Cannot create Index Patterns of remote clusters - Kibana 7.10.0

Elastic Stack Kibana
1

Hi, we are facing some problems creating index patterns in the 7.10.0 version.

When trying to create the index pattern of a remote cluster we got the error No matching indices found. However, the indexes do exist (the indexes are shown in the first step of the index pattern creation).

image
image1920×862 79.6 KB

In step two, we can see there is something wrong before clicking on Create index pattern since the Time field menu does not appear, even when there are indices with timestamps.

image
image1920×879 41.9 KB

We got the following error after creating the index pattern:

image
image1920×889 65.5 KB

If we go to Discover, the documents are displayed, but since there are no fields in the index pattern, it does not allow filtering using the document's fields.

image
image1920×886 115 KB

If we create the index pattern using the API and adding some initial fields, they do appear on Discover and we can filter by them, but the index pattern can not be refreshed (we got the same error No matching indices found) so new fields can not be added to the index pattern.

Is this a known bug?

Best regards,
Mayte Ariza

2

Hello @Phandora ,

Is there any reason why you are trying to make all the log sources in one index !!?
I think it's for that, that you are getting errors
If you want to create an index, create one for each beat,

Example: one for filebeat-* and another one for packetbeat- ....etc

3

Hi @TheHunter1,

It was just an example to explain our issue.

The remote index pattern fails for every index pattern we attempt to create, even for sample indices:

  • Create index in remote cluster:
curl -XPUT -H 'Content-Type: application/json' localhost:9200/books/_doc/1 -d '{"Dracula": "Bram Stoker"}'
  • Create index pattern in centralized environment:

image
image1920×765 82.4 KB

image
image1920×864 91.7 KB

4

This may help you,

5

Could you be more specific? Is this in the kibana.yml or the main interface?

6

Hey All, I'm running into the exact same problem and the proposed solutions doesn't actually work. Anyone had any luck in solving this?