I think I made my situation even worse. I tried deleting the shards and starting over and now elasticsearch isn't even creating the /etc/elasticsearch/data/my-cluster/node folder.
On Thursday, December 19, 2013 4:04:41 PM UTC-5, Eric Luellen wrote: > > Hello, > > Currently I have my syslog-ng --> logstash --> elasticsearch1 & > elastisearch2 setup working pretty good. It's accepting over 300 events per > second and hasn't bogged the systems down at all. However I'm running into > 2 issues that I don't quite understand. > > 1. When viewing the information in Kibana, it appears to be anywhere from > 15 min to an hr behind on the "all events" view. Sometimes when I search > for new logs it shows up correctly but overall it seems like it's lagging > behind trying to keep up with what logstash is sending it. That being said, > I'm concerned that logs are being dropped and I don't know about it. Are > there any commands I can use to validate this type of information or what I > can do to make sure elasticsearch/KIbana is keeping up? > > 2. I've had to restart elasticsearch a few times and every time I do, it > completely breaks things. Once it starts back up it doesn't continue to > show the logs in Kibana correctly and when I run a health check, it says > there are unassigned shards. I've not been able to fix this and in the past > I've always just had to delete them and start from scratch again. > > Any idea what is going on with this or how I can more cleanly restart or > reboot the servers and recover from it? > > Thanks, > Eric > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/1f9a1c4a-94cf-49d7-a4d1-22ffb0b64727%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
