Logstash monitoring issue when monitoring multiple nodes

ELK_GB · June 9, 2017, 3:41pm

Hi,

I have recently built couple of new LS nodes and in our production to be cluster and installed x-pack on each one for monitoring.

unfortunately im seeing a weird error and I hope someone has came across such issue. Once I enable the monitoring on all nodes they all write to the same index! tried to work with two nodes only and they still all write to the same index.

in the monitoring gui the node name keeps alternating between all of my nodes with each refresh.

At this point not sure if this is something on my end (network related), or an elastic bug somewhere.

In the past I have done this and was working nicely as soon as I restarted my LS service, but this time is totally different.

Thank you,

ELK_GB · June 9, 2017, 4:34pm

problem solved!

Since I have copied/used the same image containing LS, on multiple VMs the uuid for LS was the same for all, and since ES I believe relies on that the host name didn't make a difference.

Stopped LS, deleted uuid and initiated a reboot resolved the issue.

cjcenizal · June 9, 2017, 8:14pm

Great! I'm glad you were able to solve your problem. Thanks for posting your solution!

CJ

buddyedwards · June 26, 2017, 3:28pm

How do you delete the UUID for a Logstash Server? I am not able to find a whole lot of information on how to do it online.

ELK_GB · June 26, 2017, 3:55pm

if you are on a Linux system its under /var/lib/logstash.

Yml file usually tells you the location.

# ------------ Data path ------------------
#
# Which directory should be used by logstash and its plugins
# for any persistent needs. Defaults to LOGSTASH_HOME/data
#
path.data: /var/lib/logstash

buddyedwards · June 26, 2017, 4:08pm

Thanks! That worked.

system · July 24, 2017, 4:08pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.