Debugging in Elastic Search

ShubhamSaxena8 · April 3, 2024, 7:03am

Hello Team,

I need some suggestion related to debugging in Elasticsearch. I am kind of stuck because I am not getting any errors in Elastic console or dotnet console.

I am trying to implement centralized logging system for our dotnet applications. I am using Serilog Nuget package for this.

I have configured Logger in StartUp.cs file but still logs are not sent to my locally running elasticsearch service.

I am not seeing any indices in Kibana.

I am following some Youtube videos where they run Elastic Search and Kibana locally using Docker and then configure dotnet app as shown below but in their case indices were created.

Code:

StartUp.cs

var builder = WebApplication.CreateBuilder(args);


ConfigureLogger();
builder.Host.UseSerilog();

// Add services to the container.
builder.Services.AddControllers();


void ConfigureLogger()
{

    var configuration = new ConfigurationBuilder()
        .AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
        .Build();

    var elasticUri = configuration.GetSection("ElasticConfiguration:Uri").Value.ToString();
    Console.WriteLine(elasticUri);
    Console.WriteLine($"cores-{DateTime.UtcNow:yyyy-MM-dd}");

    Log.Logger = new LoggerConfiguration()
    .Enrich.FromLogContext()
    .Enrich.WithMachineName()
    .WriteTo.Debug()
    .WriteTo.Console()
    .WriteTo.Elasticsearch(new ElasticsearchSinkOptions(new Uri(elasticUri))
    {
        AutoRegisterTemplate = true,
        NumberOfReplicas = 2,
        NumberOfShards = 2,
        IndexFormat = $"cores-{DateTime.UtcNow:yyyy-MM-dd}"
    })
    .Enrich.WithProperty("Environment", "Development")
    .ReadFrom.Configuration(configuration)
    .CreateLogger();
}

appsettings.json

"Serilog": {
    "MinimumLevel": {
      "Default": "Verbose",
      "Override": {
        "Microsoft": "Information",
        "System": "Warning"
      }
    }
  },
  "ElasticConfiguration": {
    "Uri": "http://localhost:9200/"
  },

Christian_Dahlqvist · April 3, 2024, 7:30am

I am not a .NET developer and have never used Serilog. There are however some additional information that would be useful to have though.

What version of Elasticsearch are you using?

Is your cluster secured?

What is the size and specification of your Elasticsearch cluster?

Is Elasticsearch running on the same host as the application you are collecting logs from?

ShubhamSaxena8 · April 3, 2024, 12:46pm

Hello Chris,

I am using version 8.12.2 for both elasticsearch and kibana.

I have disabled the security for Elasticsearch.

Not sure about clustering part since I am running it locally from the zip I downloaded from elasticsearch site. I haven't changed anything in the clustering related settings so that part is commented by default.

Can you guide me on these settings?

Regards

dadoonet · April 3, 2024, 5:41pm

Please don't post images of text as they are hard to read, may not display correctly for everyone, and are not searchable.

Instead, paste the text and format it with </> icon or pairs of triple backticks (```), and check the preview window to make sure it's properly formatted before posting it. This makes it more likely that your question will receive a useful answer.

It would be great if you could update your post to solve this.

ShubhamSaxena8 · April 4, 2024, 8:18am

Hello team,

I am using version 8.12.2 for both elasticsearch and kibana.

I have disabled the security for Elasticsearch.

# Enable security features
xpack.security.enabled: false

xpack.security.enrollment.enabled: false

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: false
  keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: false
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12

Not sure about clustering part since I am running it locally from the zip I downloaded from elasticsearch site. I haven't changed anything in the clustering related settings so that part is commented by default.

# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
#node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1

Can you guide me on these settings?

Regards

dadoonet · April 4, 2024, 12:48pm

Could you share Elasticsearch logs please? From the start.

ShubhamSaxena8 · April 5, 2024, 9:10am

Hello David,

Sorry, I am new to Elasticsearch so don't know where I can find the latest logs. I can see multiple log files like (gc.log, gc.log.31, etc) in the logs folder.

Can I upload a file here, because I don't see any option to do so?

I am running elasticsearch on my local through a zip I downloaded from Elasticsearch site.

Regards,
Shubham Saxena

dadoonet · April 5, 2024, 10:05am

it's often named elasticsearch.log.

You can paste the logs within the post but please format them. Please read this about how to format.

ShubhamSaxena8 · April 5, 2024, 12:07pm

Hello David,

Here are the logs:

[2024-04-04T15:26:56,207][INFO ][o.a.l.i.v.PanamaVectorizationProvider] [BNTL2J3] Java vector incubator API enabled; uses preferredBitSize=512; FMA enabled
[2024-04-04T15:26:59,666][INFO ][o.e.n.Node               ] [BNTL2J3] version[8.12.2], pid[39900], build[zip/48a287ab9497e852de30327444b0809e55d46466/2024-02-19T10:04:32.774273190Z], OS[Windows 11/10.0/amd64], JVM[Oracle Corporation/OpenJDK 64-Bit Server VM/21.0.2/21.0.2+13-58]
[2024-04-04T15:26:59,673][INFO ][o.e.n.Node               ] [BNTL2J3] JVM home [C:\Users\Shubham.Saxena\Downloads\elasticsearch-8.12.2\elasticsearch-8.12.2\jdk], using bundled JDK [true]
[2024-04-04T15:26:59,675][INFO ][o.e.n.Node               ] [BNTL2J3] JVM arguments [-Des.networkaddress.cache.ttl=60, -Des.networkaddress.cache.negative.ttl=10, -Djava.security.manager=allow, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j2.formatMsgNoLookups=true, -Djava.locale.providers=SPI,COMPAT, --add-opens=java.base/java.io=org.elasticsearch.preallocate, -XX:+UseG1GC, -Djava.io.tmpdir=C:\Users\SHUBHA~1.SAX\AppData\Local\Temp\elasticsearch, --add-modules=jdk.incubator.vector, -XX:CompileCommand=exclude,org.apache.lucene.util.MSBRadixSorter::computeCommonPrefixLengthAndBuildHistogram, -XX:CompileCommand=exclude,org.apache.lucene.util.RadixSelector::computeCommonPrefixLengthAndBuildHistogram, -XX:+HeapDumpOnOutOfMemoryError, -XX:+ExitOnOutOfMemoryError, -XX:HeapDumpPath=data, -XX:ErrorFile=logs/hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,level,pid,tags:filecount=32,filesize=64m, -Xms7880m, -Xmx7880m, -XX:MaxDirectMemorySize=4131389440, -XX:G1HeapRegionSize=4m, -XX:InitiatingHeapOccupancyPercent=30, -XX:G1ReservePercent=15, -Des.distribution.type=zip, --module-path=C:\Users\Shubham.Saxena\Downloads\elasticsearch-8.12.2\elasticsearch-8.12.2\lib, --add-modules=jdk.net, --add-modules=ALL-MODULE-PATH, -Djdk.module.main=org.elasticsearch.server]
[2024-04-04T15:27:10,536][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [repository-url]
[2024-04-04T15:27:10,538][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [rest-root]
[2024-04-04T15:27:10,541][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-core]
[2024-04-04T15:27:10,542][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-redact]
[2024-04-04T15:27:10,542][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [ingest-user-agent]
[2024-04-04T15:27:10,544][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-async-search]
[2024-04-04T15:27:10,544][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-monitoring]
[2024-04-04T15:27:10,546][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [repository-s3]
[2024-04-04T15:27:10,547][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-analytics]
[2024-04-04T15:27:10,548][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-ent-search]
[2024-04-04T15:27:10,549][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-autoscaling]
[2024-04-04T15:27:10,550][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [lang-painless]
[2024-04-04T15:27:10,550][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-ml]
[2024-04-04T15:27:10,550][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [lang-maustache]
[2024-04-04T15:27:10,551][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [legacy-geo]
[2024-04-04T15:27:10,552][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-ql]
[2024-04-04T15:27:10,553][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [rank-rrf]
[2024-04-04T15:27:10,553][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [analysis-common]
[2024-04-04T15:27:10,555][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [health-shards-availability]
[2024-04-04T15:27:10,555][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [transport-netty4]
[2024-04-04T15:27:10,556][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [aggregations]
[2024-04-04T15:27:10,556][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [ingest-common]
[2024-04-04T15:27:10,556][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [frozen-indices]
[2024-04-04T15:27:10,557][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-identity-provider]
[2024-04-04T15:27:10,557][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-shutdown]
[2024-04-04T15:27:10,558][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-text-structure]
[2024-04-04T15:27:10,558][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [snapshot-repo-test-kit]
[2024-04-04T15:27:10,559][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [ml-package-loader]
[2024-04-04T15:27:10,560][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [kibana]
[2024-04-04T15:27:10,560][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [constant-keyword]
[2024-04-04T15:27:10,561][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-logstash]
[2024-04-04T15:27:10,563][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-ccr]
[2024-04-04T15:27:10,566][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-graph]
[2024-04-04T15:27:10,567][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-esql]
[2024-04-04T15:27:10,567][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [parent-join]
[2024-04-04T15:27:10,568][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [counted-keyword]
[2024-04-04T15:27:10,570][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-enrich]
[2024-04-04T15:27:10,570][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [repositories-metering-api]
[2024-04-04T15:27:10,572][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [transform]
[2024-04-04T15:27:10,573][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [repository-azure]
[2024-04-04T15:27:10,574][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [repository-gcs]
[2024-04-04T15:27:10,574][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [spatial]
[2024-04-04T15:27:10,575][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [apm]
[2024-04-04T15:27:10,575][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [mapper-extras]
[2024-04-04T15:27:10,576][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [mapper-version]
[2024-04-04T15:27:10,576][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-rollup]
[2024-04-04T15:27:10,576][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [percolator]
[2024-04-04T15:27:10,576][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [data-streams]
[2024-04-04T15:27:10,580][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-stack]
[2024-04-04T15:27:10,582][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [rank-eval]
[2024-04-04T15:27:10,584][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [reindex]
[2024-04-04T15:27:10,585][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-security]
[2024-04-04T15:27:10,585][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [blob-cache]
[2024-04-04T15:27:10,586][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [searchable-snapshots]
[2024-04-04T15:27:10,586][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-slm]
[2024-04-04T15:27:10,586][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [snapshot-based-recoveries]
[2024-04-04T15:27:10,587][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-watcher]
[2024-04-04T15:27:10,587][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [old-lucene-versions]
[2024-04-04T15:27:10,588][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-ilm]
[2024-04-04T15:27:10,588][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-inference]
[2024-04-04T15:27:10,589][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-voting-only-node]
[2024-04-04T15:27:10,589][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-deprecation]
[2024-04-04T15:27:10,590][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-fleet]
[2024-04-04T15:27:10,590][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-aggregate-metric]
[2024-04-04T15:27:10,590][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-downsample]
[2024-04-04T15:27:10,591][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-profiling]
[2024-04-04T15:27:10,591][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [ingest-geoip]
[2024-04-04T15:27:10,591][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-write-load-forecaster]
[2024-04-04T15:27:10,592][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [search-business-rules]
[2024-04-04T15:27:10,592][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [ingest-attachment]
[2024-04-04T15:27:10,593][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [wildcard]
[2024-04-04T15:27:10,593][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-apm-data]
[2024-04-04T15:27:10,595][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [unsigned-long]
[2024-04-04T15:27:10,598][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-sql]
[2024-04-04T15:27:10,600][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [runtime-fields-common]
[2024-04-04T15:27:10,602][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-async]
[2024-04-04T15:27:10,602][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [vector-tile]
[2024-04-04T15:27:10,603][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [lang-expression]
[2024-04-04T15:27:10,603][INFO ][o.e.p.PluginsService     ] [BNTL2J3] loaded module [x-pack-eql]
[2024-04-04T15:27:13,028][INFO ][o.e.e.NodeEnvironment    ] [BNTL2J3] using [1] data paths, mounts [[(C:)]], net usable_space [103.1gb], net total_space [237.7gb], types [NTFS]
[2024-04-04T15:27:13,029][INFO ][o.e.e.NodeEnvironment    ] [BNTL2J3] heap size [7.6gb], compressed ordinary object pointers [true]
[2024-04-04T15:27:13,802][INFO ][o.e.n.Node               ] [BNTL2J3] node name [BNTL2J3], node ID [Pw8N2TcfRTa27q7V6ZaSsA], cluster name [elasticsearch], roles [data_cold, data, remote_cluster_client, master, data_warm, data_content, transform, data_hot, ml, data_frozen, ingest]
[2024-04-04T15:27:20,437][INFO ][o.e.f.FeatureService     ] [BNTL2J3] Registered local node features [features_supported, health.dsl.info, usage.data_tiers.precalculate_stats]
[2024-04-04T15:27:21,302][INFO ][o.e.x.m.p.l.CppLogMessageHandler] [BNTL2J3] [controller/33364] [Main.cc@123] controller (64 bit): Version 8.12.2 (Build 9d9bcb1a6d19f7) Copyright (c) 2024 Elasticsearch BV
[2024-04-04T15:27:21,880][INFO ][o.e.t.a.APM              ] [BNTL2J3] Sending apm metrics is disabled
[2024-04-04T15:27:21,881][INFO ][o.e.t.a.APM              ] [BNTL2J3] Sending apm traces is disabled
[2024-04-04T15:27:21,922][INFO ][o.e.x.s.Security         ] [BNTL2J3] Security is disabled
[2024-04-04T15:27:22,308][INFO ][o.e.x.w.Watcher          ] [BNTL2J3] Watcher initialized components at 2024-04-04T09:57:22.308Z
[2024-04-04T15:27:22,393][INFO ][o.e.x.p.ProfilingPlugin  ] [BNTL2J3] Profiling is enabled
[2024-04-04T15:27:22,424][INFO ][o.e.x.p.ProfilingPlugin  ] [BNTL2J3] profiling index templates will not be installed or reinstalled
[2024-04-04T15:27:22,497][INFO ][o.e.x.a.APMPlugin        ] [BNTL2J3] APM ingest plugin is disabled
[2024-04-04T15:27:23,415][INFO ][o.e.t.n.NettyAllocator   ] [BNTL2J3] creating NettyAllocator with the following configs: [name=elasticsearch_configured, chunk_size=1mb, suggested_max_allocation_size=1mb, factors={es.unsafe.use_netty_default_chunk_and_page_size=false, g1gc_enabled=true, g1gc_region_size=4mb}]
[2024-04-04T15:27:23,464][INFO ][o.e.i.r.RecoverySettings ] [BNTL2J3] using rate limit [40mb] with [default=40mb, read=0b, write=0b, max=0b]
[2024-04-04T15:27:23,538][INFO ][o.e.d.DiscoveryModule    ] [BNTL2J3] using discovery type [multi-node] and seed hosts providers [settings]
[2024-04-04T15:27:25,415][INFO ][o.e.n.Node               ] [BNTL2J3] initialized
[2024-04-04T15:27:25,418][INFO ][o.e.n.Node               ] [BNTL2J3] starting ...
[2024-04-04T15:27:25,483][INFO ][o.e.x.s.c.f.PersistentCache] [BNTL2J3] persistent cache index loaded
[2024-04-04T15:27:25,485][INFO ][o.e.x.d.l.DeprecationIndexingComponent] [BNTL2J3] deprecation component started
[2024-04-04T15:27:25,663][INFO ][o.e.t.TransportService   ] [BNTL2J3] publish_address {127.0.0.1:9300}, bound_addresses {[::1]:9300}, {127.0.0.1:9300}
[2024-04-04T15:27:26,735][WARN ][o.e.c.c.ClusterBootstrapService] [BNTL2J3] this node is locked into cluster UUID [3oW2Fx2EQkaSlj1A5_DzmA] but [cluster.initial_master_nodes] is set to [BNTL2J3]; remove this setting to avoid possible data loss caused by subsequent cluster bootstrap attempts; for further information see https://www.elastic.co/guide/en/elasticsearch/reference/8.12/important-settings.html#initial_master_nodes
[2024-04-04T15:27:26,881][INFO ][o.e.c.s.MasterService    ] [BNTL2J3] elected-as-master ([1] nodes joined in term 9)[_FINISH_ELECTION_, {BNTL2J3}{Pw8N2TcfRTa27q7V6ZaSsA}{jiKSzRb8QsCaka_UqAhBIw}{BNTL2J3}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}{8.12.2}{7000099-8500010} completing election], term: 9, version: 361, delta: master node changed {previous [], current [{BNTL2J3}{Pw8N2TcfRTa27q7V6ZaSsA}{jiKSzRb8QsCaka_UqAhBIw}{BNTL2J3}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}{8.12.2}{7000099-8500010}]}
[2024-04-04T15:27:27,044][INFO ][o.e.c.s.ClusterApplierService] [BNTL2J3] master node changed {previous [], current [{BNTL2J3}{Pw8N2TcfRTa27q7V6ZaSsA}{jiKSzRb8QsCaka_UqAhBIw}{BNTL2J3}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}{8.12.2}{7000099-8500010}]}, term: 9, version: 361, reason: Publication{term=9, version=361}
[2024-04-04T15:27:27,095][INFO ][o.e.c.f.AbstractFileWatchingService] [BNTL2J3] starting file watcher ...
[2024-04-04T15:27:27,104][INFO ][o.e.c.f.AbstractFileWatchingService] [BNTL2J3] file settings service up and running [tid=84]
[2024-04-04T15:27:27,114][INFO ][o.e.c.c.NodeJoinExecutor ] [BNTL2J3] node-join: [{BNTL2J3}{Pw8N2TcfRTa27q7V6ZaSsA}{jiKSzRb8QsCaka_UqAhBIw}{BNTL2J3}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}{8.12.2}{7000099-8500010}] with reason [completing election]
[2024-04-04T15:27:27,118][INFO ][o.e.h.AbstractHttpServerTransport] [BNTL2J3] publish_address {172.17.112.1:9200}, bound_addresses {[::]:9200}
[2024-04-04T15:27:27,136][INFO ][o.e.n.Node               ] [BNTL2J3] started {BNTL2J3}{Pw8N2TcfRTa27q7V6ZaSsA}{jiKSzRb8QsCaka_UqAhBIw}{BNTL2J3}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}{8.12.2}{7000099-8500010}{ml.machine_memory=16527003648, transform.config_version=10.0.0, xpack.installed=true, ml.config_version=12.0.0, ml.max_jvm_size=8262778880, ml.allocated_processors_double=8.0, ml.allocated_processors=8}
[2024-04-04T15:27:27,480][WARN ][o.e.x.s.i.SetSecurityUserProcessor] [BNTL2J3] Creating processor [set_security_user] (tag [null]) on field [_security] but authentication is not currently enabled on this cluster  - this processor is likely to fail at runtime if it is used
[2024-04-04T15:27:27,730][INFO ][o.e.l.ClusterStateLicenseService] [BNTL2J3] license [b6eddcb7-1bc4-4f33-b262-b4d5deaea50a] mode [basic] - valid
[2024-04-04T15:27:27,735][INFO ][o.e.g.GatewayService     ] [BNTL2J3] recovered [30] indices into cluster_state
[2024-04-04T15:27:27,967][INFO ][o.e.h.n.s.HealthNodeTaskExecutor] [BNTL2J3] Node [{BNTL2J3}{Pw8N2TcfRTa27q7V6ZaSsA}] is selected as the current health node.
[2024-04-04T15:27:31,200][INFO ][o.e.c.r.a.AllocationService] [BNTL2J3] current.health="GREEN" message="Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[.apm-source-map][0]]])." previous.health="RED" reason="shards started [[.apm-source-map][0]]"
[2024-04-04T15:32:27,642][INFO ][o.e.c.m.MetadataCreateIndexService] [BNTL2J3] [.ds-.kibana-event-log-ds-2024.04.04-000002] creating index, cause [rollover_data_stream], templates [.kibana-event-log-template], shards [1]/[1]
[2024-04-04T15:32:27,661][INFO ][o.e.c.r.a.AllocationService] [BNTL2J3] updating number_of_replicas to [0] for indices [.ds-.kibana-event-log-ds-2024.04.04-000002]
[2024-04-04T15:32:28,009][INFO ][o.e.c.r.a.AllocationService] [BNTL2J3] current.health="GREEN" message="Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.ds-.kibana-event-log-ds-2024.04.04-000002][0]]])." previous.health="YELLOW" reason="shards started [[.ds-.kibana-event-log-ds-2024.04.04-000002][0]]"
[2024-04-04T15:32:28,116][INFO ][o.e.d.l.DataStreamLifecycleService] [BNTL2J3] Data stream lifecycle successfully rolled over datastream [.kibana-event-log-ds] due to the following met rollover conditions [[min_docs: 1], [max_age: 7d]]. The new index is [.ds-.kibana-event-log-ds-2024.04.04-000002]
[2024-04-04T15:47:01,224][WARN ][o.e.t.ThreadPool         ] [BNTL2J3] timer thread slept for [13.2m/794804ms] on absolute clock which is above the warn threshold of [5000ms]
[2024-04-04T15:47:01,234][WARN ][o.e.t.ThreadPool         ] [BNTL2J3] timer thread slept for [13.2m/794804536000ns] on relative clock which is above the warn threshold of [5000ms]
[2024-04-04T15:47:01,418][WARN ][o.e.m.f.FsHealthService  ] [BNTL2J3] health check of [C:\Users\Shubham.Saxena\Downloads\elasticsearch-8.12.2\elasticsearch-8.12.2\data] took [794805ms] which is above the warn threshold of [5s]
[2024-04-04T15:50:42,080][INFO ][o.e.c.s.IndexScopedSettings] [BNTL2J3] [.ds-.kibana-event-log-ds-2024.03.28-000001] updating [index.merge.policy.floor_segment] from [2mb] to [100mb]
[2024-04-04T15:50:42,082][INFO ][o.e.c.s.IndexScopedSettings] [BNTL2J3] [.ds-.kibana-event-log-ds-2024.03.28-000001] updating [index.merge.policy.merge_factor] from [32] to [16]
[2024-04-04T15:50:42,200][INFO ][o.e.c.s.IndexScopedSettings] [BNTL2J3] [.ds-.kibana-event-log-ds-2024.03.28-000001] updating [index.merge.policy.floor_segment] from [2mb] to [100mb]
[2024-04-04T15:50:42,201][INFO ][o.e.c.s.IndexScopedSettings] [BNTL2J3] [.ds-.kibana-event-log-ds-2024.03.28-000001] updating [index.merge.policy.merge_factor] from [32] to [16]
[2024-04-04T15:50:42,211][INFO ][o.e.d.l.DataStreamLifecycleService] [BNTL2J3] Data stream lifecycle service successfully updated settings [[index.merge.policy.floor_segment, index.merge.policy.merge_factor]] for index index [.ds-.kibana-event-log-ds-2024.03.28-000001]
[2024-04-04T15:52:27,589][INFO ][o.e.d.l.DataStreamLifecycleService] [BNTL2J3] Data stream lifecycle is issuing a request to force merge index [.ds-.kibana-event-log-ds-2024.03.28-000001]
[2024-04-04T15:52:27,640][INFO ][o.e.d.l.DataStreamLifecycleService] [BNTL2J3] Data stream lifecycle successfully force merged index [.ds-.kibana-event-log-ds-2024.03.28-000001]
[2024-04-04T16:29:31,730][WARN ][o.e.t.ThreadPool         ] [BNTL2J3] timer thread slept for [15.1m/911433ms] on absolute clock which is above the warn threshold of [5000ms]
[2024-04-04T16:29:31,779][WARN ][o.e.t.ThreadPool         ] [BNTL2J3] timer thread slept for [15.1m/911432886000ns] on relative clock which is above the warn threshold of [5000ms]
[2024-04-04T16:49:16,542][WARN ][o.e.t.ThreadPool         ] [BNTL2J3] timer thread slept for [3m/181302ms] on absolute clock which is above the warn threshold of [5000ms]
[2024-04-04T16:49:17,093][WARN ][o.e.t.ThreadPool         ] [BNTL2J3] timer thread slept for [3m/181302168400ns] on relative clock which is above the warn threshold of [5000ms]
[2024-04-04T16:52:31,704][INFO ][o.e.n.Node               ] [BNTL2J3] stopping ...
[2024-04-04T16:52:31,722][INFO ][o.e.c.f.AbstractFileWatchingService] [BNTL2J3] shutting down watcher thread
[2024-04-04T16:52:31,729][INFO ][o.e.c.f.AbstractFileWatchingService] [BNTL2J3] watcher service stopped
[2024-04-04T16:52:31,769][INFO ][o.e.x.w.WatcherService   ] [BNTL2J3] stopping watch service, reason [shutdown initiated]
[2024-04-04T16:52:31,767][INFO ][o.e.x.m.p.l.CppLogMessageHandler] [BNTL2J3] [controller/33364] [Main.cc@176] ML controller exiting
[2024-04-04T16:52:31,782][INFO ][o.e.x.m.p.NativeController] [BNTL2J3] Native controller process has stopped - no new native processes can be started
[2024-04-04T16:52:31,782][INFO ][o.e.x.w.WatcherLifeCycleService] [BNTL2J3] watcher has stopped and shutdown
[2024-04-04T16:52:32,622][INFO ][o.e.n.Node               ] [BNTL2J3] stopped
[2024-04-04T16:52:32,623][INFO ][o.e.n.Node               ] [BNTL2J3] closing ...
[2024-04-04T16:52:32,790][INFO ][o.e.n.Node               ] [BNTL2J3] closed

Regards

dadoonet · April 5, 2024, 2:31pm

So Elasticsearch is running at 172.17.112.1:9200

I guess you need to use this address from the machine which is sending logs.

As @Christian_Dahlqvist said earlier, replace:

  "ElasticConfiguration": {
    "Uri": "http://localhost:9200/"
  },

with:

  "ElasticConfiguration": {
    "Uri": "http://172.17.112.1:9200/"
  },

If this does not work, please run something like:

curl http://172.17.112.1:9200/

from the machine where your app is running. Not from Elasticsearch machine.

ShubhamSaxena8 · April 8, 2024, 9:40am

Hello David,

I am working on 1 single machine and all the applications (elasticsearch, kibana and dotnet application) are running locally.

I also changed the configuration (URI) as suggested but still no luck.

I tried it using Azure Elasticsearch service (by default is uses standard license) and it worked for me, but we want to use the Basic free license and in that, there is no security tab in stack management system.

Since I don't have access to security tab, I am not able to create API-key which I can provide while configuring the Elasticsearch in dotnet.

Is it necessary to provide the API-key to ingest the data?

Regards,
Shubham

dadoonet · April 8, 2024, 9:53am

Basic license comes with security. Not all but a lot of features. You probably disabled security by yourself.

Anyway, did you try to run the curl command I mentioned ? What is the output ?

ShubhamSaxena8 · April 8, 2024, 10:51am

I'll Check for the security part in the elastic.yaml file.

The below settings were set to false earlier, is there anything else that I should look into:

# Enable security features
xpack.security.enabled: true

xpack.security.enrollment.enabled: true

Here's the output of the curl command:

{
  "name" : "node-1",
  "cluster_name" : "my-application",
  "cluster_uuid" : "3oW2Fx2EQkaSlj1A5_DzmA",
  "version" : {
    "number" : "8.12.2",
    "build_flavor" : "default",
    "build_type" : "zip",
    "build_hash" : "48a287ab9497e852de30327444b0809e55d46466",
    "build_date" : "2024-02-19T10:04:32.774273190Z",
    "build_snapshot" : false,
    "lucene_version" : "9.9.2",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}