Hello.
We are working with elastic 8.4.x and the ecs-logstash was working correctly. We have updated the version 8.10..4 and the ecs-logstash and pattern is not found. It's possibility that the version is not available. The file ecs-logstash is not in /etc/logstash/conf.d and the file logstash.conf is the same. The file configuration is logstash.yml
The version java is 8.10.4.
Thanks
Hello @jgomezf
Welcome to the community!!
The issue is not clear, can you share more information which can be helpful.
Your previous elk version was 8.4.x & everything was working as expected. You did upgrade to 8.10.4 for your ELK stack & post this you are having issues?
Thanks!!
Hi.
Sorry for this not clear. We have updated 8.4.x to 8.10.x and the problem is that the ecs-logstash is missing in Index Pattern. When I worked with 8.4.x the ecs-logstash is working correctly.
Thanks
Hello and welcome,
Can you provide more context about what it is not working? There is no such thing as an ecs-logstash file inside /etc/logstash/conf.d by default.
Do you havey any logstash logs with error that you can share? it is not clear what is your issue here.
Hello.
The logs do not show any errors that indicate the problem. The problem we are experiencing is as follows:
We have updated to version 8.10.x and have detected that ecs-logstash* does not appear in Index-Pattern. It worked with the previous version (8.4.x).
As mentioned, it is not clear what you mean with this, you need to provide some context, a log, some error, some screenshot.
What you mean with ecs-logstash? Is it an index?
Hi Leandro.Sorry for this not clear. ecs-logstash is a Index Pattern
This is a little painful thread. It's going to be really challenging to help you if you are not more open and clear.
Do you have kibana? What does a GET (dev tools) on
_cat/indices?index=*,.*&h=index,health,dc,ss,cd&s=cd&bytes=b
return?
what does this actually mean? Please write a couple of sentences on HOW you did that upgrade, what you upgraded, tell us a little bit about your environment, how big is your cluster, etc.
OK, and what indices do you think the index pattern previously matched ?
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.