By default, Elasticsearch automatically creates an index if a document is being added and the index doesn't already exist.
Logstash automatically specifies a time-based index with day precision for each log entry. In other words: logstash-2014.07.28 logstash-2014.07.29 logstash-2014.07.30 logstash-2014.07.31 logstash-2014.08.01 logstash-2014.08.02 logstash-2014.08.03 logstash-2014.08.04 And Kibana's time picker automatically assumes the logstash defaults, so you should be good to go. One thing that initially tripped me up, and might trip you up: When I first ran Kibana I didn't see any of my data. But that's because I had loaded some test data into it, and the default time picker only went back a few minutes into the past. Brian On Monday, August 4, 2014 4:03:05 PM UTC-4, Acche Din wrote: > > Hello All, > > I have a ELK setup 'out of the box' . My goal is to parse apache logs via > logstash and display it in kibana. > > I would like to know if it is mandatory to create an index on > elasticsearch so as to store the result from apache logs(I have > logstash.conf output=>elasticsearch) > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/3abf0a58-7713-4e06-a272-e5d579ea4281%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
