elastic-stack

问题 How Log stash is different than Kafka? and if both are same which is better? and How? I found both are the pipelines where one can push the data for further processing. 回答1: Kafka is much more powerful than Logstash. For syncing data from such as PostgreSQL to ElasticSearch, Kafka connectors could do the similar work with Logstash. One key difference is: Kafka is a cluster, while Logstash is basically single instance. You could run multiple Logstash instances. But these Logstash instances are

问题 How Log stash is different than Kafka? and if both are same which is better? and How? I found both are the pipelines where one can push the data for further processing. 回答1: Kafka is much more powerful than Logstash. For syncing data from such as PostgreSQL to ElasticSearch, Kafka connectors could do the similar work with Logstash. One key difference is: Kafka is a cluster, while Logstash is basically single instance. You could run multiple Logstash instances. But these Logstash instances are

问题 I'm trying to use the docker's image elk-docker (https://elk-docker.readthedocs.io/) , using Docker Compose. The .yml file, is like this: elk: image: sebp/elk ports: - "5601:5601" - "9200:9200" - "5044:5044" When I run the command: sudo docker-compose up, the console shows: * Starting Elasticsearch Server sysctl: setting key "vm.max_map_count": Read-only file system ...fail! waiting for Elasticsearch to be up (1/30) waiting for Elasticsearch to be up (2/30) waiting for Elasticsearch to be up

问题 I'm trying to use the docker's image elk-docker (https://elk-docker.readthedocs.io/) , using Docker Compose. The .yml file, is like this: elk: image: sebp/elk ports: - "5601:5601" - "9200:9200" - "5044:5044" When I run the command: sudo docker-compose up, the console shows: * Starting Elasticsearch Server sysctl: setting key "vm.max_map_count": Read-only file system ...fail! waiting for Elasticsearch to be up (1/30) waiting for Elasticsearch to be up (2/30) waiting for Elasticsearch to be up

问题 I have time-based indices(log-nginx-2021.01.28) from 26th December 2020 to jan 28th January 2021 each index size is around 4.5 mb and these indices have 3 primary and 1 replica shard total 6 shards so my question is the index size 4.5 mb including replica also? 回答1: you can use the _cat/indices?v API, which prints the total index size and total size of primary shards. if you can provide the output of Above API which shows your index in question, we can confirm its a total index size or size

问题 set it up like below wget https://artifacts.elastic.co/downloads/logstash/logstash-6.6.2.deb sudo dpkg -i logstash-6.6.2.deb sudo systemctl enable logstash.service sudo systemctl start logstash.service and i added a pipeline script like below input { file { path => "/root/dev/Intuseer-PaaS/backend/airound_sv_logs.log" start_position => "beginning" } } output { stdout {} file { path => "/root/dev/output/output-%{+YYYY-MM-dd}.log" } } the log file likes below timestamp, server_cpu, server

问题 set it up like below wget https://artifacts.elastic.co/downloads/logstash/logstash-6.6.2.deb sudo dpkg -i logstash-6.6.2.deb sudo systemctl enable logstash.service sudo systemctl start logstash.service and i added a pipeline script like below input { file { path => "/root/dev/Intuseer-PaaS/backend/airound_sv_logs.log" start_position => "beginning" } } output { stdout {} file { path => "/root/dev/output/output-%{+YYYY-MM-dd}.log" } } the log file likes below timestamp, server_cpu, server

问题 Passing AcqClient and NcClient to the same interface //AcqClient and NcClient are static ReadOnly Variables public static void Connection(){ AcqClient = new ElasticClient(AcqConnection); NcClient= new ElasticClient(NcConnection); Creating Singleton Object services.AddSingleton<IElasticClient>(AcqClient); services.AddSingleton<IElasticClient>(NcClient); } Implementing in Startup.cs service.Connection(configuration) On my controller class when i am doing this i am getting the last one object

问题 Passing AcqClient and NcClient to the same interface //AcqClient and NcClient are static ReadOnly Variables public static void Connection(){ AcqClient = new ElasticClient(AcqConnection); NcClient= new ElasticClient(NcConnection); Creating Singleton Object services.AddSingleton<IElasticClient>(AcqClient); services.AddSingleton<IElasticClient>(NcClient); } Implementing in Startup.cs service.Connection(configuration) On my controller class when i am doing this i am getting the last one object

问题 I have a question about facets and doing some filtering based on facets. i know this is a repeated question but i am unable find the answer. i would like to know how can i implement the same functionality in elastic search. lets asume that I have an index about cars and some facets -- eg. model and color. color [ ] red (10) [ ] blue (5) [ ] green (2) model [ ] bmw (4) [ ] vw (5) [ ] ford (8) if I select a model I would like to get only color facets for that model, but I still would like to