Server sizing guide?

daniel · July 23, 2019, 1:43pm

Hello,

I am new to graylog and love it. Set up a test environment on vmware via ova. Now I am planning a graylog cluster with elastic search and was looking for a sizing guide. There was one on Sizing estimator but the link is dead.

We expect a minimum of 300 million log entries with around 30 GB per day which should be kept for 7 days (~210 GB) per week. I thought of creating a ES cluster of 3 nodes and a graylog/mongodb cluster of 3 nodes - 6 ubuntu servers in total, load balanced by an existing loadbalancer.

Is there a guide on how to size ES and GL nodes regarding mem, vCPUs and storage?
How are logs spread over the nodes. Does each node need 210 GB?

Kind Regards
Daniel

jan · July 24, 2019, 8:53am

as you can read in this community - you can place a simple matrix over a setup. To many variables - if you ingest at the same pace over the day, if you do normalization on your logs, how ‘save’ should your logs be stored? Do you need redundancies? In case of error in the setup how important is it for you that you can restore that?
How many people will active use Graylog, how many dashboards will you have running on a TV Board?

daniel · July 24, 2019, 10:18am

I’ve found what I was looking for:

Topic		Replies	Views
Opensearch sizing Documentation Campfire dashboards	1	1024	March 18, 2023
Graylog Enterprise production infrastructure setup Graylog Central (peer support)	2	1317	June 21, 2017
Sizing guide for GL and ES servers Graylog Central (peer support)	3	2392	September 17, 2019
Graylog Sizing/Optimzation Graylog Central (peer support) sidecar , nxlog , nodatanx	4	6633	December 15, 2017
Users feedbacks / Guides for heavy load graylog Cluster Graylog Central (peer support)	32	6581	July 29, 2020

Server sizing guide?

Related topics