elasticsearch-dump: [BUG] reference #1302

i have set number of replicas to 0, and system is green, all indexes green.

green open .internal.alerts-transform.health.alerts-default-000001            4pn5Hl7RTw2XjY6XTMitTg 1 0    0 0    249b    249b    249b
green open .internal.alerts-observability.logs.alerts-default-000001          51RrPAazTDyKrHFzgNLmRg 1 0    0 0    249b    249b    249b
green open .internal.alerts-observability.uptime.alerts-default-000001        b8gQVtsaQia-iJTyzCjFFw 1 0    0 0    249b    249b    249b
green open .ds-logs-generic-default-2023.08.13-000003                         k2xuuxchRlm9Y1YJbb5_6w 1 0 2227 0   2.7mb   2.7mb   2.7mb
green open .internal.alerts-ml.anomaly-detection.alerts-default-000001        Hrfhs-zOTAmxBYgawV_eGw 1 0    0 0    249b    249b    249b
green open .ds-logs-generic-default-2023.10.12-000005                         lc0qHE0kRF2KHKeXCmgsJg 1 0   82 0 204.3kb 204.3kb 204.3kb
green open .internal.alerts-observability.slo.alerts-default-000001           Zxgzua58RveGSk5sshC1ZQ 1 0    0 0    249b    249b    249b
green open .internal.alerts-default.alerts-default-000001                     UstpyAU2SVSa2ioJKD66og 1 0    0 0    249b    249b    249b
green open .internal.alerts-observability.apm.alerts-default-000001           m0T25e0OQ_ij3iWjxhfQBg 1 0    0 0    249b    249b    249b
green open .ds-logs-generic-default-2023.09.12-000004                         Nb8SMbq1QlqMwaO2ubLagA 1 0 1201 0   1.5mb   1.5mb   1.5mb
green open .internal.alerts-observability.metrics.alerts-default-000001       YIFiI3jDQLuzDF-4BuZBAA 1 0    0 0    249b    249b    249b
green open .kibana-observability-ai-assistant-conversations-000001            L07ihP92S5SmAA9VWs_J6Q 1 0    0 0    249b    249b    249b
green open .internal.alerts-ml.anomaly-detection-health.alerts-default-000001 Zf8TDGGPR4yjHytXW2NbDA 1 0    0 0    249b    249b    249b
green open .internal.alerts-observability.threshold.alerts-default-000001     WxRy8xIGTAud7ctx79s_AA 1 0    0 0    249b    249b    249b
green open .ds-logs-generic-default-2024.02.02-000008                         BSKPNM7aSueWyG1Ollf-Tw 1 0   15 0  57.8kb  57.8kb  57.8kb
green open .ds-logs-generic-default-2023.07.14-000002                         HF-cHvjvR7mD48_PkmxB8A 1 0 1030 0   1.2mb   1.2mb   1.2mb
green open .ds-logs-generic-default-2023.11.26-000006                         qCacTx5IQsamA4n38isf-A 1 0   21 0 102.6kb 102.6kb 102.6kb
green open .kibana-observability-ai-assistant-kb-000001                       INk5UBC4T5Gp0q0VTB-d0Q 1 0    0 0    249b    249b    249b
green open .internal.alerts-security.alerts-default-000001                    yGYMwJdzSI2Gt-cl8wzwyg 1 0    0 0    249b    249b    249b
green open .ds-logs-generic-default-2023.06.14-000001                         vRdMOCBPRSO1PPgJosUMtA 1 0 1480 0     1mb     1mb     1mb
green open .ds-logs-generic-default-2023.12.26-000007                         vQbBXf4tSHKqWihRwmLSWw 1 0   85 0 181.8kb 181.8kb 181.8kb
green open .internal.alerts-stack.alerts-default-000001                       bDFTw5zFR5S1sKeXOdWHVQ 1 0    0 0    249b    249b    249b

data sizes look right…

but I can’t find these in discover. logs-* is the default view , nothing… trying to create a view with ds-, .ds-. all turn up nothing…

i started over, deleted the implementation and set number of replicas to 0. same results…

I am NOT an es expert by any means… the tools docs says ‘easy’… but I am lost… nothing matches up… correct number of records written… they look present… just don’t know where they are…

About this issue

  • Original URL
  • State: closed
  • Created 3 months ago
  • Comments: 16

Most upvoted comments

my logstash pipeline is pretty simple

input {
        beats {
                port => 5044
        }

        tcp {
                port => 50000
        }
        http {
            host => "0.0.0.0"
            port => "3000"
          }
}

## Add your filters / logstash plugins configuration here

filter {
        if [http][method] != "POST" {
                 drop {}
         }
}

output {
        elasticsearch {
                hosts => "elasticsearch:9200"
                user => "logstash_internal"
                password => "${LOGSTASH_INTERNAL_PASSWORD}"
        }
}
+1
sdetweil on Apr 12, 2024
Read more comments on GitHub
← elasticsearch-dump: [BUG] - Dump is completing without backing up all data
elasticsearch-dump: [BUG] When dumping an index to file , elasticsearch-dump misses the last batch with concurrency=2, limit=10000 →