All Questions
Tagged with elasticsearch elastic-stack
2,599 questions
0
votes
1
answer
27
views
How can I create a policy and add it to an index?
For example a policy to delete the index after X time
I know how to do it in ElasticSearch, for example I can create a policy
PUT _ilm/policy/logs_policy
{
"policy": {
&...
0
votes
0
answers
34
views
Need to parse the json data in elasticsearch, using fluentd json parse but the combination I tried is not working
I am trying to parse this JSON data in fluentd, could you please suggest the parser and the configuration which can be used to parse this data
[
{
"Priority": 65000,
...
0
votes
1
answer
63
views
How to do a manual deletion of Elastic index [closed]
I am using ECK 8.14 and here is the reflected Index Lifecycle Policies (ILM) content:
PUT _ilm/policy/ECK-ILM
{
"policy": {
"phases": {
"hot": {
"...
- 3
0
votes
0
answers
34
views
How to add mapping for new field automatically in ElasticSearch with dynamic mapping?
I have an ES cluster. My application creates a new index every day, with the pattern mulog-yyyy.MM.dd, so my index pattern is mulog-*.
I use structured logging with dynamic types, here's my template ...
- 349
0
votes
1
answer
30
views
converting date into date format in logstash elk stack
We are trying to ship a csv file from Filebeat > Logstash > Elasticsearch. This csv files has column by name “CreateOn” which will have the dates as below;
Thursday, March 10, 2016 3:00:23 PM ...
- 39
0
votes
1
answer
37
views
Elastic Search Boost Query
I have query like this:
{
"query": {
"bool": {
"must": [
{
"term": {
"IsDeleted": {
"...
- 131
1
vote
1
answer
97
views
Java Elastic query not returning results
I have an application which uses java HLRC client fetching results from Elasticsearch cluster. I am facing a peculiar problem in which I am not able to get certain results from Java client side. But ...
0
votes
1
answer
69
views
Mechanism for triggering an XSOAR playbook from an Elastic detection
When Elastic detects an "incident", I want to send this to XSOAR and trigger a specific playbook. It looks to me like an XSOAR connector is not built in to Elastic, so I would use a custom ...
- 71
0
votes
0
answers
55
views
Azure Microsoft Entra Id integration with Elastic Fleet
We need to fetch Microsoft Entra Id SignIn logs using integration with Elasticsearch fleet.
We've added its respective integration under a policy and provided required values. The integration is shown ...
0
votes
0
answers
39
views
table dashboard in Kibana is not showing every events
Some how we are able to create a basic TABLE dashboard to visualize the list of alerts events in table format. But what its missing is, Its not showing every alert events, for example at 13:35 there ...
- 39
0
votes
0
answers
17
views
Error while allocating shards in elasticsearch cloud kubernetes?
Hi we are using eck operator with 2 nodes cluster in AKS and recently we have updated storageClass so this needs to delete underlying statefulset to take effect. When I am checking cluster health it's ...
- 1,432
0
votes
0
answers
19
views
Elastic Universal Profiling agent is not starting, failing with pid ‘71891’ exited with code ‘1’
Elastic is deployed on the default cloud provided by elastic cluster [AWS]
Universal Profiling agent is not starting, failing with pid '71891' exited with code '1'
Log files
Agent status
Re-installed ...
0
votes
0
answers
46
views
Configuring an elasticsearch8 cluster with a token
Please, I would like to install an Elasticsearch 8 cluster on 3 servers running on Ubuntu 20.04.
I started by installing Elasticsearch8 on the first server:
wget -qO - https://artifacts.elastic.co/GPG-...
- 55
0
votes
0
answers
17
views
Elasticsearch APM Fleet integration - index per application
We have an elasticsearch cluster with 4 data nodes.
We have our FleetServers with APM integration enabled.
We have noticed that elasticsearch creates at least an index per app / service for example:
....
- 1,650
0
votes
2
answers
158
views
Unable to retrieve version information from Elasticsearch nodes. security_exception
While doing a configuration for elasticsearch & Kibana version 8.6.2 . However I'm unable to access web interface Kibana: http://10.xx.xx.xx/app/home and here is the detailed log error
Log Kibana: ...
