Reputation: 361
Tuning logstash performance
I use logstash to connect between elasticsearch and ntopng(a flow collector). but there are many drop flows, so I think the bottle neck is on logstash because my RAM is 20G and CPU 8 cores. But I am not sure which parameter could I edit to tune the logstash in the logstash.yml
thank you in advance!
Upvotes: 1
Views: 2393
Answers (1)
Reputation: 856
It seems like one step of working out a solution to your problem is to supply decent Logstash monitoring. One good way to achieve this is by installing X-Pack which provides Logstash monitoring in the X-Pack monitoring ui in Kibana.
Please refer to https://www.elastic.co/guide/en/logstash/6.1/logstash-monitoring-ui.html for more information about the Logstash monitoring ui and https://www.elastic.co/guide/en/logstash/6.1/installing-xpack-log.html for information on how to install and configure X-Pack for Logstash.
Apart from Logstash monitoring, you should of course also monitor the used resources on the systems you are running Logstash on. There are several ways to do this, for example with active monitoring solutions, such as Nagios, our passive monitoring solutions such as Elasticsearch with Metricbeat.
Once you know what the bottleneck is, you can go through https://www.elastic.co/guide/en/logstash/6.1/performance-troubleshooting.html and tune Logstash settings or if necessary add more Logstash instances for distributing load.
Upvotes: 1
Related Questions
- Logstash with Elasticsearch
- Configuring logstash
- Loading Elasticsearch via Logstash on large dataset runs very slowly
- Optimize logstash configuration to reduce CPU utilization
- Very Low Performance With LogStash
- Elastic Search and Logstash Performance Tuning
- using logstash import data to elasticsearch, the speed too slow
- Ways to increase Elasticsearch indexing speed?
- Logstash/Elasticsearch/Kibana resource planning
- Logstash-Elastic search