[syslog-ng] Help! CentOS 7 ELK Stack from repos no index data.
Fabien Wernli
wernli at in2p3.fr
Thu Sep 8 14:40:08 CEST 2016
Hi Scot,
On Thu, Sep 08, 2016 at 07:32:19AM -0400, Scot Needy wrote:
> [root at meo syslog-ng]# while true;do curl http://localhost:9200/_cat/indices;sleep 5;done
> yellow open syslog-ng_2016.09.08 5 1 1 3 12.7kb 12.7kb
It may be that syslog-ng waits for the cluster to be green.
The most common cause for that is that you configured elasticsearch for too
many replicas that your cluster topology can handle.
If you have only one node, make sure to reduce the number of replicas to 0
for every index [1]
Cheers
[1]
https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-update-settings.html
More information about the syslog-ng
mailing list