First issue is that data stops being displayed in this area at 23:59:59 of the day before even though I know that data is being indexed into the current days Elasticsearch repository by going into the Dev Tools area and running the /_cat/indices search.
Restarting just the Kibana service doesn't work I have to restart all 3 services (Elasticsearch, Kibana, and Logstash) in order for data to start showing up in the Discover page. Even doing that doesn't result in all of the data showing the results are built starting at midnight and get filled in over the span of a few minutes.
This is very frustrating and is having an impact on our ability to quickly respond to and trouble shoot Production issues. Any help or recommendations is greatly appreciated.
Not sure which files to attach to help with this so let me know what would be helpful and I will get them attached.
looking at how your indices are structured there shouldn't be any problem in displaying them in discover for all the days at the same time.
i assume you have an index pattern something like this: responselog-* and requestlogv2-*.
I haven't done anything to the system but it's been working the past couple of days. I'll continue to monitor but I guess this can be marked as closed - weird.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.