Hi Jochen, Thanks for your reply. I did take out all the log below:
root@graylog:/var/log/graylog/elasticsearch# ls current graylog.log graylog.log.2016-05-12 graylog.log.2016-05-11 Yesterday I did the revert snap-sort, I couldn't see any Cluster health status changed to Red anymore. Seems it was wiped out by the snap-sort. But from the current log I found these message: 2016-06-20_08:20:13.64568 [2016-06-20 08:20:13,645][INFO ][cluster.routing.allocation] [Eson the Searcher] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[graylog_0][1], [graylog_0][3], [graylog_0][2], [graylog_0][3], [graylog_0][1], [graylog_0][2]] ...]). Is that OK? What can I do from here if this is not OK? On Monday, June 20, 2016 at 6:25:04 PM UTC+8, Jochen Schalanda wrote: > > Hi Arief, > > please check the logs of the Elasticsearch node(s) for errors. You can > find the log files in the /var/log/graylog/elasticsearch (or > /var/log/elasticsearch) directory. > > Cheers, > Jochen > > On Monday, 20 June 2016 09:32:28 UTC+2, Arief Hydayat wrote: >> >> Dear Graylog users and Guru, >> >> Needed your help. As in the previous post that I mentioned, I deploy the >> Graylog OVA appliance v2.0.0 and the system now can receive the message >> nicely and the VM already upgraded to 4 vCore CPU and 8GB memory. >> But, today I'm facing Elasticsearch cluster unhealthy (RED) on the >> notification. >> >> >> Where I can go to fix these current issue? I'm using the default >> settings for elasticsearch and graylog of the OVA appliance. >> Thanks a lot >> >> -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/253fba79-27cb-44a7-abc7-7915ec19fb73%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
