Hello:
I have a setup with Logstash, ElasticSearch and Kibana and ElasticSeach is not working properly.
I found that before Christmas I had stopped receiving information in Kibana and because of an error in logstash, I increased the congestion threshold which solved the logstash issues.
However when I run curl -X GET http://localhost:9200/_cat/indices?v I get.
yellow open winlogbeat-2017.12.10 5 1 2347489 0 2gb 2gb
red open winlogbeat-2017.12.21 5 1
red open winlogbeat-2017.12.31 5 1
yellow open winlogbeat-2017.12.12 5 1 114 0 425.9kb 425.9kb
red open winlogbeat-2017.12.11 5 1
yellow open winlogbeat-2017.12.14 5 1 75 0 241.6kb 241.6kb
yellow open winlogbeat-2017.12.13 5 1 50 0 193.2kb 193.2kb
yellow open winlogbeat-2017.12.05 5 1 11512589 0 10.1gb 10.1gb
yellow open winlogbeat-2017.12.04 5 1 11511454 0 10gb 10gb
yellow open winlogbeat-2017.12.15 5 1 10 0 65.4kb 65.4kb
yellow open winlogbeat-2017.12.07 5 1 11540471 0 10gb 10gb
yellow open winlogbeat-2017.12.06 5 1 11512191 0 10.1gb 10.1gb
yellow open winlogbeat-2017.12.09 5 1 7889794 0 6.9gb 6.9gb
yellow open winlogbeat-2017.12.08 5 1 11269139 0 9.8gb 9.8gb
yellow open winlogbeat-2018.01.05 5 1 348 0 987.8kb 987.8kb
yellow open .kibana 1 1 103 1 111.3kb 111.3kb
yellow open winlogbeat-2018.01.01 5 1 251 0 979.4kb 979.4kb
yellow open winlogbeat-2018.01.02 5 1 1050 0 1.4mb 1.4mb
red open winlogbeat-2017.12.30 5 1
yellow open winlogbeat-2018.01.03 5 1 95 0 236kb 236kb
yellow open winlogbeat-2018.01.04 5 1 198 0 627.3kb 627.3kb
the indices since Jan/2018 are very small.
How can I trouble shoot this?
Is this a eleasticSearch issue or Logstash? I have checked the logs and do not see any errors?
thanks
Wil