Hi
I have been using a ELK stack now for nearly a year. I have noticed that my logstash is no longer sending data to ES/Kibana, It looks like the issue started about a month ago (worked fine until then)
I am using a single node setup, which collects logs locally (no filebeat)
Logstash is running -
[logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
Logstash also seems to off stopped logging to /var/log/logstash in around march, exept occasionly. (The data is also inconsitent), There is for example 400 hits on 20/05/2019 but if i cat | wc -l the logs there should be over 10k+.
Elastic search is running -
curl -v http://localhost:9200
- Rebuilt URL to: http://localhost:9200/
- Trying 127.0.0.1...
- TCP_NODELAY set
- Connected to localhost (127.0.0.1) port 9200 (#0)
GET / HTTP/1.1
Host: localhost:9200
User-Agent: curl/7.58.0
Accept: /
< HTTP/1.1 200 OK
< content-type: application/json; charset=UTF-8
< content-length: 493
<
{
"name" : "nre3ddu",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "7N8kPCIZRamfOPFOCCMA3A",
"version" : {
"number" : "6.5.1",
"build_flavor" : "default",
"build_type" : "deb",
"build_hash" : "8c58350",
"build_date" : "2018-11-16T02:22:42.182257Z",
"build_snapshot" : false,
"lucene_version" : "7.5.0",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}
- Connection #0 to host localhost left intact
I am pretty sure the logstash logs should be full of information, but it doesnt seem to be doing anything.
I don't really know where to start in diagnosing this, can someone point me in the right direction?