Stack Overflow
Stack Overflow

Questions tagged [elk]

Questions about the ELK stack, which gives you the ability to aggregate logs from all your systems and applications, analyze these logs and create visualization.

ELK is a stack of the three open source projects - , and

The ELK stack gives you the ability to aggregate logs from all your systems and applications, analyze these logs and create visualization.

Useful links:

1095 questions
4
votes
0 answers

Handling arbitrary JSON logs in ELK stack

I trying to set up a full ELK stack for managing logs from our Kubernetes clusters. Our applications are either logging plain text logs or JSON objects. I want to be able to handle searching in the text logs, and also be able to index and search the…
FrederikNS
  • 5,562
  • 2
  • 22
  • 36
4
votes
3 answers

Logstash beats input "invalid version of beats protocol"

I'm writing a kibana plugin and a logstash pipeline. For my tests, I just wrote a logstash input like that: input { beats { port => 9600 ssl => false ssl_verify_mode => "none" } } But when I try to open a connection…
Pikappa
  • 181
  • 1
  • 2
  • 11
4
votes
1 answer

Elasticsearch put role API

I started using the create role API and it works as expected : https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role.html I got the list of default roles in elasticsearch, /_security/role but I don't know to create…
Harry
  • 3,072
  • 6
  • 43
  • 100
4
votes
3 answers

How we can filter namespace in filebeat kubernetes?

I am setting up pipeline to send the kubernetes pods log to elastic cluster. I have installed filebeat as deamonset (stream: stdout) in my cluster and connected output to logstash. Beats is connected with logstash without an issue, now i want logs…
paulpuvi
  • 45
  • 1
  • 1
  • 7
4
votes
0 answers

GroupBy within bucket and get max count within that interval

I have an index that outputs objects and status of that object every 30 seconds. Number of objects remain constant each 30 seconds, but their state can change. I'm trying to generate a graph using timelion of the count of objects in a specific…
whoknows
  • 395
  • 2
  • 4
  • 17
4
votes
1 answer

Missing authentication credentials for REST request when using sniffing when Kibana starts

I just upgraded ELK from 7.1.0 to 7.5.0 and Kibana fails to start with {"type":"log","@timestamp":"2020-01-22T17:27:54Z","tags":["error","elasticsearch","data"],"pid":23107,"message":"Request error, retrying\nGET http://localhost:9200/_xpack =>…
o1o1o11o1
  • 79
  • 1
  • 1
  • 6
4
votes
3 answers

Logstash | ConfigurationError :message=>Expected one of [ \\t\\r\\n], \"#\", \"input\", \"filter\", \"output\" at line 1, column 1 (byte 1)

I am getting config error while launching Logstash. I am using 7.5.1 version. Same config file worked earlier. I had to setup ELK stash on another VM since older VM was decommissioned, and I am facing this error here. I'm instantiating logstash…
Shreyas SG
  • 368
  • 3
  • 6
  • 21
4
votes
1 answer

How to export data from kibana(ELK stack) as CSV from API calls?

I have already export data from kibana(ELK stack) as in JSON file format by API calls.But the requirement to get enhanced data table's data as in CSV format through API calls.Is there a way i can achieve this?
rehan
  • 469
  • 1
  • 7
  • 17
4
votes
2 answers

How to get Kibana dashboard ID?

How can I get kibana dashboard ID? for API call to export data from the dashboard. I searched everywhere but I can't find ID for dashboard like in example(The dashboard ID is 942dcef0-b2cd-11e8-ad8e-85441f0c2e5c.). I'm using ELK stack 7.4.1…
rehan
  • 469
  • 1
  • 7
  • 17
4
votes
1 answer

Failed to connect to backoff(async(tcp://ip:5044)): dial tcp ip:5044: i/o timeout

Filebeat is running on Machine B which read logs and push to ELK logstash on Machine A. But in the Machine B filebeat log, it shows the error i/o timeout 2019-08-24T12:13:10.065+0800 ERROR pipeline/output.go:100 Failed to connect to…
LF00
  • 27,015
  • 29
  • 156
  • 295
3
votes
1 answer

Does kibana uses SSR?

I am new to kibana and I want to know how does kibana generates the visualization on dashboard ? i.e. Does it uses SSR for generating Graphics/Pie charts etc. ? Does it creates graphs on frontend using libraries like elastic-charts / charts.js…
user18362049
3
votes
1 answer

Can't access kibana with domain

I generated certs for my app using certbot/Letsencrypt. I got two pem files which I added in my kibana.yml file. When I try to access kibana through https://domainName:5601 I get timeout error, while I can access it with IP. Am I missing…
Aline137
  • 73
  • 1
  • 7
3
votes
1 answer

logstash config loop through fields

ruby/logstash noob here using ELK stack. I got a bunch of fields [Message][Detail][Readout][Value1] [Message][Detail][Readout][Value2] [Message][Detail][Readout][Value3] which I want to loop through using ruby in the logstash config. Then I want…
Master Azazel
  • 612
  • 1
  • 12
  • 32
3
votes
1 answer

Grok Patterns for SSSD Logs

I am trying to parse the SSSD Demon logs using Logstash grok patterns for better visibility log samples (Mon Nov 9 12:08:56 2020) [sssd[nss]] [client_recv] (0x0200): Client disconnected! (Mon Nov 9 12:08:56 2020) [sssd[nss]] [client_close_fn]…
Ajinkya
  • 843
  • 10
  • 32
3
votes
1 answer

Kibana shows The data you are seeing might be incomplete or wrong

Configuring my elk stack => Kibana, elasticsearch and filebeat. All working fine but, when i wanted to view the logs on kibana, i recieved this error 1 of 8 shards failed The data you are seeing might be incomplete or wrong. See response: { …
Daniel Ibanga
  • 59
  • 1
  • 9
1
2
3
72 73