History: I have been testing ELK stack for a few months now off and on. For months now I have had it logging correctly with no major issues. I picked this back up this week and everything was logging perfectly with 1 exception: I am logging to the main partition and not the /data partition we setup. After logging a very large log file we began to get alerts that our disk was getting full. Today I was making a change to the elasticsearch.yml to have logs be stored on the /data partition and now no dashboards are visible in Kibana. Instead I get the following "
! SearchPhaseExecutionException[Failed to execute phase [query], all shards failed]"
I have reverted to how it was setup previously and logging to the main partition which is not full:
Filesystem Size Used Avail Use% Mounted on
/dev/vda1 24G 16G 6.4G 72% /
Looking at other posts This seems to be the starting point but I am at a loss on where to turn now:
[elasticsearch]# curl -XGET 'http://localhost:9200/_cluster/health?pretty=true'
{
"cluster_name" : "elasticsearch",
"status" : "red",
"timed_out" : false,
"number_of_nodes" : 2,
"number_of_data_nodes" : 1,
"active_primary_shards" : 575,
"active_shards" : 575,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 585
}
I can not seem to grasp the concept of the shards, why they are now unassigned, or why our elasticsearch no longer works correctly.
Any help is greatly appreciated.
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
[hidden email].
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/31caefbe-1cc2-4d9c-a309-f03036e1dda6%40googlegroups.com.
For more options, visit
https://groups.google.com/d/optout.
Locked
New Text Document (4).txt