Hi,
Elasticsearch only showing data as now-24h, either by using curl or kibana.
I am sure data is moved from logstash to elasticsearch as number of documents keep increasing and size too.
This is happening with all indices.
I checked time and Zone, all servers are in-sync
I enforced refresh, but nothing happened.
Thanks
please share the way you searched for data.. i.e. which indices did you query using curl?
Providing reproduction steps and what you tried will help a lot figuring out what happens in addition to a description.
Hi @spinscale
curl -X GET "localhost:9200//_search?pretty" -H 'Content-Type: application/json' -d' {"query": { "match_all": { } }, "sort": { "@timestamp" : "desc" }, "size": 1 }'
And no changes were made for more than 2 months, one day was working fine then suddenly yesterday, it just started this behavior.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.