Hi,
Using the unzip install method. Unzip, run elasticsearch.bat and it seems to be hanging at [o.e.c.m.MetadataIndexTemplateService] adding index template [logs] for index patterns [logs--] for hours. I was expecting the install to finish and show me the elastic auto generated password. Prior to this point everything seems fine.
Machine is a VM with 6 processors/16GB RAM. Task manager shows barely any activity at all. OS is Windows Server 2022 Standard.
Thanks!
Hi @MColeman
What version?
Are you running per these docs
Are you running in the foreground or installing as a service?
The whole initial run should take just a couple mins...
Of course Elasticsearch will try to claim 8GB ram for VM unless you set jvm.options
Hi Stephen!
Version 8.11.0 - looks like 8.11.3 is out though so let me try it instead. I was using those docs.
Let me try 8.11.3 and see if it's any different.
Thanks!
Clean out the data directory.
And are you running in the foreground or service... I would run in the foreground first.
Ok. I deleted everything to start over. Running foreground first from an admin command prompt. I went ahead and grabbed the new Kibana and logstash as well.
The ultimate goal is to migrate our existing ELK stack off Centos and onto a Windows cluster.
Ok, using 8.11.3 - hangs at the same place. Running in the foreground from an admin command prompt.
[2023-12-12T11:19:39,319][INFO ][o.e.c.m.MetadataIndexTemplateService] [USNCA1MAMS162] adding index template [behavioral_analytics-events-default] for index patterns [behavioral_analytics-events-*]
[2023-12-12T11:19:39,381][INFO ][o.e.x.i.a.TransportPutLifecycleAction] [USNCA1MAMS162] adding index lifecycle policy [.fleet-file-fromhost-meta-ilm-policy]
[2023-12-12T11:19:39,460][INFO ][o.e.x.i.a.TransportPutLifecycleAction] [USNCA1MAMS162] adding index lifecycle policy [.deprecation-indexing-ilm-policy]
[2023-12-12T11:19:39,522][INFO ][o.e.x.i.a.TransportPutLifecycleAction] [USNCA1MAMS162] adding index lifecycle policy [.fleet-file-tohost-meta-ilm-policy]
[2023-12-12T11:19:39,585][INFO ][o.e.x.i.a.TransportPutLifecycleAction] [USNCA1MAMS162] adding index lifecycle policy [.fleet-file-fromhost-data-ilm-policy]
[2023-12-12T11:19:39,663][INFO ][o.e.x.i.a.TransportPutLifecycleAction] [USNCA1MAMS162] adding index lifecycle policy [.fleet-actions-results-ilm-policy]
[2023-12-12T11:19:39,711][INFO ][o.e.x.i.a.TransportPutLifecycleAction] [USNCA1MAMS162] adding index lifecycle policy [.fleet-file-tohost-data-ilm-policy]
[2023-12-12T11:19:39,917][INFO ][o.e.h.n.s.HealthNodeTaskExecutor] [USNCA1MAMS162] Node [{USNCA1MAMS162}{h06NPO49SwmyBFDS-Uf_cA}] is selected as the current health node.
[2023-12-12T11:19:40,060][INFO ][o.e.l.ClusterStateLicenseService] [USNCA1MAMS162] license [e84e8cd9-d41c-49c5-a39b-58f062f24ef1] mode [basic] - valid
[2023-12-12T11:19:40,060][INFO ][o.e.x.s.a.Realms ] [USNCA1MAMS162] license mode is [basic], currently licensed security realms are [reserved/reserved,file/default_file,native/default_native]
[2023-12-12T11:19:40,139][INFO ][o.e.x.c.t.IndexTemplateRegistry] [USNCA1MAMS162] adding ingest pipeline logs-default-pipeline
[2023-12-12T11:19:40,139][INFO ][o.e.c.m.MetadataIndexTemplateService] [USNCA1MAMS162] adding component template [logs-settings]
[2023-12-12T11:19:40,218][INFO ][o.e.c.m.MetadataIndexTemplateService] [USNCA1MAMS162] adding index template [logs] for index patterns [logs-*-*]
hmmmm....and you are sure the endpoint is not up and running
I don't have a windows box handy I will check on my Mac see what comes after that step.
http://localhost:9200 opens a username/password dialog, but the install has never shown me the elastic password. This is a fresh VM, nothing else on it
It looks like it's elasticsearch if I cancel on the authentication dialog
{
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "missing authentication credentials for REST request [/]",
"header": {
"WWW-Authenticate": [
"Basic realm=\"security\" charset=\"UTF-8\"",
"ApiKey"
]
}
}
],
"type": "security_exception",
"reason": "missing authentication credentials for REST request [/]",
"header": {
"WWW-Authenticate": [
"Basic realm=\"security\" charset=\"UTF-8\"",
"ApiKey"
]
}
},
"status": 401
}
Interesting... you could try to reset the password.... but something does not seem right, I will not be able to look at this until later...
But it looks like elasticsearch is running...
Thanks for the help! No rush. I'm out the rest of the week
And you are just running in the foreground? not as a service correct?
Correct - Here are my steps:
Unzip the downloaded zip file
Take the extracted directory and copy it to the root of the drive (E: or F: - I've tried two different drives)
rename the directory to just elasticsearch
open admin command prompt
cd e:\elasticsearch\bin
elasticsearch.bat
Oddly enough I think you should run
cd e:\elasticsearch
.\bin\elasticsearch.bat
I think the relative directory may be important....
You won't believe it but I did it this way and it worked fine:
unzip the zip file
moved the elasticsearch-8.11.3 directory to the root of the E drive
opened a normal command prompt - not admin
cd E:\elasticsearch-8.11.3
.\bin\elasticsearch.bat
Completed in less than a minute
heheheh sometimes we get lucky, and it is just the simple things.
Yeah it is because it finds the other config files relatively..
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.