Where is the data coming from?

How many log entries are you generating per second?

What does your ingest process look like?

How come you are not using [time-based indices](https://www.elastic.co/guide/en/elasticsearch/guide/2.x/time-based.html)?

---