Hi
Kibana discover is not showing some of the documents from a particular Elasticsearch index. But all the records are present in Easticsearch, that I can view through any installed plugins.
Surprisingly the same thing happened to me few hours ago , ie the data was not showing in Kibana for about half an hour and later I could discover the data in Kibana.
Configuration:
elasticsearch: 2.3.0
kibana: 4.5.0
KB will only ever show what is in ES, but it's TZ relevant.
Maybe you have timezone issues?
I don't think it is something related to Time Zone because it was showing the records properly until today, the problem started all of a sudden.
Kudos to the quick reply.
An update to the post, KB started showing documents from ES, without doing any configuration changes. But I would like to know the reason for the frequent disappearance of data in KB.
Any thoughts on this?
After 4 hours KB issue started again. Not all the records showing.
Are you sure the docs are in ES, ie you can search via an API and see them?
Yes, the docs are perfectly showing in ES.
It is like KB takes a random time (minutes to hours ) to get the data from ES.
But one thing to mention that I can discover the entire data after this random wait time.
More information -
4 sources of logs
1- Syslog from a firewall ( Work fine)
2- Syslog from a proxy server ( Work fine)
3 - Winlogbeats from a Domain Controller ( Work fine)
4 - Winlogbeat from a file server ( Logs from this servers is having problem)
I use same beats input for 3 & 4 ; Nevertheless all the logs are present in ES
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.