I keep getting this error when I start Elasticsearch
What could be the problem?
This is the error am also getting on the web interface
This is the graylog server.conf file
Hi @richardkeep,
Please can you provide your Elasticsearch configuration (/etc/elasticsearch/elasticsearch.yml)
Please can you also check your Elasticsearch log file for the reason Elasticsearch is failing (/var/log/elasticsearch/graylog.log)
@Ponet View the elasticsearch configuration and graylog.log here https://gist.github.com/richardkeep/442356e92cb04c00172a15400c3e6ba6
Did you install the elasticsearch or elasticsearch-oss package?
From that log file, Iβm thinking you installed elasticsearch ?
@Ponet I installed the elasticsearch. Do I need to install the elasticsearch-oss package and uninstall the elasticsearch?
Yes, you want to use elasticsearch-oss over elasticsearch for Graylog.
@Ponet Thanks. Please hang in there for a sec as Installed it.
Finished installing elasticsearch-oss. The problem still persists. The elasticsearch service runs for a few seconds then stops with this error
If you donβt mind, can you assist me via Teamviewer?
Did you remove the elasticsearch package?
sudo apt purge -y elasticsearch
Once again, check the elasticsearch log file for the reason the service is failing.
@Ponet The error message has changed
Please document the steps you took to replace elasticsearch with elasticsearch-oss.
Without knowing what you actually did, itβs hard to troubleshoot.
Looks like the elasticsearch binary might not be present anymore.
Did you remove elasticsearch AFTER installing elasticsearch-oss ?
yes, removed the elasticsearch after installing elasticsearch-oss.
I did
sudo apt install elasticsearch-oss
sudo apt remove elasticsearch
and then
sudo apt purge elasticsearch -y
I have messed, right? 
I think what happened there is when you did the purge of the elasticsearch package, it removed the elasticsearch-oss files as both packages use the same file paths.
Just reinstall elasticsearch-oss and you /should/ be good.
Just tried to run sudo apt install elasticsearch-oss and it says elasticsearch-oss is already the newest version (6.8.6).
Use the --reinstall flag.
sudo apt install --reinstall elasticsearch-oss
I have reinstalled and run sudo systemctl restart elasticsearch. It runs and fails immediately
According to the error log https://pastebin.com/K8VWthQX it says fails to bind to the port 9000. (The one I assigned graylog at server.conf)
Am I supposed to use a different port for Elasticsearch?
Elasticsearch binds to TCP/9200 and TCP/9300 by default.
Graylog listens on TCP/9000.
I think you should read through the installation documentation again:
https://docs.graylog.org/en/latest/pages/installation/os/ubuntu.html
Hi @konrad can you assist me?