Minimum requirement for elasticsearch and Kibana

Hiii everyone,
I have deployed elastic search + Kibana + Wazuh containers using docker. On t2.medium Ec2 server i.e. 4GB RAM, 2 vCPUs. and It runs properly. But when I try to load dashboards it takes so much time or in worst case server fails.

So,

  1. Is it a system requirement issue?
  2. Do I have to configure any optimization?
  3. what are the speed or performance limiting factors in elasticsearch & Kibana?

Kibana visualizations are mostly based on aggregation queries, and aggregations require CPU resource to calculate the result set. Your instance has 2 vCPUs. This is roughly equivalent to a single physical core, which isn’t much.

The other factor here could be storage. Elasticsearch benefits greatly from SSD storage. If you are using an HDD storage tier, you will benefit from moving to at least EBS SSD GP2. RAM is also a factor as available RAM will be used as page cache, allowing recent data to be read from RAM rather than disk.

The actual size that you will require will depend a lot on the volume of data your are ingesting, and the overall query load.

2 Likes