LS,
I've been using an ELK-stack for development purposes for a few weeks now,
and my logs were filled with errors.
The errors it seemed were traceable to the fact that Kibana was(/is)
querying all the shards on the node for the @timestamp fields, which isn't
present in the kibana-int index (where Kibana stores it reports).
So when my users generate a report, Kibana searches in _all for the data,
which contains shards/indices not related to logstash... Is there any way I
can limit them to the indices/shards related to Logstash? I dislike errors
in my logging 
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/17438280-2a12-4aac-aa39-4349d4f8d996%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Hi,
In the configuration setting of kibana which appears on top-right corner,
you can provide name of specific index instead of _all under index tab. And
under Timepicker tab, you can provide any date field of the logstash index
instaead of default @timestamp value. Note that date fields name should
not contain @ symbol, it must be like tweetCreatedAt not @tweetCreatedAt.
Regards,
Bharvi Dixit
On Tuesday, 6 May 2014 19:03:04 UTC+5:30, Jorn Eilander wrote:
LS,
I've been using an ELK-stack for development purposes for a few weeks now,
and my logs were filled with errors.
The errors it seemed were traceable to the fact that Kibana was(/is)
querying all the shards on the node for the @timestamp fields, which isn't
present in the kibana-int index (where Kibana stores it reports).
So when my users generate a report, Kibana searches in _all for the data,
which contains shards/indices not related to logstash... Is there any way I
can limit them to the indices/shards related to Logstash? I dislike errors
in my logging 
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/56462433-c6ab-4f76-955b-7b1925b7edcf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.