Stack Overflow
Stack Overflow

Questions tagged [elastic-stack]

Elastic Stack combines the Elasticsearch, Logstash, Kibana, and the Beats Framework to provide real-time insights of any type of structured or unstructured data.

Elastic Stack combines the , , , and the Beats Framework to provide real-time insights of any type of structured or unstructured data.

In 2015, Elastic introduced the Beats framework (,,) into their stack and decided to rename the ELK Stack to the Elastic Stack

3683 questions
4
votes
1 answer

ELK Stack on microservices architecture

Hi am trying to use ELK stack in a micro-services architecture which have lots of services distributed over many servers. Now I have configured Kibana & ElasticSearch. Now my doubt is where do I have to install Logstash. I mean lets say there are…
Ankit Bansal
  • 2,162
  • 8
  • 42
  • 79
4
votes
2 answers

Docker-compose.yml Is not working for elasticserch

Version Used: Docker-compose = 1.3.2 Docker = 1.12.3 Os: Ubuntu-14.04LTS 1: Compose file contents: docker-compose.yml elk: image: elasticsearch:latest ports: - "9200:9200" - "9300:9300" volumes: -…
Dhairya
  • 743
  • 2
  • 11
  • 29
4
votes
2 answers

Pushing structured log data directly to elastic search with filebeat

I have configured filebeat to harvest my structured log output (greenfield project so each log entry is a JSON document in a pre-defined format) and publish it directly to ELS. Example log file excerpt (note that additional is free form, all other…
Myles McDonnell
  • 12,943
  • 17
  • 66
  • 116
4
votes
3 answers

log4j2 exception handling not working

I am using log4j2 with this 2 dependencies: org.apache.logging.log4j log4j-core 2.6.2
Zoltan
  • 162
  • 1
  • 14
4
votes
0 answers

How to use Logstash jdbc plugin to input for mutliple table joins of one to many relationships

I have two tables linked in a one to many relationship , i.e for each row in first table there will be multiple rows in second table . One employee can have many orders assigned to them . ex : how can i achieve the data upload to elastic for a…
Syed Ather
  • 61
  • 7
4
votes
3 answers

ElasticSearch 5.0.0-aplha4 won't start without setting vm.max_map_count

I wish to update my ES version from 2.3 to 5.0.0-alpha4 to be able to use Ingest nodes and remove Logstash out of the question. But it seems ES 5.x version won't start without me setting vm.max_map_count to 262144. I don't want to set that value..I…
Mrunal Gosar
  • 4,595
  • 13
  • 48
  • 71
4
votes
1 answer

Logstash fails to parse array index from URL

I'm trying to extract query parameters from an URL. The troubling line from the log file I'm parsing, looks something like this: 127.0.0.1 - - [09/May/2016:09:32:19 +0200] "GET /ps?attrib[vendor][]=GOK&attrib[vendor][0]=GOK HTTP/1.1" 200 12049 "-"…
Ismail Hanli
  • 43
  • 5
4
votes
1 answer

Log rotation in logstash

I am using file as input for logs in logstash . My log files are rotated daily so , I wanted to ask how can we configure file plugin of logstash so that it work with the files that are rotated daily. And adding to this, is log rotation available…
rresol
  • 323
  • 4
  • 20
4
votes
2 answers

NGINX log filter $upstream_response_time JSON ELK "-" parsefailure

I have my NGINX logs formated as JSON: log_format le_json '{ "@timestamp": "$time_iso8601", ' '"remote_addr": "$remote_addr", ' '"remote_user": "$remote_user", ' '"body_bytes_sent":…
Jesper Persson
  • 63
  • 1
  • 7
4
votes
1 answer

How to run ElastAlert with supervisor

I have elastalert set up on aws and I can invoke it directly in the terminal using commands python -m elastalert.elastalert --verbose --rule example_rules/example_frequency.yaml or python -m elastalert.elastalert --config ./config.yaml --verbose and…
Gman
  • 2,433
  • 3
  • 26
  • 36
4
votes
0 answers

elasticsearch SQL IN subquery equivalent

I have a scenario where I need to search for some documents. Values of one of the search field is result of another search query. In typical SQL scenario it looks something like this Select * from table1 where column1 IN( select columnnx from…
Sarfaraz Khan
  • 2,166
  • 2
  • 14
  • 29
4
votes
1 answer

Use Logstash CSV filter doesn't work

I was trying to use CSV filter on Logstash but it can upload values of my file. I'm using Ubuntu Server 14.04, kibana 4, logstash 1.4.2 and elasticsearch 1.4.4. Next I show my CSV file and filter I wrote. Am I doing something wrong? CSV…
Miguel Bessa
  • 325
  • 2
  • 5
  • 21
4
votes
1 answer

Scale y-Axis in kibana 4.1.0

In kibana 4.1.0 Is there some way to scale the Y-axis?, I have an average metric with a field that is in seconds, but I want it to be shown in hours, I mean the 25,000 seconds should be somenthing like 25000/3600 or something like that. Kibana 4…
Giovanii Mirko Terrazas
  • 141
  • 1
  • 10
4
votes
1 answer

Logstash stops receiving after some time in ELK stack?

I have ELK stack (Elasticsearch/Logstash/Kibana) installed and running. I use one server as ELK server to collect and store all logs from other servers. logstash-forwarder is used to send logs to ELK. The problem is: Logstash is receiving alot of…
Ibrahim Albarki
  • 119
  • 6
3
votes
1 answer

Logstash Got response code '401' contacting Elasticsearch at URL 'http://elasticsearch:9200/

I'm trying to setup a ELK stack in docker environment, but I have no luck so far with Logstash. I've got Kibana + Elastic running and connection with one another, but can't get logstash to work. I've tried different configurations and github repos…
Kristian Vasilev
  • 504
  • 8
  • 26
1 2 3
99 100