This morning we were having slowness on our web console.
From the cluster overview page. There were many high CPU for nodes.
https://XXXXXXXXX.aws.found.io/app/monitoring#/overview?
When we zoom it we found that they were all the frozen logs.
The "Recent Log Entries" under the "cluster overview page"
shows the recent logs but not useful anything not even any filter or search function
May I know whats the default view or specific index we should be looking at for cluster logs?
So that I could filter out error event pertaining to the cluster only.
We shouldnt be looking at all these i suppose which the discover bring us too
":filebeat-,filebeat-,:logs-.-,logs-.-"
Hello @Whoami1980
The slowness on the Kibana console can be due to a lot of parameters. First thing it will be helpful to go and check Kibana Instance via Cluster Management, check user connections/operations/time to see if there is any issues found. Post that can review the kibana logs for detailed information.
Also maybe in logs can search for below during that time :
event.dataset: "elasticsearch.index_search_slowlog"
Thanks!!
@Tortoise
That seems to does the trick. However, how do I see all the available event.dataset or is there a list somewhere? I was trying to search for cluster errors relating to unhealthy cluster or unassigned shards but to no avail.
Hello @Whoami1980
Please find below elastic documentation :
Thanks!!
