Hi there I'm having severe issues keeping graylog-server working and it looks like it's ES at fault. ie graylog-server starts reporting timeouts and basically gives up, but the ES logfile shows absolutely no problem. It could be a load issue with ES, but when you run the following commands
curl http://localhost/_cluster/health curl -s -XGET http://localhost:9200/_cat/shards|grep -c UNASSIGNED ...and the first returns "green" and the second returns "0", you'd think that means that ES is happy and there are zero unassigned shards. But if I shutdown graylog-server, then restart ES, it immediately afterwards starts reporting "red" and that there are 14900 unassigned shards! So it smells like graylog-server realises through it's own logic that ES is not happy - but ES is not telling me that at all Is this expected behaviour? What should I be doing to actually pick up ES errors, when the logfiles and commands like this totally fail to mention there's a problem? I can't fix something that I can't detect :-( Thanks! -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAFChrg%2BtR4Zq15dLxwnowZ2J6EL9_ws5FLxVLQW3q2%3Ds50YDZQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
