Hi!
I want to start using graylog for production in a small environment with about 5 Gb/d log volume.
I tend to start with a single-server installation, but: What is the maximum log volume, you would handle without using a cluster installation?
For me, it would be easier to install a single server with a fast NVMe storage, a high performance CPU and a lot of ram, than taking the complexity of a cluster.
What do you think?
Thank you for your thoughts!
KPS
Hello,
First, have you seen this documentation?
https://docs.graylog.org/docs/architecture
I highly suggest for a production environment you have fault redundancy. If you depend on 1 logging server and it goes down or an issue occurs, you have loss. And depending on how much loss you have would be how you rely upon this 1 Logging server. This could possibly have a critical impact not only for yourself but perhaps a customer.
With that being said, the specification for my dev/ops Graylog server is:
Perhaps this documentation would also enlighten you for expanding a single Graylog server to a cluster if need be.
Hope that helps
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
