Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [elasticsearch]

Elasticsearch is a flexible and powerful open source, distributed, real-time search and analytics engine.

Elasticsearch is a flexible and powerful open source, distributed, real-time search and analytics engine. Architected from the ground up for use in distributed environments where reliability and scalability are must haves, Elasticsearch gives you the ability to move easily beyond simple full-text search. Through its robust set of APIs and query DSLs, plus clients for the most popular programming languages, Elasticsearch delivers on the near limitless promises of search technology.

http://www.elasticsearch.org

373 questions
4
votes
1 answer

Logstash/elasticsearch stops accepting new data

I've set up a new proof of concept logstash system CentOS 6.6 (on Vmware 5.5) - single CPU VM with 12G RAM allocated Elasticsearch and Logstash installed from RPMs … # rpm -q elasticsearch…
Paul Haldane
  • 4,457
  • 1
  • 20
  • 31
4
votes
1 answer

Elasticsearch: High traffic on loopback interface

One of our application uses Elasticsearch (1.4.4) as an in-memory cache. The application is a Java webapp deployed on Tomcat 7 with Oracle 1.7. The elasticsearch instance is a one-node setup deployed on the same server. Since elasticsearch 1.3.3…
ercpe
  • 566
  • 3
  • 15
4
votes
2 answers

Elasticsearch performance tuning

In a Single Node Elastic Search along with logstash, We tested with 20mb and 200mb file parsing to Elastic Search on Different types of the AWS instance i.e Medium, Large and Xlarge. Logstash conf input { file { } } filter { mutate { …
Devaraj
  • 41
  • 1
  • 4
4
votes
1 answer

ElasticSearch snapshot backup sliding expiration - possible?

I'm planning on using the ElasticSearch S3 cloud plugin to create snapshots of our ES cluster. This all looks fairly straight forward but I'm wondering whether its possible integrate it into our existing backup strategy. With our other data stores…
justcompile
  • 141
  • 3
4
votes
4 answers

Nothing appearing in kibana dashboard

I have installed Logstash ElasticSearch Kibana on an EC2 instance. I can visit http://example.com:9200 Here I get { "status" : 200, "name" : "Aleta Ogord", "version" : { "number" : "1.1.0", "build_hash" :…
user2099762
  • 133
  • 2
  • 4
  • 18
4
votes
4 answers

Securing elasticsearch

There appears to be a serious lack of information on this despite the fact that as installed elasticsearch is extremely exploitable. My main fear in using it is that as a non-expert I have no idea what the possible vulnerabilities are and how to…
George Reith
  • 633
  • 2
  • 12
  • 22
4
votes
3 answers

Foward slash in kibana 3 query

I'm trying to add a query that will match a request that ends with a slash, like this one: n.n.n.n - - [16/Oct/2013:16:40:41 +0100] "GET / HTTP/1.1" 200 25058 "-" "Mozilla/5.0 (iPad; CPU OS 7_0_2 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like…
G Mawr
  • 173
  • 1
  • 3
  • 6
4
votes
1 answer

Adding TTL to elasticsearch with logstash

I can't figure out how to apply this documentation http://www.elasticsearch.org/guide/reference/mapping/ttl-field/ to logstash. Specifically, i don't know which keys to use (instead of "tweet" etc). The goal is to have all logs sent to elasticsearch…
Maciej Swic
  • 270
  • 5
  • 18
3
votes
1 answer

Bootstrapping a 3 node Elastic Search cluster using docker containers

I'm trying to set up a test Elastic Search cluster on 3 separate hosts, using the official 7.2.0 docker image Each container is is configured with an elasticsearch.yml which looks like this cluster.name: mytest network.host: "0.0.0.0" node.name:…
Paul Dixon
  • 1,436
  • 3
  • 21
  • 35
3
votes
0 answers

Logstash losing connection to Elasticsearch nodes

We're running Logstash on a server which is pushing logs into an Elasticsearch cluster. In the Logstash logs we see it losing connection to the Elasticsearch servers with a connection reset error. We see this between all of our logstash and…
Nick Peirson
  • 31
  • 4
3
votes
1 answer

Why is this exclude_lines in filebeat excluding all logs?

I'm using ELK Stack, and I've got it working pretty well for most of my servers. The exception is that I have a gitlab server that has a ping to/from a gitlab-ci server that happens in the gitlab-access log. This happens every second, and I'd like…
trueCamelType
  • 1,016
  • 5
  • 19
  • 41
3
votes
1 answer

New ElasticSearch 5.2.1 Install on Ubuntu 16.04: Connection refused

I just followed this install guide for Elasticsearch via APT: https://www.elastic.co/guide/en/elasticsearch/reference/5.0/deb.html When I run curl -X GET 'http://127.0.0.1:9200/' (or localhost) I receive an error: Failed to connect to 127.0.0.1 port…
iRyanBell
  • 413
  • 2
  • 11
  • 20
3
votes
0 answers

Can't access ElasticSearch through local port forward

I'm stuck at connecting to my SearchGuard-proteced ElasticSearch instance inside the company network from my local machine at home. I'm using a local SSH forward same as I got working for a phpMyAdmin instance. My ~/.ssh/config contains these: Host…
oschlueter
  • 133
  • 6
3
votes
1 answer

elk stack error "unable to fetch mapping do you have indices matching the pattern"

i am trying to setup ELK stack with collectd on Ubuntu 16.04 LTS (so pretty much latest version of stack available) kibana is behind nginx proxy (followed this guide…
uberrebu
  • 493
  • 5
  • 15
  • 32
3
votes
3 answers

Must all nodes of an Elasticsearch cluster be identical?

In an Elasticsearch cluster, must all nodes be identical i.e. having the same: Operating System Amount of RAM CPU speed and number of cores etc. or is it allowed for the nodes to be different? (Apart from the obvious fact that an homogeneous…
dr_
  • 1,035
  • 11
  • 19
1 2
3
24 25