Stack Overflow
Stack Overflow

Questions tagged [elastic-stack]

Elastic Stack combines the Elasticsearch, Logstash, Kibana, and the Beats Framework to provide real-time insights of any type of structured or unstructured data.

Elastic Stack combines the , , , and the Beats Framework to provide real-time insights of any type of structured or unstructured data.

In 2015, Elastic introduced the Beats framework (,,) into their stack and decided to rename the ELK Stack to the Elastic Stack

3683 questions
4
votes
2 answers

ElasticsearchStatusException[Elasticsearch exception [type=search_phase_execution_exception, reason=all shards failed]]

I am fetching documents from Elastic Search index named as replacement_local100. I am querying the same index two times. First Query --> Based on the code as input am getting a list of link_ids. The second Query --> Based on List of Link IDs (from…
Karthikeyan
  • 211
  • 1
  • 4
  • 15
4
votes
0 answers

How do I bundle log-lines by request in Kibana?

In Stackdriver Log Viewer (for our Google AppEngine app), lines from a single HTTP-request follow each other sequentially, rather than being mixed into lines from other requests. Also, they are bundled in a visually-distinguished, foldable…
Joshua Fox
  • 18,704
  • 23
  • 87
  • 147
4
votes
0 answers

Is it possible to order split series in Kibana histograms using the values of the split buckets?

Say I have an index of product sales where each document is an individual sale for a specific product. I can use Kibana to chart a date histogram of sales counts, bucketing by every month. This would be the frequency of product sales every month.…
Akhil
  • 41
  • 2
4
votes
1 answer

Logstash not updating last run metadata file

In my Logstash I want to download from a database the most recent data using :sql_last_value in a query and tracking_column option in conf file. I've set last_run_metadata_path because I have 2 pipelines for the same table but Logstash saved last…
Michael Dz
  • 3,655
  • 8
  • 40
  • 74
4
votes
1 answer

How do I group a Elastic Stack alert by Docker Instances?

A certain periodic task is supposed to happen once a minute. I can send an alert when this is hanging with the following condition in a Threshold Alert. WHEN count() GROUPED OVER top 1 'periodicTaskLog' IS BELOW 1 FOR THE LAST 2 minutes (That uses…
Joshua Fox
  • 18,704
  • 23
  • 87
  • 147
4
votes
1 answer

logstash grok, parse a line with json filter

I am using ELK(elastic search, kibana, logstash, filebeat) to collect logs. I have a log file with following lines, every line has a json, my target is to using Logstash Grok to take out of key/value pair in the json and forward it to elastic…
user84592
  • 4,750
  • 11
  • 55
  • 91
4
votes
1 answer

Centralizing pm2 logs with elastic search/kibana/logstash

I was wondering if there was a way to centralize pm2 logs by either sending them to elastic search or integrating pm2 with the ELK stack in some way.
jman93
  • 367
  • 3
  • 9
4
votes
2 answers

What does @ mean in elastic search documents?

My question is: "What does the @ mean in elastic search documents?" @timestamp automatically gets created along with @version. Why is this and what's the point? Here is some context... I have a web app that writes logs to files. Then I have logstash…
thenengah
  • 42,557
  • 33
  • 113
  • 157
4
votes
2 answers

Elastic search cluster is shown as red. How to recover?

I have a ES cluster showing the status as red. { "cluster_name": "elasticsearch", "status": "red", "timed_out": false, "number_of_nodes": 10, "number_of_data_nodes": 7, "active_primary_shards": 4431, "active_shards":…
Nayanajith
  • 41
  • 1
  • 1
  • 4
4
votes
3 answers

docker-elk - how is it persisting elasticsearch index?

I'm just getting to grips with Docker and docker-compose, trying to create a development environment for Elasticsearch which I will deploy later. I've been using docker-elk as a reference, and I've managed to create a working Elasticsearch…
daviestar
  • 4,531
  • 3
  • 29
  • 47
4
votes
2 answers

MaxMind Writer to create custom database to use with geoip in ELK Stack

I'm trying to create a custom database for an internal network using the perl Writer from MaxMind, which is working good so far. I then try to geolocate these IP ranges with the geoip filter plugin in logstash. I can verify that that the created…
emcewees
  • 71
  • 1
  • 7
4
votes
2 answers

ELK: Setup multiple http inputs of logstash ELK stack

Question: How to setup multiple http inputs of logstash ELK stack What I already have: Working ELK docker image based on: https://github.com/deviantony/docker-elk Working logstash-input-http-plugin based on:…
TheHorizon
  • 145
  • 1
  • 16
4
votes
0 answers

Filebeat - multiline: Ingest XML's without line feed at end of file

I want to ingest XML files to the ELK-Stack. I want one event per XML file. These XML files end without line feed, thus filebeat's multiline codec never forwards the last line of the XML to Logstash. Because of this Logstash's XML filter is then not…
cvanhalt
  • 73
  • 6
4
votes
1 answer

How to transfer data from ELK to SQL Server?

Our organization uses Elastic Logstash & Kibana (ELK) and we use a SQL Server data warehouse for analysis and reporting. There are some data items from ELK that we want to copy into the data warehouse. I have found many websites describing how to…
Tarzan
  • 4,270
  • 8
  • 50
  • 70
4
votes
2 answers

"Mapping conflict!" Error in Kibana

I have Installed an ELK stack on my machine. Kibana's version in 5.2.1, Elastic version is 5.2.1. So basically everything is uptodate. But now i am getting following warning. "Mapping conflict! 2 fields are defined as several types (string, integer,…
Easy-Install
  • 55
  • 1
  • 2
  • 5
1 2 3
99 100