Finallay I have to bring up my elastic server back to normal.
FYI.
Below are the versions I see in both elasticserach and kibana versions.
root@elk:/usr/share/elasticsearch# sudo ./bin/elasticsearch --version
Version: 8.4.3, Build: deb/42f05b9372a9a4a470db3b52817899b99a76ee73/2022-10-04T07:17:24.662462378Z, JVM: 18.0.2.1
Kibana : 8.4.3 version
sudo /usr/share/kibana/bin/kibana --version --allow-root
8.4.3
@warkolm Currently my elastic service failed with error "[2022-10-22T11:47:16,777][INFO ][o.e.x.m.p.NativeController] [node-1] Native controller process has stopped - no new native processes can be started"
Kibana status and logs
root@elk:/usr/share/elasticsearch# sudo systemctl status kibana
● kibana.service - Kibana
Loaded: loaded (/etc/systemd/system/kibana.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2022-10-20 12:58:21 IST; 1 day 23h ago
Main PID: 835605 (code=exited, status=78)
Oct 20 12:58:21 elk systemd[1]: kibana.service: Scheduled restart job, restart counter is at 9.
Oct 20 12:58:21 elk systemd[1]: Stopped Kibana.
Oct 20 12:58:21 elk systemd[1]: kibana.service: Start request repeated too quickly.
Oct 20 12:58:21 elk systemd[1]: kibana.service: Failed with result 'exit-code'.
Oct 20 12:58:21 elk systemd[1]: Failed to start Kibana.
root@elk:/usr/share/elasticsearch# sudo journalctl -fu kibana.service
-- Logs begin at Thu 2022-10-13 16:41:01 IST. --
Oct 20 12:58:17 elk kibana[835605]: at bootstrap (/usr/share/kibana/src/core/server/bootstrap.js:99:9)
Oct 20 12:58:17 elk kibana[835605]: at Command. (/usr/share/kibana/src/cli/serve/serve.js:216:5)
Oct 20 12:58:17 elk kibana[835605]: FATAL Error: [config validation of [elasticsearch].username]: value of "elastic" is forbidden. This is a superuser account that cannot write to system indices that Kibana needs to function. Use a service account token instead. Learn more: Service accounts | Elasticsearch Guide [8.0] | Elastic
Elasticsearch service failed with below error
root@elk:/usr/share/elasticsearch# tail -f /var/log/elasticsearch/wakefit.log
at org.elasticsearch.index.mapper.MapperService.parseMapping(MapperService.java:370) ~[elasticsearch-8.4.3.jar:?]
at org.elasticsearch.index.mapper.MapperService.merge(MapperService.java:347) ~[elasticsearch-8.4.3.jar:?]
at org.elasticsearch.index.mapper.MapperService.merge(MapperService.java:337) ~[elasticsearch-8.4.3.jar:?]
at org.elasticsearch.cluster.metadata.IndexMetadataVerifier.checkMappingsCompatibility(IndexMetadataVerifier.java:197) ~[elasticsearch-8.4.3.jar:?]
... 8 more
[2022-10-22T11:47:16,561][INFO ][o.e.n.Node ] [node-1] stopping ...
[2022-10-22T11:47:16,733][INFO ][o.e.n.Node ] [node-1] stopped
[2022-10-22T11:47:16,733][INFO ][o.e.n.Node ] [node-1] closing ...
[2022-10-22T11:47:16,770][INFO ][o.e.n.Node ] [node-1] closed
[2022-10-22T11:47:16,777][INFO ][o.e.x.m.p.NativeController] [node-1] Native controller process has stopped - no new native processes can be started
Elasticalerts status and logs
root@elk:/usr/share/elasticsearch# systemctl status elastalert.service
● elastalert.service - elastalert
Loaded: loaded (/lib/systemd/system/elastalert.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2022-10-20 13:14:58 IST; 1 day 23h ago
Main PID: 840367 (elastalert)
Tasks: 4 (limit: 9507)
Memory: 47.8M
CGroup: /system.slice/elastalert.service
└─840367 /usr/bin/python3 /usr/local/bin/elastalert --verbose --config /opt/elastalert/config.yaml
Oct 22 12:25:44 elk elastalert[840367]: urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='143.110.240.197', port=9200): Max retries exceeded with url: / (Caused by NewConnectionError('
Oct 22 12:25:44 elk elastalert[840367]: During handling of the above exception, another exception occurred:
Oct 22 12:25:44 elk elastalert[840367]: Traceback (most recent call last):
Oct 22 12:25:44 elk elastalert[840367]: File "/usr/local/lib/python3.8/dist-packages/elasticsearch/connection/http_requests.py", line 77, in perform_request
**Oct 22 12:25:44 elk elastalert[840367]: response = self.session.send(prepared_request, send_kwargs)
Oct 22 12:25:44 elk elastalert[840367]: File "/usr/local/lib/python3.8/dist-packages/requests/sessions.py", line 655, in send
**Oct 22 12:25:44 elk elastalert[840367]: r = adapter.send(request, kwargs)
Oct 22 12:25:44 elk elastalert[840367]: File "/usr/local/lib/python3.8/dist-packages/requests/adapters.py", line 516, in send
Oct 22 12:25:44 elk elastalert[840367]: raise ConnectionError(e, request=request)
Oct 22 12:25:44 elk elastalert[840367]: requests.exceptions.ConnectionError: HTTPConnectionPool(host='143.110.240.197', port=9200): Max retries exceeded with url: / (Caused by NewConnectionError('
root@elk:/usr/share/elasticsearch# netstat -tulpn | grep LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 632/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 846/sshd: /usr/sbin
tcp6 0 0 127.0.0.1:9600 :::* LISTEN 1606922/java
tcp6 0 0 :::22 :::* LISTEN 846/sshd: /usr/sbin
How to debug this issue. kindly help.