Logstash monitoring issue when monitoring multiple nodes

Elastic Stack Logstash
1

Hi,

I have recently built couple of new LS nodes and in our production to be cluster and installed x-pack on each one for monitoring.

unfortunately im seeing a weird error and I hope someone has came across such issue. Once I enable the monitoring on all nodes they all write to the same index! tried to work with two nodes only and they still all write to the same index.

in the monitoring gui the node name keeps alternating between all of my nodes with each refresh.

At this point not sure if this is something on my end (network related), or an elastic bug somewhere.

In the past I have done this and was working nicely as soon as I restarted my LS service, but this time is totally different.

Thank you,

2

problem solved!

Since I have copied/used the same image containing LS, on multiple VMs the uuid for LS was the same for all, and since ES I believe relies on that the host name didn't make a difference.

Stopped LS, deleted uuid and initiated a reboot resolved the issue.

3

Great! I'm glad you were able to solve your problem. Thanks for posting your solution!

CJ

4

How do you delete the UUID for a Logstash Server? I am not able to find a whole lot of information on how to do it online.

5

if you are on a Linux system its under /var/lib/logstash.

Yml file usually tells you the location.

# ------------ Data path ------------------
#
# Which directory should be used by logstash and its plugins
# for any persistent needs. Defaults to LOGSTASH_HOME/data
#
path.data: /var/lib/logstash
6

Thanks! That worked.

7

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.