Stack Overflow
Stack Overflow

Questions tagged [elk]

Questions about the ELK stack, which gives you the ability to aggregate logs from all your systems and applications, analyze these logs and create visualization.

ELK is a stack of the three open source projects - , and

The ELK stack gives you the ability to aggregate logs from all your systems and applications, analyze these logs and create visualization.

Useful links:

1095 questions
64
votes
4 answers

How to integrate ElasticSearch with MySQL?

In one of my project, I am planning to use ElasticSearch with MySQL. I have successfully installed ElasticSearch. I am able to manage index in ES separately. but I don't know how to implement the same with MySQL. I have read a couple of documents…
Yaxita Shah
  • 1,206
  • 1
  • 11
  • 17
20
votes
2 answers

Send spring boot logs directly to logstash with no file

So, I'm building a full cloud solution using kubernetes and spring boot. My spring boot application is deployed to a container and logs directly on the console. As containers are ephemerals I'd like to send logs also to a remote logstash server, so…
Phate
  • 6,066
  • 15
  • 73
  • 138
12
votes
4 answers

Difference between using Filebeat and Logstash to push log file to Elasticsearch

I am trying out the ELK to visualise my log file. I have tried different setups: Logstash file input plugin https://www.elastic.co/guide/en/logstash/current/plugins-inputs-file.html Logstash Beats input plugin…
user1589188
  • 5,316
  • 17
  • 67
  • 130
12
votes
1 answer

Best approach for sending logs from ECS Fargate into Elasticsearch

We have a setup with multiple containers running NodeJS services(node:11-alpine docker image) deployed in AWS ECS Fargate. We already have a running ElasticSearch instance collecting logs from non-Fargate application. I would like to pass the logs…
KasperF
  • 332
  • 1
  • 4
  • 14
11
votes
3 answers

Elasticsearch - Want to sort by field in all indices where that particular field available or not if not then avoid it

Currently, Getting result based on scoring but what i want to do is i want a result based on scoring + Field Status with value true/false. If value is true then needed that results in priority but there is possibility that status field is not exist…
jilesh
  • 436
  • 1
  • 3
  • 13
11
votes
1 answer

What does actually minimum_should_match in percentage work for query search?

I would to understand more how minimum_should_match works in elasticsearch for a a query search GET /customers/_search { "query": { "bool": { "must":[ { "query_string":{ "query": "大月亮", …
Sorin Penteleiciuc
  • 653
  • 1
  • 10
  • 26
9
votes
2 answers

How to configure a logstash container to use http input and work with an elasticsearch container - docker compose

I want to setup three containers, one for logstash, one for elasticsearch and one for kibana. The last two are fine as the are but I need to configure the first one so it has and uses http input plungin and then to work with the CSV I'm going to…
RaistlinMolina
  • 345
  • 1
  • 9
7
votes
0 answers

Kibana is stuck on "completing setup" when first starting up

I am trying to build a local elasticsearch instance using Docker. I have started Elasticsearch container and then started Kibana container. I have gone through the process of connecting kibana container to elasticsearch container and verifying the…
ebonybubbles
  • 71
  • 1
7
votes
2 answers

Delete data older than 10 days in elasticsearch

I am new to elasticsearch and I want to delete documents in my elasticsearch index which are older than 10 days. I want to keep only last 10 days of data.So is there any way to delete last 11nth day index automatically. What I have tried.. DELETE…
Kavya
  • 101
  • 1
  • 2
  • 8
6
votes
2 answers

org.elasticsearch.cluster.block.ClusterBlockException: blocked by: [SERVICE_UNAVAILABLE/1/state not recovered / initialized]

I am using ELK 6.8.9 all configuration is in my docker-compose file. It was working fine but when suddenly I am getting an error of org.elasticsearch.action.search.SearchPhaseExecutionException: all shards failed or…
Er.Garvesh
  • 131
  • 1
  • 1
  • 12
6
votes
2 answers

Config number_of_shards and number_of_replicas in ELK

I keep studying about ELK Stack and ran into a little problem. I have been reading all the documentation possible and it makes great emphasis on the importance of shards and replicas. But nowhere does it say how to configure the number of each one.…
redxlus
  • 176
  • 3
  • 11
5
votes
5 answers

log4j temporary fix in elasticsearch helm chart using Dlog4j2.formatMsgNoLookups

I was trying to setup an elasticsearch cluster in AKS using helm chart but due to the log4j vulnerability, I wanted to set it up with option -Dlog4j2.formatMsgNoLookups set to true. I am getting unknown flag error when I pass the arguments in helm…
theG
  • 150
  • 1
  • 4
  • 10
5
votes
3 answers

elk's elastic search dsl case sensitive

I'm doing an Elasticsearch Query DSL query on ELK such as: { "query": { "wildcard": { "url.path": { "value": "*download*", "boost": 1, "rewrite": "constant_score" } } } } but it seems is case…
markzzz
  • 47,390
  • 120
  • 299
  • 507
5
votes
0 answers

Logstash Failed to execute action {:id=>:main, :action_type=>LogStash::ConvergeResult::FailedAction, :message=>"Could not execute action:

I started learning ELK and was trying to setup ELK locally on my docker desktop.This process works fine in Windows if I run the services separately. But if I run the services on docker I get error. My elastic-search and kibana are working…
Vipin Gupta
  • 213
  • 3
  • 15
5
votes
1 answer

how to disable es highlight the synonym?

I only want to highlight the words I search in the query, not including the synonym, but I also hope es can return the search result can contain the synonym search result, here is an example. PUT /my_test_index/ { "settings": { …
kongkongyzt
  • 190
  • 1
  • 10
1
2 3
72 73