Elasticsearch 6.3.0 Request TImeout after 300000ms
Adiel Jesus Navarro Rosado
When I started Kibana, only this page appears:
I increase the timeout value but not changed
jesus.g...@wazuh.com
systemctl status elasticsearchcurl elastic_ip:9200curl elastic_ip:9200
ping elastic_ipLast question:
Adiel Jesus Navarro Rosado
Hi Jesus.
Elasticsearch machine is the same as the Kibana and Logstash machine
Send you the output of the commands:
[root@porsdmelk04 ossec]# systemctl status elasticsearch -l
● elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: disabled)
Active: active (running) since jue 2018-09-06 12:15:12 CDT; 12min ago
Docs: http://www.elastic.co
Main PID: 16757 (java)
CGroup: /system.slice/elasticsearch.service
├─16757 /bin/java -Xms1g -Xmx1g -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX:-OmitStackTraceInFastThrow -Dio.netty.noUnsafe=true -Dio.netty.noKeySetOptimization=true -Dio.netty.recycler.maxCapacityPerThread=0 -Dlog4j.shutdownHookEnabled=false -Dlog4j2.disable.jmx=true -Djava.io.tmpdir=/tmp/elasticsearch.fiAYHY5i -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/lib/elasticsearch -XX:ErrorFile=/var/log/elasticsearch/hs_err_pid%p.log -XX:+PrintGCDetails -XX:+PrintGCDateStamps -XX:+PrintTenuringDistribution -XX:+PrintGCApplicationStoppedTime -Xloggc:/var/log/elasticsearch/gc.log -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=32 -XX:GCLogFileSize=64m -Des.path.home=/usr/share/elasticsearch -Des.path.conf=/etc/elasticsearch -Des.distribution.flavor=default -Des.distribution.type=rpm -cp /usr/share/elasticsearch/lib/* org.elasticsearch.bootstrap.Elasticsearch -p /var/run/elasticsearch/elasticsearch.pid --quiet
└─16838 /usr/share/elasticsearch/modules/x-pack/x-pack-ml/platform/linux-x86_64/bin/controller
sep 06 12:15:12 porsdmelk04 systemd[1]: Started Elasticsearch.
sep 06 12:15:12 porsdmelk04 systemd[1]: Starting Elasticsearch...
[root@porsdmelk04 ossec]# curl server_ip:9200
{
"name" : "porsdmelk04",
"cluster_name" : "PORSDMtry4",
"cluster_uuid" : "Cgv-skFeTWugXhX_FuEpCA",
"version" : {
"number" : "6.3.0",
"build_flavor" : "default",
"build_type" : "rpm",
"build_hash" : "424e937",
"build_date" : "2018-06-11T23:38:03.357887Z",
"build_snapshot" : false,
"lucene_version" : "7.3.1",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}
Is Elasticsearch using X-Pack security feature?
NO... we don’t install any X-Pack feature
De: wa...@googlegroups.com [mailto:wa...@googlegroups.com]
En nombre de jesus.g...@wazuh.com
Enviado el: jueves, 06 de septiembre de 2018 11:47 a.m.
Para: Wazuh mailing list
Asunto: [SOCIAL NETWORK] Re: Elasticsearch 6.3.0 Request TImeout after 300000ms
Hi Adiel,
It appears that Elasticsearch is down or that Kibana is not able to communicate properly with Elasticsearch.
Please, check if Elasticsearch is running. SSH into the Elasticsearch machine and execute the next command please:
systemctl status elasticsearch
If it's running, let's do a few more checks described in the next steps.
If your Elasticsearch machine is the same as the Kibana machine
Try to execute a curl command pointing to Elasticsearch.
curl elastic_ip:9200
If your Elasticsearch machine is different from the Kibana machine
Can you ssh into the machine (Kibana machine)? Once you are logged in, please try to ping your Elasticsearch machine
and try to execute a curl pointing to Elasticsearch machine.
curl elastic_ip:9200
ping elastic_ip
Last question:
- Is Elasticsearch using X-Pack security feature?
I hope it helps.
Regards,
Jesús
El jueves, 6 de septiembre de 2018, 18:36:58 (UTC+2), Adiel Jesus Navarro Rosado escribió:
When I started Kibana, only this page appears:
I increase the timeout value but not changed
--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
wazuh+un...@googlegroups.com.
To post to this group, send email to wa...@googlegroups.com.
Visit this group at https://groups.google.com/group/wazuh.
To view this discussion on the web visit
https://groups.google.com/d/msgid/wazuh/85aefe1c-00b8-4b5f-ba26-942f45cac5d7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
jesus.g...@wazuh.com
cat /etc/kibana/kibana.ymlcat /var/log/elasticsearch/elasticsearch.log | grep -E "(ERROR|WARN|CRITICAL|FATAL)"Regards,
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+unsubscribe@googlegroups.com.
Adiel Jesus Navarro Rosado
Is Elasticsearch using X-Pack security feature?
NO... we don’t install any X-Pack feature
De: wa...@googlegroups.com [mailto:wa...@googlegroups.com]
En nombre de jesus.g...@wazuh.com
Enviado el: jueves, 06 de septiembre de 2018 11:47 a.m.
Para: Wazuh mailing list
Asunto: [SOCIAL NETWORK] Re: Elasticsearch 6.3.0 Request TImeout after 300000ms
Hi Adiel,
It appears that Elasticsearch is down or that Kibana is not able to communicate properly with Elasticsearch.
Please, check if Elasticsearch is running. SSH into the Elasticsearch machine and execute the next command please:
systemctl status elasticsearch
If it's running, let's do a few more checks described in the next steps.
If your Elasticsearch machine is the same as the Kibana machine
Try to execute a curl command pointing to Elasticsearch.
curl elastic_ip:9200
If your Elasticsearch machine is different from the Kibana machine
Can you ssh into the machine (Kibana machine)? Once you are logged in, please try to ping your Elasticsearch machine
and try to execute a curl pointing to Elasticsearch machine.
curl elastic_ip:9200
ping elastic_ip
Last question:
- Is Elasticsearch using X-Pack security feature?
I hope it helps.
Regards,
Jesús
El jueves, 6 de septiembre de 2018, 18:36:58 (UTC+2), Adiel Jesus Navarro Rosado escribió:
When I started Kibana, only this page appears:
I increase the timeout value but not changed
--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
jesus.g...@wazuh.com
cat /etc/kibana/kibana.ymlcat /var/log/elasticsearch/elasticsearch.log | grep -E "(ERROR|WARN|CRITICAL|FATAL)"To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+unsubscribe@googlegroups.com.
Adiel Jesus Navarro Rosado
Jesus, I send you the output of the commands.
Waiting for your responses and comments.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To post to this group, send email to
wa...@googlegroups.com.
Visit this group at
https://groups.google.com/group/wazuh.
To view this discussion on the web visit
https://groups.google.com/d/msgid/wazuh/85aefe1c-00b8-4b5f-ba26-942f45cac5d7%40googlegroups.com.
For more options, visit
https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To post to this group, send email to wa...@googlegroups.com.
Visit this group at https://groups.google.com/group/wazuh.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/d90acf88-5b7d-4850-904b-31d1b8afed66%40googlegroups.com.
jesus.g...@wazuh.com
[2018-09-12T09:23:00,539][WARN ][o.e.m.j.JvmGcMonitorService] [porsdmelk05] [gc][23624] overhead, spent [3s] collecting in the last [3.2s]
[2018-09-12T09:23:04,296][ERROR][o.e.x.m.c.n.NodeStatsCollector] [porsdmelk05] collector [node_stats] timed out when collecting data
[2018-09-12T09:23:04,302][WARN ][o.e.m.j.JvmGcMonitorService] [porsdmelk05] [gc][23625] overhead, spent [3.6s] collecting in the last [3.7s]To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+unsubscribe@googlegroups.com.
To post to this group, send email to wa...@googlegroups.com.
Visit this group at https://groups.google.com/group/wazuh.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/85aefe1c-00b8-4b5f-ba26-942f45cac5d7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+unsubscribe@googlegroups.com.