Kibana unable to find Elasticsearch Indexes, even though they exist in Index Management

Elastic Stack Kibana
1

I've set up an ELK server for a client for testing purposes.
It's running on an Ubuntu 18.04 server.

Current setup:
ElasticSearch, Logstash, FileBeat, Kibana all running latest versions.
Elasticsearch is set to

network.host: 0.0.0.0 
discovery.seedhost: [] 
cluster.initial_master_nodes: []

FileBeat sends data into the default template using the command:

sudo filebeat setup --template -E output.logstash.enabled=false -E 'output.elasticsearch.hosts=["localhost:9200"]'

I am running an NGINX server on there as well that serves Kibana outside the localhost environment in which it operates.
I am also using the default OpenSSH UFW firewall to allow all inbound/ouitbound traffic between my local IP at the office, and the cluster.

The problem:
I can create indexes just fine using the elasticsearch api, and put data directly to the index. I can also see the Filebeat default dashboards. But when i go to the Kibana Settings page -> Index Patterns all i see is this:
" Couldn't find any Elasticsearch data
You'll need to index some data into Elasticsearch before you can create an index pattern. Learn how or get started with some sample data sets."

2020-06-01 01_00_46-Window
2020-06-01 01_00_46-Window1215×461 24.9 KB

If i try to cat all indexes i get this: (Blanked the clients name for anonymitys sake)

2020-06-01 01_10_17-Window
2020-06-01 01_10_17-Window919×411 48.3 KB

I can see the indexes fine in the Elasticsearch -> Index management tab as well:

2020-06-01 01_14_06-Window
2020-06-01 01_14_06-Window1208×900 70.8 KB

The boot log for the Elasticservice looks fine:

    ● elasticsearch.service - Elasticsearch
       Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: enabled)
       Active: active (running) since Sun 2020-05-31 22:39:13 UTC; 36min ago
         Docs: https://www.elastic.co
     Main PID: 16201 (java)
        Tasks: 66 (limit: 4704)
       CGroup: /system.slice/elasticsearch.service
               ├─16201 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+Alwa
               └─16412 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller

    May 31 22:38:56 elastic systemd[1]: Starting Elasticsearch...
    May 31 22:39:13 elastic systemd[1]: Started Elasticsearch.

I am a bit baffled at this point, as it's the first time i've seen this. Any ideas?

2

Do you know why your indices all show up with a yellow status?

Could you share a HAR capture after pressing "Check for new data" in the "Create index pattern" page?

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.