Indexes aren't being autocreated

nijave · July 9, 2019, 10:13pm

I have logstash outputting data to Elasticsearch but it created the first index and hasn't created any since. I created a VM with logstash/elasticsearch with this ansible playbook https://pastebin.com/innbMN4p

/etc/elasticsearch/elasticsearch.yml

cluster.initial_master_nodes: elk01
cluster.name: logs
http.port: 9200
network.host: 0.0.0.0
node.master: true
node.name: elk01
transport.port: 9300

#################################### Paths ####################################

# Path to directory containing configuration (this file and logging.yml):
path.data: /opt/elasticsearch/data
path.logs: /var/log/elasticsearch
action.auto_create_index: true

/etc/logstash/conf.d/logstash.conf

input {
  beats {
    ssl => false
    host => "::"
    port => 5044
  }

  http {
    ssl => false
    host => "::"
    port => 8888
  }

  udp {
    host => "::1"
    port => 10514
    codec => "json"
    type => "rsyslog"
  }
}

output {
  elasticsearch {
    hosts => ["http://localhost:9200"]
    index => "logstash-%{+YYYY.MM.dd}"
    # index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
  }
}

The original index was "logstash-2019.07.02-000001" which seems strange as well--not sure where it got that suffix from

rugenl · July 9, 2019, 10:27pm

Versions 7.0 and beyond use ILM by default. The default policy probably isn't doing daily rollover.

system · August 6, 2019, 10:27pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Why index no automatic create Elasticsearch	4	7357	April 3, 2018
Logstash won't create ES indexes (but will store data) Logstash	3	405	January 13, 2017
Logstash does not create index and doesn't give out any errors. Help Logstash	11	5565	July 6, 2017
Logstash not creating ES indexes Logstash	2	1276	July 6, 2017
Elastic Search index creating with logstash 5.1 Logstash	2	449	January 19, 2017

Indexes aren't being autocreated

Related topics