[graylog2] Elasticsearch cluster unhealthy (RED)
Dear Graylog users and Guru, Needed your help. As in the previous post that I mentioned, I deploy the Graylog OVA appliance v2.0.0 and the system now can receive the message nicely and the VM already upgraded to 4 vCore CPU and 8GB memory. But, today I'm facing Elasticsearch cluster unhealthy (RED) on the notification. Where I can go to fix these current issue? I'm using the default settings for elasticsearch and graylog of the OVA appliance. Thanks a lot -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/5fc6cb0d-63a7-4c74-8b90-8753eeeff667%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Elasticsearch cluster unhealthy (RED) - triggered on plain clean install from official image
I installed 2.0.0 official EC2 AMI Image. Single, sandalone instance, not multiple ES instances in cluster. I did this two times and both times within one day from install I have notice in console: "Elasticsearch cluster unhealthy (RED). The Elasticsearch cluster state is RED which means shards are unassigned. This usually indicates a crashed and corrupt cluster and needs to be investigated." When I follow the link in that message it does not provide any useful info how to fix it. Can someone give instructions what to do please? For all us who are not experts in maintaining ElasticSearch clusters. - Graylog server seem to work fine with ES status RED. Does it even have to be investigated and fixed? Or it will get worse, like filling hard drive with data or something? - How to proceed, maybe there are steps, using CURL? Thank you! -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/03f3e862-d109-4452-aac3-06c42eda6922%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Elasticsearch cluster is red.
Hi All, Im getting this error on my graylog server, its the latest 1.3.3 release. Elasticsearch cluster is red. Shards: 40 active, 0 initializing, 0 relocating, 48 unassigned I have added a new disk and moved the data along with increasing the journal size but i cant figure out why this isnt working again, there are no errors in the elasticsearch log. i have no idea where to look or what to do! -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/5e4f3e4c-dcb3-480c-afcd-bb123903%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Elasticsearch cluster is red.
Hi, I'm having an issue with elasticsearch. Any help would be really appreciated. The first time i had this issue i did a cleanse which fixed the issue for couple of days, but that deleted all my data. Every couple of days i'm getting the follwoing error *Elasticsearch cluster is red.* Shards: 8 active, 0 initializing, 0 relocating, 16 unassigned. I see messages coming in but not going out " In *47* / Out *0* msg/s" . The log file shows the following 2015-09-17_16:19:03.24771 WARN [BlockingBatchedESOutput] Error while waiting for healthy Elasticsearch cluster. Not flushing. 2015-09-17_16:19:03.24773 java.util.concurrent.TimeoutException: Elasticsearch cluster didn't get healthy within timeout 2015-09-17_16:19:03.24774 at org.graylog2.indexer.cluster.Cluster.waitForConnectedAndHealthy(Cluster.java:174) 2015-09-17_16:19:03.24774 at org.graylog2.indexer.cluster.Cluster.waitForConnectedAndHealthy(Cluster.java:179) 2015-09-17_16:19:03.24774 at org.graylog2.outputs.BlockingBatchedESOutput.flush(BlockingBatchedESOutput.java:112) 2015-09-17_16:19:03.24774 at org.graylog2.outputs.BlockingBatchedESOutput.write(BlockingBatchedESOutput.java:105) 2015-09-17_16:19:03.24774 at org.graylog2.buffers.processors.OutputBufferProcessor$1.run(OutputBufferProcessor.java:189) 2015-09-17_16:19:03.24775 at com.codahale.metrics.InstrumentedExecutorService$InstrumentedRunnable.run(InstrumentedExecutorService.java:176) 2015-09-17_16:19:03.24775 at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) 2015-09-17_16:19:03.24775 at java.util.concurrent.FutureTask.run(FutureTask.java:266) 2015-09-17_16:19:03.24775 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 2015-09-17_16:19:03.24775 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 2015-09-17_16:19:03.24776 at java.lang.Thread.run(Thread.java:745) Thank you for all your help -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/fea28c28-7395-461c-9e95-c9ddd5c69abb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Elasticsearch cluster is red.
Are you able to do a cat on your elastic search via the api? https://www.elastic.co/guide/en/elasticsearch/reference/current/cat.html Do you just have one ES node? Does the logs for elaaticsearch have any errors? -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/93fe71a4-879a-4dc8-9816-2458599a9473%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
