I setup ELK stack 5.6.3. The issue is that Elastic nodes in my cluster are creating indexes with defined name, but when we query /_cat/indices, created indexes are not showing and Kibana dashboard as well. Can you please help me here.
Status Report:
[root@prd-elk1 ~]# curl -XGET -uelastic prd-elk1:9200/_cat/indices?v
Enter host password for user 'elastic':
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
green open .kibana UGs00zcQQUW0jteLI4J4IA 1 1 3 0 33.3kb 16.6kb
[root@prd-elk1 ~]#
It looks like you have XPack security installed with LDAP authentication, is that right? Can you try to query _cat/indices with your LOGSTASH user and not the elastic one. What do you see?
[root@prd-elk1 ~]# curl -XGET -uelastic 'prd-elk1:9200/NginxAccess-2018.01.08/_settings'
Enter host password for user 'elastic':
{"error":{"root_cause":[{"type":"index_not_found_exception","reason":"no such index","index_uuid":"na","resource.type":"index_or_alias","resource.id":"NginxAccess-2018.01.08","index":"NginxAccess-2018.01.08"}],"type":"index_not_found_exception","reason":"no such index","index_uuid":"na","resource.type":"index_or_alias","resource.id":"NginxAccess-2018.01.08","index":"NginxAccess-2018.01.08"},"status":404}
Perfect, after changing the index to lower case, we see listed indexes and Kibana dashboard as well
Thanks all for your wonderful quick [root@prd-elk1 ~]# curl -XGET -uelastic prd-elk1:9200/_cat/indices?v
Enter host password for user 'elastic':
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
green open .kibana UGs00zcQQUW0jteLI4J4IA 1 1 3 0 33.3kb 16.6kb
green open nginxaccess-2018.01.08 -D_LRWaURH-ie_9RMAaCVQ 5 1 2998 0 3.7mb 1.7mb.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.