Hello!
So it's been some time I've spent trying to figure out what exactly is happening and why there is a problem.
We're sending information from a server through Filebeat to Logstash. Logstash is installed on one of the nodes in our cluster, it contains 3 elastic nodes and a kibana server. Logstash is only installed on node 1.We're running 7.1.10.
Looking into the Logstash logs ,which are on debug logging level right now, I can see the payload reaching Logstash and also the various grok modifications.
The problem is that the data is not updated on the index. Elasticsearch logs offer no errors or relevant information.
The whole process used to be working fine 2 months ago, no changes.
My question is where should I start looking in order to understand why the data does not reach the Elasticsearch indices.
Much appreciated,
Vlad