Hi All,
I am new/novice to this world of ellasticsearch. i have few
queries in this regard
I have installed elasticsearch and started it on my ubunut machine.
everything is well and good. it is binded to some ip.
i used mozilla rest client to check its REST service and i get response
for HTTP POST. i am ok with it.
i started kibana and pointing towards the elasticsearch url at 9020. it
is running well and ok with it.
prblems
what i see is IP of the interface to which elasticearch is binded has
moved from .17 to .23 in span of 1 hour. I checked the dhcp settings of my
router and i see it is set to 86400 seconds, so it should stay for 1 full
day. I gave static ip and entered into MAC table of router, so far things
are stable. is the IP moving expected behaviour ?
objective
5. my objective is to collect logs generated on a console and put them into
elasticsearch and use kibana to display. do i have to mandatorily convert
the console logs/lines to JSON format before feeding them as HTTP POST to
elasticsearch url? also, please suggest the best possible way to do it?
6. also please correct my understand, since elasticsearch is up and
running, i can feed in any JSON structured data, say my first JSON
structure may have different elements and second JSON structure has
different elements and third...so..on.
7. in above [point 6] case, do i have create to EACH node for every
different type of JSON structure or is the ONE node is sufficient for
different types of JSON structures?
Hi All,
I am awaiting your reply/help. please reply
Thanks
Tara
On Monday, March 2, 2015 at 8:33:08 AM UTC-5, tara Gowda wrote:
Hi All,
I am new/novice to this world of ellasticsearch. i have few
queries in this regard
I have installed elasticsearch and started it on my ubunut machine.
everything is well and good. it is binded to some ip.
i used mozilla rest client to check its REST service and i get response
for HTTP POST. i am ok with it.
i started kibana and pointing towards the elasticsearch url at 9020. it
is running well and ok with it.
prblems
what i see is IP of the interface to which elasticearch is binded has
moved from .17 to .23 in span of 1 hour. I checked the dhcp settings of my
router and i see it is set to 86400 seconds, so it should stay for 1 full
day. I gave static ip and entered into MAC table of router, so far things
are stable. is the IP moving expected behaviour ?
objective
5. my objective is to collect logs generated on a console and put them
into elasticsearch and use kibana to display. do i have to mandatorily
convert the console logs/lines to JSON format before feeding them as HTTP
POST to elasticsearch url? also, please suggest the best possible way to do
it?
6. also please correct my understand, since elasticsearch is up and
running, i can feed in any JSON structured data, say my first JSON
structure may have different elements and second JSON structure has
different elements and third...so..on.
7. in above [point 6] case, do i have create to EACH node for every
different type of JSON structure or is the ONE node is sufficient for
different types of JSON structures?
4 Isn't possible without a restart of the service, so check your logs for
that. Maybe the server rebooted?
5 Nope! You could just output to a file and get logstash to read them,
that'd be easiest.
6 You can, but after a while this can make an index difficult to navigate
through, so it may make sense to put them into their own indices.
7 I think you mean index, not node, see my last comment.
Hi Sir,
thanks for your reply. my aim to get capture console ==> logstatsh
=> elasticsearch. Is there anyway i can avoid writing to file and
retrieving them, rather i would logs to direct to logstash.
also thanks for pointing diff between nodes and indices, i would have been
ignorant of this had it not for this post.
Thanks
Tara
On Monday, March 2, 2015 at 11:36:19 PM UTC-5, Mark Walkom wrote:
4 Isn't possible without a restart of the service, so check your logs for
that. Maybe the server rebooted?
5 Nope! You could just output to a file and get logstash to read them,
that'd be easiest.
6 You can, but after a while this can make an index difficult to navigate
through, so it may make sense to put them into their own indices.
7 I think you mean index, not node, see my last comment.
Hi Sir,
thanks for your reply. my aim to get capture console ==>
logstatsh => elasticsearch. Is there anyway i can avoid writing to file and
retrieving them, rather i would logs to direct to logstash.
also thanks for pointing diff between nodes and indices, i would have been
ignorant of this had it not for this post.
Thanks
Tara
On Monday, March 2, 2015 at 11:36:19 PM UTC-5, Mark Walkom wrote:
4 Isn't possible without a restart of the service, so check your logs for
that. Maybe the server rebooted?
5 Nope! You could just output to a file and get logstash to read them,
that'd be easiest.
6 You can, but after a while this can make an index difficult to navigate
through, so it may make sense to put them into their own indices.
7 I think you mean index, not node, see my last comment.
Hi Sir,
thanks for your reply. my aim to get capture console ==>
logstatsh => elasticsearch. Is there anyway i can avoid writing to file and
retrieving them, rather i would logs to direct to logstash.
also thanks for pointing diff between nodes and indices, i would have
been ignorant of this had it not for this post.
Thanks
Tara
On Monday, March 2, 2015 at 11:36:19 PM UTC-5, Mark Walkom wrote:
4 Isn't possible without a restart of the service, so check your logs
for that. Maybe the server rebooted?
5 Nope! You could just output to a file and get logstash to read them,
that'd be easiest.
6 You can, but after a while this can make an index difficult to
navigate through, so it may make sense to put them into their own indices.
7 I think you mean index, not node, see my last comment.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.