Ahh, if you want to go HA, you can use their tool to get estimates: https://www.graylog.org/tools/sizing-estimator
On Friday, November 18, 2016 at 5:50:17 AM UTC+13, Joshua Waclawski wrote: > > As the title states, I'm pretty new to Graylog and Elasticsearch. I've > read the documentation thoroughly and I've watched a few educational videos > describing how elasticsearch works from the ground up; everything is very, > very cool and I'm excited to start using it! Using the AMI provided on the > Github, I've setup an EC2 instance and have started work on learning how to > configure and use this tool, but I've hit a bit of a road block and need > some answers... > > 1. Hardware requirements - what exactly are they? I'm attempting to > deploy graylog to an environment that receives no more than maybe 200-300 > messages per second, if that. I can't imagine that managing a few > thousand > logs per minute requires 12gb of RAM to do, but I'm new to Elasticsearch > so > I'm asking for clarification. Every white paper, forum post, blog post, > or > guide that I've read so far assumes 5000+ messages per second. > 2. Configurations - This is what annoys me the most. The > configuration files are very, very scattered (at least they seem so) and > the official documentation does a very poor job of explaining what's > required to configure for basic functionality on a single server. Using > the AWS AMI, what configuration files need editing to inflict changes upon > the system? I'm seeing .conf, .yml, and .cfg files all over my operating > system with seemingly redundant settings that I can't find explanations > for. Again, this could be my ignorance of the architecture, but the file > hierarchy is explained no where. > > That's really it for now.. if I can hammer out these answers with some > level of certainty then I'll have what I need to move forward in > configuring and testing this software. As thing stand now, I have no idea > if I'm editing the proper config file half the time as all I receive are > errors in logs and alerts in the webUI. > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/9e7ba28c-5f99-4b87-9825-2f542851f5f1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
