Indexes aren't being autocreated

nijave · July 9, 2019, 10:13pm

I have logstash outputting data to Elasticsearch but it created the first index and hasn't created any since. I created a VM with logstash/elasticsearch with this ansible playbook https://pastebin.com/innbMN4p

/etc/elasticsearch/elasticsearch.yml

cluster.initial_master_nodes: elk01
cluster.name: logs
http.port: 9200
network.host: 0.0.0.0
node.master: true
node.name: elk01
transport.port: 9300

#################################### Paths ####################################

# Path to directory containing configuration (this file and logging.yml):
path.data: /opt/elasticsearch/data
path.logs: /var/log/elasticsearch
action.auto_create_index: true

/etc/logstash/conf.d/logstash.conf

input {
  beats {
    ssl => false
    host => "::"
    port => 5044
  }

  http {
    ssl => false
    host => "::"
    port => 8888
  }

  udp {
    host => "::1"
    port => 10514
    codec => "json"
    type => "rsyslog"
  }
}

output {
  elasticsearch {
    hosts => ["http://localhost:9200"]
    index => "logstash-%{+YYYY.MM.dd}"
    # index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
  }
}

The original index was "logstash-2019.07.02-000001" which seems strange as well--not sure where it got that suffix from

rugenl · July 9, 2019, 10:27pm

Versions 7.0 and beyond use ILM by default. The default policy probably isn't doing daily rollover.

system · August 6, 2019, 10:27pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash does not create index and doesn't give out any errors. Help Logstash	11	5563	July 6, 2017
How to create index automatically by logstash conf Logstash	6	8368	July 6, 2017
Logstash does not create index on elasticsearch Logstash	5	7482	September 2, 2020
New index is not created Elasticsearch	7	4925	February 14, 2020
Logstash not creating new index Logstash	8	448	January 6, 2022

Indexes aren't being autocreated

Related Topics