SettingUp ElasticSearch Logstash

7
votes

I am trying to setup a LogStash/Redis/ElasticSearch pipeline for centralized logging,I have a few questions,

  1. I believe for this to work, you need a specific version of elasticsearch & logstash, is there a place where I can find a one-to-one mapping as to what versions of elasticsearch & logstash gel together.

  2. This might sound very silly but, in the elasticsearch.yml file all lines start with #, do I need to get rid of the # for some minimum values.

  3. Lastly I set up the whole pipeline, but I see the following error,

    NativeException - org.elasticsearch.cluster.block.ClusterBlockException: blocked by: [SERVICE_UNAVAILABLE/1/state not recovered / initialized];[SERVICE_UNAVAILABLE/2/no master];:
    org/elasticsearch/cluster/block/ClusterBlocks.java:138:in `globalBlockedException'
    org/elasticsearch/cluster/block/ClusterBlocks.java:128:in `globalBlockedRaiseException'

Also I installed the elasticsearch head plugin, but it fails to load up, all I see is a spinning wheel in the Chrome tab.

2
elasticsearchlogstash
The best way to get help with logstash is to use the mailing list or IRC channel since that is where the active community and expert users reside. - user358967

2 Answers

12
votes

1 Look a the logstash elasticsearch output

It says that for logstash 1.1.9 you should use elasticsearch 0.20.2.

2 Depends of your needs and your environment, but initially you don't need to change anything in elasticsearch to make it work.

3 It sounds like you have problems finding the nodes, maybe it is something related with the multicast discovery and the configuration of your environment.

Look at elasticsearch zen discovery

Try disabling multicast to use unicast instead, to do that just uncomment this line within your elasticsearch.yml configuration file:

discovery.zen.ping.multicast.enabled: false

and set the unicast hosts to match your environment:

discovery.zen.ping.unicast.hosts: ["localhost"]

Maybe this thread can help you.

0
votes

If you are running @ cluster navigate to config directory. It is inside your elastic directory

at elasticsearch.yml enable :-

discovery.zen.ping.multicast.enabled: false

by default it is 

#discovery.zen.ping.multicast.enabled: false