elasticsearch - Unable to see data in Kibana 4 on Ubuntu -


i trying visualize data file using kibana

the format of file follows

timestamp;elapsed;label;responsecode;responsemessage;threadname;success;failuremessage;bytes;grpthreads;allthreads;latency;samplecount;errorcount;hostname 2016-01-16 02:27:17,565;912;http request;200;ok;thread group 1-5;true;;78854;10;10;384;1;0;sundeep-latitude-e6440    timestamp;elapsed;label;responsecode;responsemessage;threadname;success;failuremessage;bytes;grpthreads;allthreads;latency;samplecount;errorcount;hostname 2016-01-16 02:27:17,565;912;http request;200;ok;thread group 1-5;true;;78854;10;10;384;1;0;sundeep-latitude-e6440

to map above data, logstash config follows:

input {    file {     path => [ "/home/sundeep/data/test.csv"]     start_position => "beginning"       sincedb_path => "/dev/null"     } } filter {   if ([message] =~ "responsecode") {     drop { }   } else {     csv {     separator => ";"         columns => ["timestamp", "elapsed", "label", "responsecode","responsemessage","threadname",                 "success","failuremessage", "bytes", "grpthreads", "allthreads", "latency",                 "samplecount", "errorcount", "hostname"]    }    } }  output {   elasticsearch { hosts => ["localhost:9200"]     index => "aa-%{+yyyy-mm-dd}"   } }

the template file follows:

{ "template": "aa-*", "settings": {     "number_of_shards": 1,     "number_of_replicas": 0,     "index.refresh_interval": "5s" }, "mappings": {     "logs": {         "properties": {             "timestamp": {               "index": "analyzed",       "type": "date",       "format": "yyyy-mm-dd hh:mm:ss,sss"             },             "elapsed": {                 "type": "long"             },              "dummyfield": {                 "type": "long"             },             "label": {                 "type": "string"             },             "responsecode": {                 "type": "integer"             },             "threadname": {                 "type": "string"             },             "success": {                 "type": "boolean"             },             "failuremessage":{                 "type": "string"             },             "bytes": {                 "type": "long"             },             "grpthreads": {                 "type": "long"             },             "allthreads": {                 "type": "long"             },             "latency": {                 "type": "long"             },             "samplecount": {                 "type": "long"             },             "errorcount": {                 "type": "long"             },             "hostname": {                 "type": "string"             }         }     } }

}

now can see, new index created in elasticsearch start logstash config file.

elastic search index list

the newly created index starts aa-* expected.

now, search index in kibana , can see below:

[new index in kibana[2]

however, cannot see data when try plot line chart.

  • things have tried:
    1. deleting index sense , creating again via sense (did not work)
    2. changing timestamp of log file, did not work import successful
    3. tried solution here similar question

also, able visualize dataset, blog post:enter link description here

trace log:

[2016-01-16 02:45:41,105][info ][cluster.metadata ] [hulk 2099] [aa-2016-01-15] deleting index [2016-01-16 02:46:01,370][info ][cluster.metadata ] [hulk 2099] [aa-2016-01-15] creating index, cause [auto(bulk api)], templates [aa], shards 1/[0], mappings [logs] [2016-01-16 02:46:01,451][info ][cluster.metadata ] [hulk 2099] [aa-2016-01-15] update_mapping [logs]

elk stack elasticsearch - 2.1 logstash - 2.1 kibana - 4.3.1.1


Comments

Post a Comment

Popular posts from this blog

get url and add instance to a model with prefilled foreign key :django admin -

Image
i have page in each contest shown in row. each row contains contest id , link other model names have foreign key contest. news model: class news(models.model): title = models.charfield(max_length=50, null=true) description = models.textfield() time = models.timefield( default= datetime.datetime.now().time()) contest = models.foreignkey(contest) i want use admin adding , changing these models. want when user clicks on 'news' has foreign key contest id=1, shows list of news value foreign key. use {% instance in instances %} <tr class="{% cycle 'row1' 'row2' %}"> <td>{{ instance.title }}</td> <td>{{ instance.starttime }}</td> <td>{{ instance.timespan }}</td> <td>{{ instance.date }}</td> <td><a href="/adm
Read more

css - Make div keyboard-scrollable in jQuery Mobile? -

from can tell, although jquery-mobile-powered pages can contain divs overflow set scroll or auto, , these divs can scrolled one-screen bar or mouse wheel, cannot scrolled using arrow keys, page-up/page-down, or home/end. instead, official "page" div (with data-role="page") absorbs input. perhaps other divs can't acquire focus, i'm not sure. is there way around this? edit: jsfiddle of simple example: https://jsfiddle.net/qogz0shx/ <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/jquery.mobile.min.js"> </script> <link rel="stylesheet" href="https://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.css"/> <style> #outer { overflow:scroll; height: 50vh; width: 50vw; } #inner { height: 500vh; width: 500vw; } &l
Read more

ruby on rails - Seeing duplicate requests handled with Unicorn -

recently upgraded our ec2 instances c3.large in order boost more unicorn workers handle increased traffic our site. (6xworkers per machine - 2 ec2 instances). when did this, started seeing duplicate records being created! looks somehow, maybe 2 unicorn workers attempting process same request? in nginx logs see 1 [post] request particular rails controller - yet 2 records being created in database. i'm hitting kind of race condition issue - have no idea how debug this. doesn't happen time, when it's frustrating well. noticed 2 database records within 5 seconds of each other. (and yes disable button when user clicks submit button). unicorn 4.8.2 ruby 1.9.3 rails 3.2.14 any great! thanks! although may not fix problem, upgrade ruby 2.0.0. there blog mentioning idea upgrade ruby 2.0.0 if using unicorn. for example: https://www.digitalocean.com/community/articles/how-to-optimize-unicorn-workers-in-a-ruby-on-rails-app specifically: if using ruby 1.9,
Read more