we are about to deploy Greylog Open Source on a production environment for a system that it is expected to produce 0,1 Gb per day of logs, and going live very soon. We are planning to use for that the AMI image - the one under http://docs.graylog.org/en/2.4/pages/installation/aws.html , to save deploying time. I know that this system is not supposed to be created to provide a production ready solution - however, what are the risks if we do that anyway ? I need to justify the additional effort of going the full length of a complete installation.
What I would think of is a XS deployment, on AWS, based on Ubuntu, on a t2.large machine, containing everything : Greylog, Elasticsearch, Mongodb.