I'm currently using this docker container (v7.2.1 source) to monitor my dockerized .Net Core 2.1 API. My API has the Serilog.Elasticsearch.Sink installed in order to communicate with the ELK container. I ran these two containers on different VMs using host network and they can be accessed by all machines in the local network. They were able to communicate with each other at the beginning. However, after I tried to debug my API in Visual Studio using IIS and connected it with the ELK, the ELK container start malfunctioning. I used docker system prune -a -f in order to reset everything, but for some reason the ELK container still managed to restore old logstash index whenever I try to connect it with either my API container or IIS service. Also, it stops receiving new logging data from both container and IIS service. I used REST request URI http://IP-To-ELK:9200/_search?pretty to inspect and sometimes the hit count increases but only old data from time period in the past shows up in the Discover panel.
I'm new to ELK and I'm not sure what exactly caused this issue. However, if any suggestion in regard to this issue would be appreciated. Additionally, can anyone tell me where the data searched by using the REST request URI is located and why ELK container is able to retrieve it even after a 'docker system prune'?