Hello
I have an Elasticsearch index that has one primary shard and one replica shard.
This is a snapshot of the document count:
document count on the primary shard is 677919
document count on the replica shard is 638374
This index is being updated with new documents every second
so I am expecting to see results every second
but I notice that kibana not showing the results for the last 15 mins even though there are events incoming into the system (through logstash)
but if I tried to check the last 5 hours, the results are being shown
I am also noticing timeout from logstash (every 1 hour or 2 hours) when trying to connect to Elasticsearch
Attempted to send a bulk request to elasticsearch' but Elasticsearch appears to be unreachable or down! {:error_message=>"Elasticsearch Unreachable: [http://elastic:xxxxxx@172.21.71.116:9200/][Manticore::SocketTimeout] Read timed out", :class=>"LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError", :will_retry_in_seconds=>2}
even if there are events that are being dropped during this timeout, other events should be displayed in kibana (the data rate incoming into the system is very high)
Is there a reason for this?
Thanks in advance