a SSD and a lot of CPU & Memory, perhaps 30% more then you really need for the setup would be a good start.

And take a look here…

When first starting out you may have to make adjustments to configuration settings and resources. This will depend on the environment that Graylog is in.

ihe · October 13, 2022, 8:04am

Quick sketch, how I do tune Elastic:

50% of RAM for the java-heap, rest for filesystemcaches via OS
bundeling streams with the same fielsnames on the same index-set. (e.g. all winlogbeat on one)
set the index set for daily rotation
for each 20-30GB of data on a stream one shard on the index set
for each 20 shards one GB of heap on the machines.

system · October 27, 2022, 8:05am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Need help regarding tuning Graylog Cluster Graylog Central (peer support)	3	522	July 12, 2018
Enhance Graylog search performance by adding new Elastic nodes? Graylog Central (peer support)	3	1646	August 24, 2017
Regarding tuning Graylog Cluster Graylog Central (peer support) access-specific-log- , architecture , components	4	1041	March 1, 2023
Help in Better performance of my Elasticsearch-Graylog Setup Graylog Central (peer support)	11	4198	March 13, 2019
Performance optimizing Graylog Central (peer support) basic-configuration	5	3190	March 7, 2022

Increase the search speed

Related topics