Hello,
I have inserted few logs in ES using logstash. But when I check the count of actual log and data inserted in ES, it is not matching. Seems like logstash is dropping few messages.
If I check the count in kibana using "ab.cd:device", I get 2000
and
count of cd=device gives 2001
So my question is where is my 1 log and why is it not showing in first query.
Ajays
Have you checked the Logstash logs? Are there any errors?
I used rubydebug in logstash configuration and send the output to a file. When I checked the file I found no error at all. I thought I would get one _grokparsefailure error but I got no errors at all.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.