January 10, 2015

Kibana, ElasticSearch, logstash issue

*** UPDATE-Jan 23, 2018 *** THIS INFO IS OUTDATED.
Please see the version info, date and links on any of my posting.  If it's too old, don't follow the direction.



Kibana is ElasticSearch's logs and time-stamped data visualization tool.

For development environment, I have installed XAMPP on Win7.  I tried Kibana 3.1.2 uner XAMPP's Apache, but somehow it didn't work -- just a blank page.  I switched to Kibana 4 beta 3 (standalone).

Environment: Win7 64bit, Java 1.8.0_25-b18 64bit, ElasticSearch 1.4.2, Kibana 4 beta 3, logstash 1.4.2.

Installing Kibana 4 beta 3 is straight forward, just uncompress it and run .bat file.  But Kibana shows this error message (http://localhost:5601) - Kibana: This version of Kibana requires Elasticsearch 1.4.0 or higher on all nodes. I found the following incompatible nodes in your cluster :


After some googling, found this:
https://github.com/elasticsearch/kibana/issues/1629

In summary:
You have a logstash that uses ES version 1.1.1, and it reports as a node via node status of ES API, and therefore Kibana gives this error message.

Check your nodes, http://localhost:9200/_nodes -- it'll show logstash and ES version 1.1.1.

Shut down the node (using ES Head plugin, or issue this command), and refresh Kibana page.  It doesn't give the error message any more:






To use logstash, get ES (1.4 or later) jar file, and replace it in logstash -- Sidr found this workaround:
  1. Stop logstash.
  2. Get ElasticSearch zip, http://www.elasticsearch.org/overview/elkdownloads/
  3. Uncompress it and put it in <logstash home>\vendor\jar\ directory.
  4. Remove elasticsearch-1.1.1 directory from logstash.  
  5. Start logstash.
 After step #3, it should look like this:


And Kibana can be configured as a Windows service using nssm:



Now all seems to be good:



2 comments:

  1. You could have avoided all of that by just changing the elasticsearch output block in your Logstash configuration file to use protocol => "http". In that way, Logstash never starts up the Elasticsearch node (with the improper version) at all.

    ReplyDelete
  2. @Aaron Mildenstein Thanks. That was one of the proposed temporary solutions in this page also. https://github.com/elasticsearch/kibana/issues/1629

    ReplyDelete