I have done a test with graylog. elasticsearch at a single node server for with 8 core processor and 32 GB of RAM but Hard disk was with 7200 RPM… and i didnt get that much great result out of it… But what i able to see that this graylog system can serve my requirements.
Now can any one help me, a suggestion, to set a specifications for server hardware for 150K/sec log, this is basically for NetFlow data analyzing.
How much core can be set to graylog system and how much RAM for elastic search.
Obviously this deploy will be with 3 node cluster.