security talk & philosophizing

FF E4

Elastic: Managing Memory

When I first stood up ELK on my home server, and later at the office on a VM, it didn’t dawn on me the impact of memory. While my work situation needed more memory, for more processing, my home environment was getting pummeled by the 50% memory consumption.

According to Elastic documentation, their use of the JVM will consume 50% of your memory, and that matches my experience. No matter where I install it, no matter how much memory I have, it consumes roughly 50% of the memory.

JVM Options File

There is a way to set memory guidelines so the memory consumption stays well below 50%. On my home server (with 64Gb of Ram), I didn’t want Elastic taking 50% of memory so I modified the jvm.options file.

On a Debian install, this file is located in /etc/elasticsearch

Configuring the jvm.options file

  • cp jvm.options jvm.options.d/jvm.options
  • nano jvm.options.d/jvm.options
  • uncomment, and/or modify the settings:
  • -Xms4g
  • -Xmx4g

I left it at the default 4g each, and got back 20Gigs that it was previously consuming.

Me

FF
EF

a moment now is worth a thousand moments from the before, or next.

letting go is the hardest, but most rewarding aspect of everything

© 2025 FF E4 • Powered by