[K8S] Deploy ELK make sense?

ElasticSearch + Logstash + Kibana

I want store logs in some service with searching. But ES taking a lot of memory...

Somebody know better way? :(

Mikhail Maksaimer's photo

You can try other solutions for it, for example, graylog or splunk? How much limit of memory do you have? How much logs per second do you have?

Patryk's photo

Now I have 15.2GB RAM and don't know how much logs / sec but it's not important now :D Logs from nginx / mysql / php / rabbit / etc. & scalable so probably ~300logs/s

Mikhail Maksaimer's photo

What kind of configuration of ELK cluster do you have? For example, 3 nodes of elasticsearch, 2 nodes of logstash, 1 node of kibana?

Elasticsearch is java application, you can configure heap settings to limit it. Something like this -Xms2g -Xmx2g and try to test it. Of course do it on dev stand )