and my kibana is pointing to the dummy node that is part of the same cluster.
What im experiencing is, that kibana have some delay for some of the data (up to 5 mins) and it has no issues for other data (see screenshot for example).
Should i be sending data from logstas to elastic cluster in a different way ?
all the lines except a few stop at 22:45-ish. Those are the late data i am talking about.
But there are a few lines (purple one and a few at the bottom that you cannot see) that have data up to "now" (where now is 22:48-ish
Edit:
Just to clarify, i've never seen all the data aligned and realtime so its probably a wrong setup on my side. The question is what im doing wrong.
What happened at 22:45, i.e. why did events from some servers cease to arrive?
The @timestamp values are set by Logstash so the lateness isn't on the Kibana or Elasticsearch side. Are you using Logstash's date filter to populate the @timestamp field with the actual time of the event?
Nothing special happened. Kibana displays real time data for a fraction of the servers im collecting data from. All the others are displayed with delay.
The graph is using an x-Axis date historgram aggregation with field @timestamp
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
