Elasticsearch cluster unhealthy (RED) (triggered a year ago)

SergP · May 31, 2018, 7:35am

I am using the Graylog 2.4.5+8e18e6a on srv-syslog (Oracle Corporation 1.8.0_171 on Linux 3.10.0-862.3.2.el7.x86_64).

# curl -XGET http://localhost:9200/_cluster/health?pretty
{
  "cluster_name" : "graylog2",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 1,
  "number_of_data_nodes" : 1,
  "active_primary_shards" : 12,
  "active_shards" : 12,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

# curl -XGET http://localhost:9200/_cat/shards
graylog2_39 2 p STARTED 499431   166mb 127.0.0.1 Larry Bodine
graylog2_39 1 p STARTED 499428 166.2mb 127.0.0.1 Larry Bodine
graylog2_39 3 p STARTED 501379 166.4mb 127.0.0.1 Larry Bodine
graylog2_39 0 p STARTED 499782 166.4mb 127.0.0.1 Larry Bodine
graylog2_41 2 p STARTED 219523  69.5mb 127.0.0.1 Larry Bodine
graylog2_41 1 p STARTED 219553  69.6mb 127.0.0.1 Larry Bodine
graylog2_41 3 p STARTED 219303    71mb 127.0.0.1 Larry Bodine
graylog2_41 0 p STARTED 219113  69.3mb 127.0.0.1 Larry Bodine
graylog2_40 2 p STARTED 500417 153.4mb 127.0.0.1 Larry Bodine
graylog2_40 1 p STARTED 500206 153.1mb 127.0.0.1 Larry Bodine
graylog2_40 3 p STARTED 500506   153mb 127.0.0.1 Larry Bodine
graylog2_40 0 p STARTED 499053 152.8mb 127.0.0.1 Larry Bodine

# curl -XGET http://localhost:9200
{
  "name" : "Larry Bodine",
  "cluster_name" : "graylog2",
  "cluster_uuid" : "TcSg5UwGQtKjTtImCTQZng",
  "version" : {
    "number" : "2.4.6",
    "build_hash" : "5376dca9f70f3abef96a77f4bb22720ace8240fd",
    "build_timestamp" : "2017-07-18T12:17:44Z",
    "build_snapshot" : false,
    "lucene_version" : "5.5.4"
  },
  "tagline" : "You Know, for Search"
}

In webinterface (Graylog/System/Overview) i have a massage:
Elasticsearch cluster unhealthy (RED) (triggered a year ago)
The Elasticsearch cluster state is RED which means shards are unassigned. This usually indicates a crashed and corrupt cluster and needs to be investigated. Graylog will write into the local disk journal.

What do I need to do to clear the warning?

jochen · May 31, 2018, 11:34am

“Triggered a year ago”.

You can click on the ‘X’ in the upper right corner of the notification to clear it.

SergP · June 1, 2018, 6:49am

Thank you so much. I understand that the indexes are in working order, but I could not cope with the warning.

system · June 15, 2018, 6:49am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Graylog running but elasticsearch cluster health is red Graylog Central (peer support)	4	2936	March 1, 2018
Graylog elasticsearch health red, how to fix? Graylog Central (peer support)	3	3425	May 24, 2021
Elasticsearch cluster unhealthy (RED) - Shards unassigned Graylog Central (peer support)	8	6672	July 31, 2017
Graylog elasticsearch health red and a lot unassigned shards Graylog Central (peer support) elastic	24	1285	July 28, 2023
Elasticsearch service is running but the Cluster is Red on the Web interface Graylog Central (peer support)	22	16205	November 17, 2017

Elasticsearch cluster unhealthy (RED) (triggered a year ago)

Related topics