Kibana Notes: Difference between revisions

From Federal Burro of Information
Jump to navigationJump to search
No edit summary
Line 18: Line 18:
  curl -X GET -s http://${HOST}:9200/.kibana/_settings | python3 -m json.tool
  curl -X GET -s http://${HOST}:9200/.kibana/_settings | python3 -m json.tool


== Disk full -> readonly lock ==
==Also See ==


If the disk fills up the kibana index ( .kibana ) will got into "read-only" mode.
* [[Elasicsearch Notes]]
 
reset it like this:
 
<pre>
curl -X PUT http://${HOST}:9200/.kibana/_settings -d '
{
"index": {
"blocks": {
"read_only_allow_delete": "false"
}
}
}' -H'Content-Type: application/json'
</pre>
 
and you will get back if it worked:
 
{"acknowledged":true}

Revision as of 20:47, 24 April 2019

ES on AWS

Comes wth kibnana.

send some app logs from app to firehose, then to es.

as it lands in ES the time field is "time" rather than say @timetamp , or @time.

this is important with you want to do timelion stuff.

You will need to change a config , Management - Advanced Settings:

set : timelion:es.timefield to "time" ( not @time ).

Dump settings

curl -X GET -s http://${HOST}:9200/.kibana/_settings | python3 -m json.tool

Also See

Retrieved from "https://wiki.quadratic.net/index.php?title=Kibana_Notes&oldid=4324"