winlogbeat(v8.3.1) 파이프라인에 geoip processor를 추가했는데 지리 정보를 가져오지 못한다.
[2022-08-08T18:24:51,972][ERROR][o.e.i.g.GeoIpDownloader ] [MHKANG] exception during geoip databases updateorg.elasticsearch.ElasticsearchException: not all primary shards of [.geoip_databases] index are active at org.elasticsearch.ingest.geoip.GeoIpDownloader.updateDatabases(GeoIpDownloader.java:134) ~[ingest-geoip-8.3.1.jar:8.3.1] at org.elasticsearch.ingest.geoip.GeoIpDownloader.runDownloader(GeoIpDownloader.java:274) [ingest-geoip-8.3.1.jar:8.3.1] at org.elasticsearch.ingest.geoip.GeoIpDownloaderTaskExecutor.nodeOperation(GeoIpDownloaderTaskExecutor.java:102) [ingest-geoip-8.3.1.jar:8.3.1] at org.elasticsearch.ingest.geoip.GeoIpDownloaderTaskExecutor.nodeOperation(GeoIpDownloaderTaskExecutor.java:48) [ingest-geoip-8.3.1.jar:8.3.1] at org.elasticsearch.persistent.NodePersistentTasksExecutor$1.doRun(NodePersistentTasksExecutor.java:42) [elasticsearch-8.3.1.jar:?] at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:769) [elasticsearch-8.3.1.jar:?] at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:26) [elasticsearch-8.3.1.jar:?] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) [?:?] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) [?:?] at java.lang.Thread.run(Thread.java:833) [?:?][2022-08-08T18:24:52,083][WARN ][o.e.i.g.GeoIpDownloader ] [MHKANG] could not delete old chunks for geoip database [GeoLite2-Country.mmdb]기존 데이터베이스를 지우기 위해 geoip 관리 설정 변경.
PUT _cluster/settings{ "persistent": { "ingest.geoip.downloader.enabled": false }}엘라스틱 재시작 후 다운로드 활성화.
PUT _cluster/settings{ "persistent": { "ingest.geoip.downloader.enabled": true }}[2022-08-08T18:38:41,539][INFO ][o.e.c.s.ClusterSettings ] [MHKANG] updating [ingest.geoip.downloader.enabled] from [false] to [true][2022-08-08T18:38:43,450][INFO ][o.e.c.m.MetadataCreateIndexService] [MHKANG] [.geoip_databases] creating index, cause [auto(bulk api)], templates [], shards [1]/[0][2022-08-08T18:38:44,105][INFO ][o.e.i.g.GeoIpDownloader ] [MHKANG] successfully downloaded geoip database [GeoLite2-ASN.mmdb][2022-08-08T18:38:44,333][INFO ][o.e.i.g.DatabaseNodeService] [MHKANG] successfully loaded geoip database file [GeoLite2-ASN.mmdb][2022-08-08T18:38:54,483][INFO ][o.e.i.g.GeoIpDownloader ] [MHKANG] successfully downloaded geoip database [GeoLite2-City.mmdb][2022-08-08T18:38:55,318][INFO ][o.e.i.g.DatabaseNodeService] [MHKANG] successfully loaded geoip database file [GeoLite2-City.mmdb][2022-08-08T18:38:56,193][INFO ][o.e.i.g.GeoIpDownloader ] [MHKANG] successfully downloaded geoip database [GeoLite2-Country.mmdb][2022-08-08T18:38:56,290][INFO ][o.e.i.g.DatabaseNodeService] [MHKANG] successfully loaded geoip database file [GeoLite2-Country.mmdb]이제 잘 가져온다.
관련 글
댓글 없음:
댓글 쓰기