Tips for ELK

Here we want to list the common issues faced with ELK and their solutions

List all indices

curl -v http://127.0.0.1:9200/_cat/indices?v

Delete an index

curl -XDELETE http://127.0.0.1:9200/docker-generic-upload-2018.04.12

The cluster status or an index is red

Issue

heetis@HEE-TIS-VM-PROD-ES:~$ curl http://127.0.0.1:9200/_cat/indices|grep red
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 16875  100 16875    0     0   265k      0 --:--:-- --:--:-- --:--:--  270k
heetis@HEE-TIS-VM-PROD-ES:~$

Diagnostic

heetis@HEE-TIS-VM-DEV-ES:~$ curl -XGET localhost:9200/_cat/shards?h=index,shard,prirep,state,unassigned.reason| grep UNASSIGNED
heetis@HEE-TIS-VM-DEV-ES:~$

Fix

heetis@HEE-TIS-VM-DEV-ES:~$ curl -XPUT 'localhost:9200/_cluster/settings' -d '{ "persistent":
  { "cluster.routing.allocation.enable" : "all"
  }
}'
heetis@HEE-TIS-VM-DEV-ES:~$

Some indices are yellow

issue

heetis@HEE-TIS-VM-UAT-ES:~$ curl http://127.0.0.1:9200/_cat/indices|grep yellow
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 16576  100 16576    0     0   695k      0 --:--:-- --:--:-- --:--:--  703k
yellow open .kibana                         1 1      1 0     3kb     3kb
heetis@HEE-TIS-VM-UAT-ES:~$

Diagnostic TODO

Fix

heetis@HEE-TIS-VM-UAT-ES:~$ curl -XPUT 'localhost:9200/.kibana/_settings' -d '{"number_of_replicas": 0}'
heetis@HEE-TIS-VM-UAT-ES:~$

To list all backup repositories

curl -XGET http://localhost:9200/_snapshot/_all
To list all snapshots in the repository (elasticsearch)

curl -XGET http://localhost:9200/_snapshot/elasticsearch/_all
To restore a particular snapshot (Eg: 2017.01.18)

curl -X POST http://localhost:9200/_snapshot/elasticsearch/2017.01.18/_restore