[syslog-ng] Help! CentOS 7 ELK Stack from repos no index data.
Fekete, Róbert
robert.fekete at balabit.com
Thu Sep 8 14:49:26 CEST 2016
Or try to set skip-cluster-health-check(yes) option in your elasticsearch
destination:
https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/reference-destination-elasticsearch2.html#elasticsearch2-option-elasticsearch2-skip-cluster-health-check
On Thu, Sep 8, 2016 at 2:40 PM, Fabien Wernli <wernli at in2p3.fr> wrote:
> Hi Scot,
>
> On Thu, Sep 08, 2016 at 07:32:19AM -0400, Scot Needy wrote:
> > [root at meo syslog-ng]# while true;do curl http://localhost:9200/_cat/
> indices;sleep 5;done
> > yellow open syslog-ng_2016.09.08 5 1 1 3 12.7kb 12.7kb
>
> It may be that syslog-ng waits for the cluster to be green.
> The most common cause for that is that you configured elasticsearch for too
> many replicas that your cluster topology can handle.
>
> If you have only one node, make sure to reduce the number of replicas to 0
> for every index [1]
>
> Cheers
>
> [1]
> https://www.elastic.co/guide/en/elasticsearch/reference/
> current/indices-update-settings.html
>
> ____________________________________________________________
> __________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?
> product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160908/f8b13729/attachment.htm
More information about the syslog-ng
mailing list