Hi there I'm having severe issues keeping graylog-server working and it looks like it's ES at fault. ie graylog-server starts reporting timeouts and basically gives up, but the ES logfile shows absolutely no problem. It could be a load issue with ES, but when you run the following commands
curl http://localhost/_cluster/health curl -s -XGET http://localhost:9200/_cat/shards|grep -c UNASSIGNED ...and the first returns "green" and the second returns "0", you'd think that means that ES is happy and there are zero unassigned shards. But if I shutdown graylog-server, then restart ES, it immediately afterwards starts reporting "red" and that there are 14900 unassigned shards! So it smells like graylog-server realises through it's own logic that ES is not happy - but ES is not telling me that at all Is this expected behaviour? What should I be doing to actually pick up ES errors, when the logfiles and commands like this totally fail to mention there's a problem? I can't fix something that I can't detect :-( Thanks! -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAFChrg%2BtR4Zq15dLxwnowZ2J6EL9_ws5FLxVLQW3q2%3Ds50YDZQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
