Questions tagged [elk]

Questions about the ELK stack, which gives you the ability to aggregate logs from all your systems and applications, analyze these logs and create visualization.

ELK is a stack of the three open source projects - elasticsearch, logstash and kibana

The ELK stack gives you the ability to aggregate logs from all your systems and applications, analyze these logs and create visualization.

Useful links:

1095 questions

votes

1 answer

Deploy ELK on single node docker swarm failed

I am trying to deploy ELK on my small server 2 Core / 2G RAM. But ELK stack server just keep restarting and cannot work. The log printed on those container shows no error and just few warning about deprecated method. Logstash log: OpenJDK 64-Bit…

elasticsearch kibana docker-swarm docker-stack elk

asked Jul 04 '19 at 09:05

Bruce

votes

2 answers

ElasticSearch single node cluster runs out of memory

I have a single node ElasticSearch cluster that has one index (I know, my bad) where I inserted 2B documents. I did not know it was a best practice to split indices and mine grew to 400GB before it crashed. I tried splitting my index with…

java elasticsearch jvm out-of-memory elk

asked Jul 02 '19 at 18:32

patito

votes

0 answers

Replace EBS volume with encrypted volume for ELK multiple data nodes

I have ELK cluster with 1 client node, 1 master node and 3 data nodes. Master and data nodes have volumes attached to it. Volumes for data nodes are of 200GB each. None of these volumes are encrypted, now I want to encrypt these volumes. This works…

kubernetes devops elastic-stack amazon-eks elk

asked Jun 25 '19 at 10:57

Amruta Patil

votes

0 answers

Kibana 30s timeout with wide date range

I have a big problem with timeouts in Kibana. I'm gathering logs from Nginx by Filebeat and Elasticsearch pipeline. All is working well. But when I'm trying to fire up Dashboard Nginx Overview created by Filebeat with eg last 5 days Kibana timeouts…

elasticsearch kibana filebeat elk

asked Jun 24 '19 at 12:20

Pyton

1,291
8
19

votes

0 answers

kibana - how to search unique urls

In kibana, I have below type of log entries in the "message" field. I want to search for all the unique/distinct URLs from the log. My URL format is like web.cluster.test.com/api/* 123.456.78.90 - a898fur6x5b10hd5 phoenix-xml login_unified "POST…

elasticsearch logstash kibana elastic-stack elk

asked Jun 13 '19 at 14:55

Nilesh

1,047
1
12
20

votes

1 answer

ELK configuration for my application logs forward to elastic search using log stash

I am new in ELK configuration. https://www.digitalocean.com/community/tutorials/how-to-install-elasticsearch-logstash-and-kibana-elastic-stack-on-ubuntu-16-04 I have configure in my local machine and it is work fine. I want to forward my application…

elasticsearch elastic-stack elk

asked Jun 11 '19 at 11:57

Hiren Dhokiya

votes

1 answer

Range query includes the date given or exclude it?

I am working with range query in ELK stack. Suppose I am retrieving records with GTE only, so will the resultant records time will be = the GTE date provided or >= the GTE date provided?

elasticsearch elk

asked May 21 '19 at 13:55

Ashish Singh

votes

1 answer

ELK Heartbeat dashbaord add ID

How can I add ID field to Kibana / Uptime dashboard?

elasticsearch elastic-stack elk

asked May 17 '19 at 15:59

ShaneKm

20,823
43
167
296

votes

0 answers

Solution to bypass Logstash mixing logs

I'm currently in front of a structure problem with logstash. I have a syslog-ng client sending logs from different files through the network to an ELK stack. I noticed that Logstash is mixing logs, especially multiline with adding exception lines to…

logstash logstash-configuration filebeat syslog-ng elk

asked May 17 '19 at 10:10

agentn

votes

1 answer

ELK replication and the role of the Data Nodes

I'm running an ELK cluster with 3 Data nodes. 2 of the Data nodes are also used as data ingestion nodes using 2 logstash systems. I'm running on 1 shard and 0 replicas for a single index, which is daily created with around 2 million documents per…

elasticsearch elastic-stack elk

asked May 17 '19 at 06:41

Dasun

-1

votes

1 answer

elasticsearch state changed to red

I am trying to reset elastic user password. while resting password with bin/elasticsearch-reset-password -u elastic command, my cluster status changed from yellow state to red state. all master nodes are up and running and joined in…

elasticsearch devops elastic-stack elk

asked May 06 '23 at 19:45

Anonym420

-1

votes

1 answer

In Elasticsearch complete error keyword context in slack web-hook channel

I want to get complete error keyword context in the slack webhook so what context I have to put in the message body.

elasticsearch elk

asked Mar 20 '23 at 04:56

pawan kumar

-1

votes

1 answer

FileBeat Multiline Regular Expression

I have a log pattern as below, for which I am trying to create a regular expression that matches (the whole pattern).The lines have double spacing between them.How can i write a regex which captures double spacing 02/21/2022 08:48:41 AM com.myClass…

regex elastic-stack filebeat elk

asked Jan 04 '23 at 21:59

user1312312

-1

votes

1 answer

ElasticSearch ends with query

I am searching for data in kibana which ends with ":1" I have a dataset like so for an my_field: skdjjsdk:jkdsjkd:123:1:1 skdjjsdk:jkdsjkd:123:2:12 skdjjsdk:jkdsjkd:123:1:33 skdjjsdk:jkdsjkd:123:1:01 skdjjsdk:jkdsjkd:123:2:2 I tried searching in…

elasticsearch kibana elastic-stack elk

asked Dec 21 '22 at 12:57

Vaibhav

1,154
10
26

-1

votes

2 answers

"_dateparsefailure" while parsing date using date in logstash

my date which is in below format "_messagetime" => "08/08/2022 22:18:17.254 +0530" I am using date filter in my logstash date { match => ["_messagetime", "YYYY-MM-dd HH:mm:ss.SSS"] } but I am getting "_dateparsefailure" Can anyone plz…

logstash elk logstash-filter

asked Aug 17 '22 at 05:25

rohit saraf

Prev 1 2 3

…

73 Next