Kibana indexes will not update or delete

burnsie · October 22, 2015, 4:03pm

I am relatively new to the ELK and have been playing around with the index for the last couple of weeks.
We are modelling a log file that is also currently under-deveopment, hence there are many changes.
I regularly update the Logstash conf file, delete the old index (using the CURL command) and then kick-off logstash again using the same Index name.

Now the kibana gui doesn't allow me to update or delete any of the existing indices. This of course results in the logs not being correctly logged.

I have also tried with a new index name and now the kibana tool doesn't find the new indexes

Please help...

tbragin · November 5, 2015, 5:55am

Do you mean that you cannot update the index patterns in Kibana? I have seen some issues deleting an index pattern and re-creating it with slightly different parameters: https://github.com/elastic/kibana/issues/4446

Workaround was to manually delete the index pattern object in the .kibana index.

burnsie · November 5, 2015, 8:31am

Thanks for the feedback,

I found the problem.. actually it was a 'rookie' error. I have been running Logstash via Putty, but just because my putty session finishes, the logstash thread does not. As a consequence I had a load of running logstash instances continually populating the index. No wonder I couldn't do anything with it. After cleaning up the open logstash session then its been easy to maintain the index.

I also installed Kopf, which makes things even easier and its also something I would recommend to others.

tbragin · November 6, 2015, 4:59am

Thanks for the update!

system · July 6, 2017, 2:09pm