date:20150331

Re: Very regular disconnect and recover - every 2 hours

2015-03-31 Thread Mark Walkom

You can try winding out the timeouts, see
http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-discovery-zen.html#fault-detection

On 31 March 2015 at 16:57, Neil Andrassy neil.andra...@thefilter.com
wrote:

It's probably something like that, but it only seems to be a problem with
the more up to date version of ES. I'm keen to work out if there's a
configuration option I can tweak in 1.4.4 to make ES more robust in this
scenario or whether there's an issue around recovering dropped TCP
connections between nodes in more recent versions.

On Tuesday, 31 March 2015 03:33:18 UTC+1, Mark Walkom wrote:

It's not the VPN reconnecting is it?

On 31 March 2015 at 01:32, Neil Andrassy neil.a...@thefilter.com wrote:

Hi,

I have two independent clusters running across more or less the same
machines. They're split across a pretty high bandwidth and relatively low
latency VPN link. One cluster is running v1.0.1 and seems to stay up all
the time. The other cluster is currently running 1.4.4 (and was running
1.4.2 before that) and seems to disconnect like clockwork every two hours.
The disconnect of the nodes on one side of the link is brief, they rejoin
and the recovery proceeds as normal. Any ideas what might cause this? Could
it be data related? The newer cluster has more indexes shards than the
old, but the co-ordinators (3 of / min master count 2) don't seem
particularly stressed. Any thoughts on what, specifically to look for or
whether any particular setting or code change might make the cluster more
susceptible to disconnect when there's a minor / brief network connectivity
blip?

(and yes, I know multi-site isn't a recommended configuration - there
are other challenges for us with the tribe node approach too, though :( )

Thanks in advance for any ideas or insight.

--
You received this message because you are subscribed to the Google
Groups elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send
an email to elasticsearc...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/elasticsearch/b00b8bda-9238-47e8-b0f2-3d4d6751b3c2%
40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/b00b8bda-9238-47e8-b0f2-3d4d6751b3c2%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/793f13a8-9ca8-4d86-b194-47b4e9cd5125%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/793f13a8-9ca8-4d86-b194-47b4e9cd5125%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X_fbZXbP_iY4ZpJODXPmumh15CntRT6S4HaJdrvqv593A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: mlockall

2015-03-31 Thread Cheten Dev

Hi,

here is the info

Distributor ID: Ubuntu
Description:Ubuntu 14.04.1 LTS
Release:14.04
Codename: trusty

I have tried to set mlockall = true on two server . i am able to
successfully do it on one
but not able to do it on other server

On Tue, Mar 31, 2015 at 11:56 AM, Mark Walkom markwal...@gmail.com wrote:

Which linux?

On 31 March 2015 at 16:16, Cheten Dev cheten@carwale.com wrote:

Hi,

I am on linux server with elasticsearch 1.5.0

On Tue, Mar 31, 2015 at 8:07 AM, Mark Walkom markwal...@gmail.com
wrote:

A bit more info would be useful.

What version of ES, what OS?

On 30 March 2015 at 22:24, Chetan Dev cheten@carwale.com wrote:

Hi,

i have tried everything written on the document to set mlackall = true
but
nothing seems working here

what am i missing here ?

Thanks

--
You received this message because you are subscribed to the Google
Groups elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send
an email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/5748d9fb-120a-4521-8caa-62b780ea0594%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/5748d9fb-120a-4521-8caa-62b780ea0594%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to a topic in the
Google Groups elasticsearch group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/R41hW2QaL0w/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-92m9Qw4j4T8gwUV6%2BumkvbAOENTTsiupMurpGf8NZSw%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-92m9Qw4j4T8gwUV6%2BumkvbAOENTTsiupMurpGf8NZSw%40mail.gmail.com?utm_medium=emailutm_source=footer
.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAG_NmL9T4dZeHUYpN0_5gwbfppL7%2BOJyNc6t3SQUpSe9N5oN2Q%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CAG_NmL9T4dZeHUYpN0_5gwbfppL7%2BOJyNc6t3SQUpSe9N5oN2Q%40mail.gmail.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to a topic in the
Google Groups elasticsearch group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/R41hW2QaL0w/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X_5X8ubgUVPd6ZV%2Bh_EP1m72Noht4DOvMCysUieWrQp9Q%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X_5X8ubgUVPd6ZV%2Bh_EP1m72Noht4DOvMCysUieWrQp9Q%40mail.gmail.com?utm_medium=emailutm_source=footer
.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAG_NmL-ADaAv%2BUx76DUVmVc7q0CJrT%2BV5VOJnUCYtfa-7CcW2w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: What is the best configuration to run on linux VPS server without crashing?

2015-03-31 Thread quydo x

Hi Mark,

Our server have 7.5GB RAM, 4vCPUs (in Amazon EC2), our data about 50
thousand records (about 50MB)

I think ElasticSearch (ES) server handle 10 connections at the same time
(per second)

I have assign 2GB RAM for HEAP_SIZE, our server will run normally for a
while about 5 minutes and after that, the ES server don't respond anymore
connection - It seems ElasticSearch Service dead.

Could you tell me the best configuration?

Vào 22:29:36 UTC+7 Thứ Sáu, ngày 20 tháng 3 năm 2015, Mark Walkom đã viết:

By the looks of things, you should look for a new provider as they are
doing some things on the underlying hypervisor restricting ES from locking
memory access.

However your heap size is very small, how much data is in your cluster.

On 20 March 2015 at 07:13, Yashin Soraballee yashin.s...@gmail.co Mam
javascript: wrote:

Hello guys,
I am trying to run elasticsearch on a VPS server running CentOS with 4GB
of RAM. It starts successfully but with the following errors and warning
message below.

# sudo service elasticsearch start
error: permission denied on key 'vm.max_map_count'
Starting elasticsearch: [ OK ]
root@vps15042 [~]# log4j:WARN No appenders could be found for logger
(common)
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for
morefo.

As you can notice, there is no permission to set the vm.max_map_count
setting on this VPS server ( even with root access ). So the only way to
get rid of the message is by commenting the max_map_count setting out.

It then runs for a maximum of 4 hours and then tell me Elastic service
dead but pid still exists. It is most probably running out of memory and
getting killed. The following is a log report as such :

Mar 18 22:37:51 ecvp156s kernel: [3712702.735583] 22234 (java) invoked
oom-killer in ub 15042 generation 0 gfp 0x200d2
Mar 18 22:37:51 ecvp156s kernel: [3712702.736531] UB-15042-Mem-Info:
Mar 18 22:37:51 ecvp156s kernel: [3712702.756570] Out of memory in UB
15042: OOM killed process 22232 (java) score 0 vm:7815680kB, rss:3786544kB,
swap:0kB
Mar 18 22:37:52 ecvp156s kernel: [3712703.677851] oom-killer in ub 15042
generation 0 ends: task died
Mar 18 22:38:21 ecvp156s kernel: [3712732.546844] 25904 (java) invoked
oom-killer in ub 15042 generation 1 gfp 0x200d2
Mar 18 22:38:21 ecvp156s kernel: [3712732.547766] UB-15042-Mem-Info:
Mar 18 22:38:21 ecvp156s kernel: [3712732.567524] Out of memory in UB
15042: OOM killed process 25901 (java) score 0 vm:7815680kB, rss:3781624kB,
swap:0kB
Mar 18 22:38:22 ecvp156s kernel: [3712733.475601] oom-killer in ub 15042
generation 1 ends: task died
Mar 19 00:24:42 ecvp156s kernel: [3719119.150426] UB-9340-Mem-Info:

My host provider is telling me to increase the amount of RAM. However I
am running ES on a windows surface pro tablet with 4GB of RAM and core i3,
and I am getting absolutely no issues with not a so powerful machine. Can I
change some configurations to make it work perfectly? I've already tried
the following and other combinations, but nothing keeps it running for long
:

/etc/security/limits.conf
elasticsearch hard memlock 30

/etc/sysconfig/elasticsearch
ES_HEAP_SIZE 1g
MAX_LOCKED_MEMORY to 30

/etc/elasticsearch/elasticsearch.yml
index.number_of_shards: 1
index.number_of_replicas: 0
index.term_index_interval: 256
index.term_index_divisor: 5

bootstrap.mlockall: true

Thank you for your time. I am stuck with this and I'll have to change
server if I cannot resolve it.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearc...@googlegroups.com javascript:.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/73d39af1-9254-4bce-9590-789554db90fb%40googlegroups.com

https://groups.google.com/d/msgid/elasticsearch/73d39af1-9254-4bce-9590-789554db90fb%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/46f892d9-1c9f-495f-87ce-c90a49b241c9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: mlockall

2015-03-31 Thread Mark Walkom

Which linux?

On 31 March 2015 at 16:16, Cheten Dev cheten@carwale.com wrote:

Hi,

I am on linux server with elasticsearch 1.5.0

On Tue, Mar 31, 2015 at 8:07 AM, Mark Walkom markwal...@gmail.com wrote:

A bit more info would be useful.

What version of ES, what OS?

On 30 March 2015 at 22:24, Chetan Dev cheten@carwale.com wrote:

Hi,

i have tried everything written on the document to set mlackall = true
but
nothing seems working here

what am i missing here ?

Thanks

--
You received this message because you are subscribed to the Google
Groups elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send
an email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/5748d9fb-120a-4521-8caa-62b780ea0594%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/5748d9fb-120a-4521-8caa-62b780ea0594%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAG_NmL9T4dZeHUYpN0_5gwbfppL7%2BOJyNc6t3SQUpSe9N5oN2Q%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CAG_NmL9T4dZeHUYpN0_5gwbfppL7%2BOJyNc6t3SQUpSe9N5oN2Q%40mail.gmail.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X_5X8ubgUVPd6ZV%2Bh_EP1m72Noht4DOvMCysUieWrQp9Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Elastic Search - How to delete old records and improve performance

2015-03-31 Thread AALISHE

Hi Mark,

thanks for taking the time to reply 

1- yes I believe all the data is in one index .. I had attached the 
index_status output ... and a screenshot for the head_plugin output
2- I am considering the upgrade to latest version .. but would that impose 
a risk (if any)?


thanks again
cheers!

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/d5529d52-0a21-402a-8265-78da41b2b05f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
{

index: {
primary_size: 56.6gb
primary_size_in_bytes: 60849552973
size: 113.3gb
size_in_bytes: 121703182315
}
translog: {
operations: 0
}
docs: {
num_docs: 35606359
max_doc: 35640403
deleted_docs: 34044
}
merges: {
current: 0
current_docs: 0
current_size: 0b
current_size_in_bytes: 0
total: 0
total_time: 0s
total_time_in_millis: 0
total_docs: 0
total_size: 0b
total_size_in_bytes: 0
}
refresh: {
total: 212728
total_time: 45.6m
total_time_in_millis: 2737970
}
flush: {
total: 35680
total_time: 2.6m
total_time_in_millis: 156884
}
shards: {
0: [
{
routing: {
state: STARTED
primary: true
node: CvAQ3xeNRm-GuIzTkps_3A
relocating_node: null
shard: 0
index: dw_20130416
}
state: STARTED
index: {
size: 11.5gb
size_in_bytes: 12431838486
}
translog: {
id: 1366132941614
operations: 0
}
docs: {
num_docs: 7348576
max_doc: 7352282
deleted_docs: 3706
}
merges: {
current: 0
current_docs: 0
current_size: 0b
current_size_in_bytes: 0
total: 0
total_time: 0s
total_time_in_millis: 0
total_docs: 0
total_size: 0b
total_size_in_bytes: 0
}
refresh: {
total: 21265
total_time: 4.8m
total_time_in_millis: 288507
}
flush: {
total: 3568
total_time: 15.9s
total_time_in_millis: 15919
}
}
{
routing: {
state: STARTED
primary: false
node: sAz51CSkSfeiDeo1CYoMyw
relocating_node: null
shard: 0
index: dw_20130416
}
state: STARTED
index: {
size: 11.5gb
size_in_bytes: 12432400616
}
translog: {
id: 1366132941616
operations: 0
}
docs: {
num_docs: 7348576
max_doc: 7352094
deleted_docs: 3518
}
merges: {
current: 0
current_docs: 0
current_size: 0b
current_size_in_bytes: 0
total: 0
total_time: 0s
total_time_in_millis: 0
total_docs: 0
total_size: 0b
total_size_in_bytes: 0
}
refresh: {
total: 21282
total_time: 4.3m
total_time_in_millis: 262458
}
flush: {
total: 3568
total_time: 15.3s
total_time_in_millis: 15345
}
}
]
1: [
{
routing: {
state: STARTED
primary: true
node: CvAQ3xeNRm-GuIzTkps_3A
relocating_node: null
shard: 1
index: dw_20130416
}
state: STARTED
index: {
size: 11.5gb
size_in_bytes: 12453837813
}
translog: {
id:

Re: I want to load dashboard developed by another developer in kibana4 in my system using separate elasticsearch.It is possible in kibana 3 by using json file.is it possible in kibana 4?

2015-03-31 Thread Mark Walkom

This is currently not possible, but it's being worked on. See
https://github.com/elastic/kibana/issues/2310, it might also have something
to help in the meantime.

On 31 March 2015 at 16:09, Priya G g.shanmugapriy...@gmail.com wrote:

I want to load dashboard developed by another developer in kibana4 in my
system .

*For example*: I am using separate elastic search,kibana in my system and
another developer also using seperate elastic search,kibana in his system.I
want to view his kibana 4 dashboard using different data of my elastic
search.
In kibana 3 it is possible by loading json file . But in kibana 4 is it
possible?Can anyone tell me?how to do?

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/71045947-d47f-43e6-8d7f-fe6e3ae74efc%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/71045947-d47f-43e6-8d7f-fe6e3ae74efc%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X_oFv%2BbdbcPLT5Rfdus9aXUnAdnUnJs7oFgjr5mY9Uk8A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Security Suggestion In Elasticsearch

2015-03-31 Thread Shohedul Hasan

Hi, 
I am trying to deploy my ES server in Digital ocean. But Digital ocean  had 
some hacker attack as i didn't add any security to ES, So they blocked my 
droplet and gave me warning. So i tried to find out how can i secure my ES 
server. I have found out that Shield , using proxy or some other ways can 
be  solution. But i am confused.  What is the best option (to secure ES) i 
have right now. 

1) I have one ES server (i may add more in future)
2) One server that run the java code. From this server i do all ES 
operation.
3) There are some more servers like postgresql, gearman but i think these 
are not relevant here.

Thanks in advance.

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Timestamps stored as seconds since Unix epoch

2015-03-31 Thread Mark Walkom

Though support may be coming -
https://github.com/elastic/elasticsearch/issues/10072

On 30 March 2015 at 09:16, Jean Marc Saffroy j...@scality.com wrote:

I thought I might have missed something, and it surprises me that the Unix
epoch isn't supported!

Well, I guess I'll have to work around that. Thanks!

On Sun, Mar 29, 2015 at 10:21 PM, Mark Walkom markwal...@gmail.com
wrote:

Unix epoch isn't a supported format. Take a look at
http://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-date-format.html

On 30 March 2015 at 02:12, Jean Marc Saffroy j...@scality.com wrote:

Here is a curl recreation, hopefully that will be clearer:
http://pastebin.com/DUhbpgze

On Sun, Mar 29, 2015 at 4:18 PM, Jean Marc Saffroy j...@scality.com
wrote:

Of course I left a typo in my email: I do use the same field name
across mapping def, docs and queries, and it does not work.

On Sun, Mar 29, 2015 at 4:17 PM, Jean Marc Saffroy j...@scality.com
wrote:

Hi all,

Not sure what I'm doing wrong, but I couldn't find a way to store my
docs with timestamps as seconds since the Unix epoch and query them
properly. I have my date/time field mapped like this:

start_time:{type: date },

I store documents like this:

{ start_time: 1427631731, ... }

And get no result when I do a range query like this:

query: {
range: { @timestamp: { gte: 2015-03-29 }}
}

I have good results when I store timestamps as strings in ISO format.

Is that supposed to work? Is there a specific date parser I should use?

--
You received this message because you are subscribed to the Google
Groups elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send
an email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CALZqptb5xZNgok4hiszEF9JP_KRuk6y%3DwdqfbjR0xxBesK4dBA%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CALZqptb5xZNgok4hiszEF9JP_KRuk6y%3DwdqfbjR0xxBesK4dBA%40mail.gmail.com?utm_medium=emailutm_source=footer
.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-v%3DM6ZVK1p%3Desb40QU_Va5beBpCVusGpKeoDpcht9c2Q%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-v%3DM6ZVK1p%3Desb40QU_Va5beBpCVusGpKeoDpcht9c2Q%40mail.gmail.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CALZqptbGPcQDxUaFHfRfttdGyzFKVUogZEenj3nAPxOJYWitCw%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CALZqptbGPcQDxUaFHfRfttdGyzFKVUogZEenj3nAPxOJYWitCw%40mail.gmail.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X882n7C8-C5T8DQOgqf36PG%3D6ZaJaQ6%3DxWFGVEOVmK%3DvQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ANN] Elasticsearch Twitter River plugin 2.5.0 released

2015-03-31 Thread Elasticsearch Team

Heya,


We are pleased to announce the release of the Elasticsearch Twitter River 
plugin, version 2.5.0.

The Twitter river indexes the public twitter stream, aka the hose, and makes it 
searchable.

https://github.com/elastic/elasticsearch-river-twitter/

Release Notes - elasticsearch-river-twitter - Version 2.5.0


Fix:
 * [82] - Potential NPE when closing a river 
(https://github.com/elastic/elasticsearch-river-twitter/issues/82)

Update:
 * [102] - Update Twitter4J to 4.0.3 
(https://github.com/elastic/elasticsearch-river-twitter/issues/102)
 * [101] - Update to elasticsearch 1.5.0 
(https://github.com/elastic/elasticsearch-river-twitter/issues/101)




Issues, Pull requests, Feature requests are warmly welcome on 
elasticsearch-river-twitter project repository: 
https://github.com/elastic/elasticsearch-river-twitter/
For questions or comments around this plugin, feel free to use elasticsearch 
mailing list: https://groups.google.com/forum/#!forum/elasticsearch

Enjoy,

-The Elasticsearch team

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/551a4b0b.884bb40a.1c6f.ac31SMTPIN_ADDED_MISSING%40gmr-mx.google.com.
For more options, visit https://groups.google.com/d/optout.

Re: Security Suggestion In Elasticsearch

2015-03-31 Thread joergpra...@gmail.com

The rule is not new. Do not expose Elasticsearch to the public internet,
just like Postgresql and Gearman.

Jörg

On Tue, Mar 31, 2015 at 8:45 AM, Shohedul Hasan sha...@qianalysis.com
wrote:

Hi,
I am trying to deploy my ES server in Digital ocean. But Digital ocean
had some hacker attack as i didn't add any security to ES, So they blocked
my droplet and gave me warning. So i tried to find out how can i secure my
ES server. I have found out that Shield , using proxy or some other ways
can be solution. But i am confused. What is the best option (to secure
ES) i have right now.

1) I have one ES server (i may add more in future)
2) One server that run the java code. From this server i do all ES
operation.
3) There are some more servers like postgresql, gearman but i think these
are not relevant here.

Thanks in advance.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAKdsXoFZZbQ9x6MkdUC-TkCUHpfSh3Sieh1Rk_PE9YuwwSQvuw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Security Suggestion In Elasticsearch

2015-03-31 Thread Mark Walkom

Shield would be the best.
But you can also use iptables and nginx to secure and proxy things.

On 31 March 2015 at 17:45, Shohedul Hasan sha...@qianalysis.com wrote:

Thanks in advance.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/4aa2f9f8-b4b7-4ce3-8ff3-66c3304d64a5%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-Z6qH%2Bmh9Z7GB2UMChB6bwBrt-6tU_uVJWRGCy9c_gQg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ANN] Elasticsearch Wikipedia River plugin 2.5.0 released

2015-03-31 Thread Elasticsearch Team

Heya,


We are pleased to announce the release of the Elasticsearch Wikipedia River 
plugin, version 2.5.0.

The Wikipedia River plugin allows index wikipedia.

https://github.com/elastic/elasticsearch-river-wikipedia/

Release Notes - elasticsearch-river-wikipedia - Version 2.5.0



Update:
 * [47] - Update to elasticsearch 1.5.0 
(https://github.com/elastic/elasticsearch-river-wikipedia/issues/47)




Issues, Pull requests, Feature requests are warmly welcome on 
elasticsearch-river-wikipedia project repository: 
https://github.com/elastic/elasticsearch-river-wikipedia/
For questions or comments around this plugin, feel free to use elasticsearch 
mailing list: https://groups.google.com/forum/#!forum/elasticsearch

Enjoy,

-The Elasticsearch team

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/551a4f5a.e65ab40a.6f46.2f66SMTPIN_ADDED_MISSING%40gmr-mx.google.com.
For more options, visit https://groups.google.com/d/optout.

Re: A cautionary tale about index autocreation

2015-03-31 Thread Jakub Liska

The problem with action.auto_create_index: false is that it disables 
index templates... So it is basically useless if you are using one

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/d0a69a36-6497-4a51-a144-48f31a6b2312%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Very regular disconnect and recover - every 2 hours

2015-03-31 Thread Neil Andrassy (The Filter)

Both clusters have the following settings so, if that's related, I think
there must be another contributing factor...

discovery.zen.fd.ping_interval : 1s,
discovery.zen.fd.ping_timeout : 60s,
discovery.zen.fd.ping_retries : 3,

On 31 March 2015 at 07:32, Mark Walkom markwal...@gmail.com wrote:

You can try winding out the timeouts, see
http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-discovery-zen.html#fault-detection

On 31 March 2015 at 16:57, Neil Andrassy neil.andra...@thefilter.com
wrote:

On Tuesday, 31 March 2015 03:33:18 UTC+1, Mark Walkom wrote:

It's not the VPN reconnecting is it?

On 31 March 2015 at 01:32, Neil Andrassy neil.a...@thefilter.com
wrote:

Hi,

(and yes, I know multi-site isn't a recommended configuration - there
are other challenges for us with the tribe node approach too, though :( )

Thanks in advance for any ideas or insight.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/793f13a8-9ca8-4d86-b194-47b4e9cd5125%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/793f13a8-9ca8-4d86-b194-47b4e9cd5125%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to a topic in the
Google Groups elasticsearch group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/FLsYRpcADEk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X_fbZXbP_iY4ZpJODXPmumh15CntRT6S4HaJdrvqv593A%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X_fbZXbP_iY4ZpJODXPmumh15CntRT6S4HaJdrvqv593A%40mail.gmail.com?utm_medium=emailutm_source=footer
.

For more options, visit https://groups.google.com/d/optout.

--
Neil Andrassy | CTO | The Filter
phone | +44 (0)1225 588 004
skype | andrassynp

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CABpTWLMn8k_hbuRkh3s-ZmWqZd9s1POHzMQEuFFxWVugS5%3Dxng%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Default template mapping at type level

2015-03-31 Thread AndrewK

Hallo, 

I have 6 types that I would like to keep in the same time-series index. 5 
of these types are very similar and so I have defined the common fields in 
the _default_ mapping. The 6th is very different and shares very few fields 
with the other types: but since the _default_ mapping applies to all types 
in the index I have a lot of fields in the mapping for type6 that I don't 
need or want. Is there a way around this? I'm looking for a default type 
that I can derive from (rather than a default mapping at index level), but 
this does not seem to exist. Is this correct or is there a workaround?

Regards,
Andrew

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/9f026249-dd48-4769-b435-7cdfc5517905%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

How to merge elasticsearch 1.4.2 data with already running elasticsearch 1.4.4?

2015-03-31 Thread Priya G

I am having some data in elasticsearch 1.4.2.i am also having some data in 
elasticsearch 1.4.4.
Now i want to take data stored in elasticsearch 1.4.2 and i have to store 
that data in elasticsearch1.4.4.

Can anyone tell me how to do? 

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/e7d87a86-03a0-4f34-a97c-8b28dc6e5ac3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Scoring and explain

2015-03-31 Thread Guillaume H

FYI ExplainableSearchScript interface is back in 1.4 branch.

Le mercredi 19 novembre 2014 04:04:05 UTC+1, Nick Tarleton a écrit :

On Thursday, November 6, 2014 3:30:26 AM UTC-8, Guillaume H wrote:

Hi guys,

I'm developing a scoring plugin and I need to display some information
about score computation. I need to display the reason(s) why I have this
score, which criteria matched etc..
I currently implement ExplainableSearchScript interface and use Explain
feature to retrieve that info.

I think it's not the best way to get scoring reason because of overload
during hit fetch and because this interface is not in 1.4 branch anymore.
My first thought is to add a new field in response but it really doesn't
seems obvious ...

So what can I do to get scoring information efficiently ?

I also have this issue. I've been using ExplainableSearchScript to add
information computed in the scoring script to the explanation for
debugging, but it's gone in 1.4. Is there any other way (doesn't have to be
efficient) to get information out of a script into the search response?

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/478f8ffc-a9dd-40fc-9b84-a0b292c15a37%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

IFrame options

2015-03-31 Thread Ole Hedegaard

Hi,

I'm displaying Kibana graphs in another system using the generated iframe, 
but I need to get rid of both the Kibana loading screen as well as error 
messages when no data is found. I only need to display graphs.

Are there any options for doing that?

Thanks,
Ole Hedegaard

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/111c01cd-78da-46c0-8140-c5895aeb85a9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ANN] Elasticsearch RabbitMQ River plugin 2.5.0 released

2015-03-31 Thread Elasticsearch Team

Heya,


We are pleased to announce the release of the Elasticsearch RabbitMQ River 
plugin, version 2.5.0.

The RabbitMQ River plugin allows index bulk format messages into elasticsearch..

https://github.com/elastic/elasticsearch-river-rabbitmq/

Release Notes - elasticsearch-river-rabbitmq - Version 2.5.0



Update:
 * [94] - Replace deprecated `JsonFactory#createJsonParser` by 
`JsonFactory#createParser` 
(https://github.com/elastic/elasticsearch-river-rabbitmq/issues/94)
 * [93] - Update to elasticsearch 1.5.0 
(https://github.com/elastic/elasticsearch-river-rabbitmq/issues/93)
 * [91] - Deprecate `replication` parameter 
(https://github.com/elastic/elasticsearch-river-rabbitmq/issues/91)




Issues, Pull requests, Feature requests are warmly welcome on 
elasticsearch-river-rabbitmq project repository: 
https://github.com/elastic/elasticsearch-river-rabbitmq/
For questions or comments around this plugin, feel free to use elasticsearch 
mailing list: https://groups.google.com/forum/#!forum/elasticsearch

Enjoy,

-The Elasticsearch team

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/551a6989.0817b40a.64b6.27b5SMTPIN_ADDED_MISSING%40gmr-mx.google.com.
For more options, visit https://groups.google.com/d/optout.

Problems upgrading to 1.5.0

2015-03-31 Thread Martin Forssen

We just encountered some mysterious problems when upgrading from 1.1.1 to 
1.5.0.

The cluster consists of three machines, two data nodes and one master-only 
node. It hosts 86 indices which each has one replica.

I stopped writes, did a snapshot and stopped the entire cluster before I 
upgraded the nodes and restarted them. The system came up and quickly 
turned yellow, but it refused to become green. it failed to recover a 
number of shards. The errors I got in the logs looked like this (there were 
a lot):
[2015-03-31 07:33:39,704][WARN ][indices.cluster  ] [NODE1] 
[signal_bin][0] sending failed shard after recovery failure
org.elasticsearch.indices.recovery.RecoveryFailedException: 
[signal_bin][0]: Recovery failed from 
[NODE2][rpXLVgS8Qw2jgimXNYKn_A][NODE2][inet[/IP2:9300]]{aws_availability_zone=us-east-1d,
 
max_local_storage_nodes=1} into 
[NODE1][tdXdf0MeS62DIO0KFZX-Rg][NODE1][inet[/IP1:9300]]{aws_availability_zone=us-east-1b,
 
max_local_storage_nodes=1}
at 
org.elasticsearch.indices.recovery.RecoveryTarget.doRecovery(RecoveryTarget.java:274)
at 
org.elasticsearch.indices.recovery.RecoveryTarget.access$700(RecoveryTarget.java:69)
at 
org.elasticsearch.indices.recovery.RecoveryTarget$RecoveryRunner.doRun(RecoveryTarget.java:550)
at 
org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:36)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:724)
Caused by: org.elasticsearch.transport.RemoteTransportException: 
[NODE2][inet[/IP2:9300]][internal:index/shard/recovery/start_recovery]
Caused by: org.elasticsearch.index.engine.RecoveryEngineException: 
[signal_bin][0] Phase[1] Execution failed
at 
org.elasticsearch.index.engine.InternalEngine.recover(InternalEngine.java:839)
at org.elasticsearch.index.shard.IndexShard.recover(IndexShard.java:684)
at 
org.elasticsearch.indices.recovery.RecoverySource.recover(RecoverySource.java:125)
at 
org.elasticsearch.indices.recovery.RecoverySource.access$200(RecoverySource.java:49)
at 
org.elasticsearch.indices.recovery.RecoverySource$StartRecoveryTransportRequestHandler.messageReceived(RecoverySource.java:146)
at 
org.elasticsearch.indices.recovery.RecoverySource$StartRecoveryTransportRequestHandler.messageReceived(RecoverySource.java:132)
at 
org.elasticsearch.transport.netty.MessageChannelHandler$RequestHandler.doRun(MessageChannelHandler.java:279)
at 
org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:36)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:724)
Caused by: 
org.elasticsearch.indices.recovery.RecoverFilesRecoveryException: 
[signal_bin][0] Failed to transfer [11] files with total size of [1.4mb]
at 
org.elasticsearch.indices.recovery.RecoverySourceHandler.phase1(RecoverySourceHandler.java:413)
at 
org.elasticsearch.index.engine.InternalEngine.recover(InternalEngine.java:834)
... 10 more
Caused by: org.elasticsearch.transport.RemoteTransportException: 
[NODE1][inet[/IP1:9300]][internal:index/shard/recovery/clean_files]
Caused by: org.elasticsearch.indices.recovery.RecoveryFailedException: 
[signal_bin][0]: Recovery failed from 
[NODE2][rpXLVgS8Qw2jgimXNYKn_A][NODE2][inet[/IP2:9300]]{aws_availability_zone=us-east-1d,
 
max_local_storage_nodes=1} into 
[NODE1][tdXdf0MeS62DIO0KFZX-Rg][NODE1][inet[/IP1:9300]]{aws_availability_zone=us-east-1b,
 
max_local_storage_nodes=1} (failed to clean after recovery)
at 
org.elasticsearch.indices.recovery.RecoveryTarget$CleanFilesRequestHandler.messageReceived(RecoveryTarget.java:443)
at 
org.elasticsearch.indices.recovery.RecoveryTarget$CleanFilesRequestHandler.messageReceived(RecoveryTarget.java:389)
at 
org.elasticsearch.transport.netty.MessageChannelHandler$RequestHandler.doRun(MessageChannelHandler.java:279)
at 
org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:36)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:724)
Caused by: org.elasticsearch.ElasticsearchIllegalStateException: local 
version: name [_yor.si], length [363], checksum [1jnqbzx], writtenBy [null] 
is different from remote version after recovery: name [_yor.si], length 
[363], checksum [null], writtenBy [null]
at 
org.elasticsearch.index.store.Store.verifyAfterCleanup(Store.java:645)
at org.elasticsearch.index.store.Store.cleanupAndVerify(Store.java:613)
at

Re: ES/Lucene eating up entire memory!

2015-03-31 Thread Yogesh Kansal

Thanks Uwe. As I mentioned earlier, I did guess that VIRT doesn't indicate
RAM consumption.

What I am concerned about is the 3rd row which shows memory and indicates
that out of the total 50g, 43g is in use. Once this number crosses 45g, my
other databases start behaving badly.

Problem is, even after I kill all the processes, this doesn't go down.
(Attaching snapshot of top after killing all processes). Right now what I
do is reboot the system every three days which is the time it takes to
gradually fill the memory with something (I have no clue what that is).

Though I think the max file descriptors wouldn't be the culprit for this? I
haven't changed that yet.

On Mon, Mar 30, 2015 at 3:19 AM, Uwe Schindler uwe.h.schind...@gmail.com
wrote:

You should read:
http://blog.thetaphi.de/2012/07/use-lucenes-mmapdirectory-on-64bit.html

Maybe this allows you to figure out what's going on! VIRT means nothing
about consumption, you should look at RES.

Thanks,
Uwe

Am Sonntag, 29. März 2015 22:23:00 UTC+2 schrieb Yogesh:

Hi,

I have a single node ES setup (50GB memory, 500GB disk, 4 cores) and I
run the Twitter river on it. I've set the ES_HEAP_SIZE to 5g. However, when
I do top, the ES process shows the VIRT memory to be around 34g. That
would be I assume the max mapped memory. The %MEM though always hovers
around 10%

However, within a few days post-reboot, the memory used keeps going up.
From 10g to almost 50g (as shown in the third line) because of which my
other dbs start behaving badly. Below is the snapshot of top. Despite the
fact that VIRT and %MEM still hover around the same 34g and 10%
respectively.

Please help me understand where is my memory going over time! My one
guess is that Lucene is eating it up. How do I remedy it?

Thanks-in-advance!

https://lh3.googleusercontent.com/-zD9y4f2Eqqk/VRhdtX2XtTI/AN8/aq8-wxm2bBg/s1600/top.png

--
You received this message because you are subscribed to a topic in the
Google Groups elasticsearch group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/kTDNDJwxOzA/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/c6e834ab-77c4-4a99-9307-b6b3baf0d232%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/c6e834ab-77c4-4a99-9307-b6b3baf0d232%40googlegroups.com?utm_medium=emailutm_source=footer
.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CADM0w%3Di5%2B_Cd-swP3f58jm-cE%2B7ULsq6QwfafQjsmka47h3fkg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Script to configure Kibana 4 index pattern for logstash, import saved searches, visualizations dashboards

2015-03-31 Thread DK

Hi,

Is there a script available to configure Kibana 4.

I'm starting Elasticsearch, Logstash  Kibana 4 inside Docker.

I'm looking for a way to automatically configure:


   - the Kibana 4 index pattern for logstash
   - import Kibana saved searches, visualizations  dashboards
   

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/284e6911-f34b-46b6-904f-ff7842bc411f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: EC2 client node cluster discovery

2015-03-31 Thread Jerry Pattenaude

Seems like not many other people have this problem...

In my case this was only a problem using unicast (which cloud-aws does), so 
I changed the cloud plugin to work for my case. The file that needed to be 
changed was AwsEc2UnicastHostsProvider.java. Look for 
UnicastZenPing.LIMIT_PORTS_COUNT. 
That const is hard coded to 1 in ES v1.5. I changed it to read a config 
value or use the const if no config was found.  This worked fine for me 
with the es-1.5 2.5.0 version of the plugin.  

Seems like anyone running more than one node on a server not using 
multicast could have this issue.



On Friday, March 27, 2015 at 11:02:05 PM UTC-4, Jerry Pattenaude wrote:

 Still trying to figure out a way past this issue but I actually know 
 what's going on now. The first cluster takes port 9300 and anything looking 
 for a different cluster on that same machine stops when it sees 9300 is in 
 use by a different cluster. Elasticsearch used to scan the port range but 
 they removed that code because it's expensive to check so many ports. There 
 is a pull request to make the number of ports to scan configurable. 

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/ccafba78-3c68-40e8-9e0b-0f6618517abc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: How getting document match rate?

2015-03-31 Thread Terra Sacer

Hi guys,

The Explain api returns coord in bool query. This could work.

On Saturday, March 28, 2015 at 6:33:53 PM UTC+2, Terra Sacer wrote:

 Hello everyone,

 For example my data

 [
 { id : 1, type  : article, title : About the Java Technology 
 },
 { id : 2, type  : article, title : How does ElasticSearch 
 work },
 { id : 3, type  : article, title : How to get the count of 
 results ElasticSearch }
 ]

 When we run the following command

 GET myindex/article/_search
 {
   query: {
 bool: {
   should: [
 {
   match: {
 title: how count elasticsearch
   }
 }
   ]
 }
   }
 }

 We get these results

 {
took: 776,
timed_out: false,
_shards: {
   total: 5,
   successful: 5,
   failed: 0
},
hits: {
   total: 2,
   max_score: 0.16608897,
   hits: [
  {
 _index: myindex,
 _type: article,
 _id: 3,
 _score: 0.16608897,
 _source: {
title: How to get the count of results ElasticSearch
 }
  },
  {
 _index: myindex,
 _type: article,
 _id: 2,
 _score: 0.05758412,
 _source: {
title: How does ElasticSearch work
 }
  }
   ]
}
 }

 Now the question is: Contains a maximum term(how, count and elasticsearch) 
 the third document, match 100%

 *How can get this information from ElasticSearch?*

 I can benefit from the score and max_scor information when query match is 
 100% but when it is not 100% match?

 Please help me :)


-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/8546ca39-30f9-4159-b205-99263034ac13%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ANN] Elasticsearch CouchDB River plugin 2.5.0 released

2015-03-31 Thread Elasticsearch Team

Heya,


We are pleased to announce the release of the Elasticsearch CouchDB River 
plugin, version 2.5.0.

The CouchDB River plugin allows to hook into couchdb _changes feed and 
automatically index it into elasticsearch..

https://github.com/elastic/elasticsearch-river-couchdb/

Release Notes - elasticsearch-river-couchdb - Version 2.5.0



Update:
 * [95] - Update to elasticsearch 1.5.0 
(https://github.com/elastic/elasticsearch-river-couchdb/issues/95)




Issues, Pull requests, Feature requests are warmly welcome on 
elasticsearch-river-couchdb project repository: 
https://github.com/elastic/elasticsearch-river-couchdb/
For questions or comments around this plugin, feel free to use elasticsearch 
mailing list: https://groups.google.com/forum/#!forum/elasticsearch

Enjoy,

-The Elasticsearch team

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/551a956d.430bb40a.4545.54a4SMTPIN_ADDED_MISSING%40gmr-mx.google.com.
For more options, visit https://groups.google.com/d/optout.

Re: Health Status Red(Accidentally started another node)

2015-03-31 Thread Shomo

Thank you for the solution ! A quick clarification though. So I am assuming 
that on restarting the second node, the cluster will automatically come 
back to green, right? Also, is it possible that instead of restarting the 
second node(which was accidental and not really needed), I can force shard 
allocation of unassigned shard to my original node?

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/02b1b570-a7e9-42b8-af25-45714612fa6f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Reindex from the existing index

2015-03-31 Thread David Pilato

If you Search on the web site for reindex, you will find this:
http://www.elastic.co/guide/en/elasticsearch/guide/current/reindex.html

David

Le 1 avr. 2015 à 06:15, Vladi Feigin vla...@liveperson.com a écrit :

Hi,
Is there a way to build a new index from the existing index ?
Thank you,
Vladi
--
This message may contain confidential and/or privileged information.
If you are not the addressee or authorized to receive this on behalf of the
addressee you must not use, copy, disclose or take action based on this
message or any information herein.
If you have received this message in error, please advise the sender
immediately by reply email and delete this message. Thank you.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/9f51ce24-b826-4bcb-8d2c-ab18732e8016%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/A8B19DE8-AE00-4482-BB59-09993806309D%40pilato.fr.
For more options, visit https://groups.google.com/d/optout.

Re: Nested object under path [messages] is not of nested type

2015-03-31 Thread Masaru Hasegawa

Hi,

You put mapping of message type while you query on thread type.
Since thread type isn't defined, you get the error.


Masaru


On April 1, 2015 at 01:06:51, Daniel Buckle (danielbuckl...@gmail.com) wrote:

I am having a lot of issues with the nested type mapping in Elasticsearch, I 
have ran this to create my index:


curl -XPOST 'http://localhost:9200/thread_and_messages' -d 
'{mappings : {
message: {
properties: {
messages: {
type: nested, 
include_in_parent: true, 
properties: {
message_id: {type: string}, 
message_text: {type: string}, 
message_nick: {type: string}
}
}
}
}
}}'


Then this is how I've indexed a document:


curl -XPUT 'http://localhost:9200/thread_and_messages/thread/1' -d 
'{
thread_id:2, 
thread_name:Windows, 
created:Wed Mar 25 2015, 
first_nick:Admin, 
messages:[
{message_id:5, message_text: Pc with a mouse, 
message_nick:Admin},
{message_id:6, message_text:Keyboard, message_nick:Admin},
{message_id:7, message_text:iPhone, message_nick:Admin},
{message_id:8, message_text:Gym, message_nick:Admin}]
}'

This is my query:


curl -XGET 'http://localhost:9200/thread_and_messages/thread/_search' -d 
'{query: {
bool: {
must: [
{match: {thread_name: windows}}, 
{nested: {
path: messages, query: {
bool: {
must: [{
match: {messages.message_text: gym}
}]
}
}
}}
]}
}
}'

I am receiving this error, even though I have clearly mapped messages as a 
nested type:


QueryParsingException[[thread_and_messages] [nested] 
nested object under path [messages] is not of nested type


--
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/9c1395b9-99aa-47e8-900b-a819323275ea%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/etPan.551b4d21.74b0dc51.3b55%40citra-2.local.
For more options, visit https://groups.google.com/d/optout.

Re: Health Status Red(Accidentally started another node)

2015-03-31 Thread Mark Walkom

Restart the other node, let it join and then bring the cluster back to
green.
Then either 1) add replicas so each node has the data and remove the old
node and set replicas to 0, or 2) disable allocation and move the shards
off the other node to the main one manually.

On 1 April 2015 at 11:08, Shomo shoumitrados...@gmail.com wrote:

Today, I accidentally started another node on a different machine on the
same LAN which resulted in my first ES instance adding this new node to the
cluster. I killed this second node with SIGKILL and restarted my original
ES instance. However, on checking the health status of the various
indices, a lot of them show red. The one's that show a red status have no.
of replicas set to 0. The ones that are green had the number of replicas
set to 1. Is there any way I can cleanly get the health back to Green
without deleting and re-indexing. I am using the default setting of having
5 shards per index. Also, for each index that has its' status as red has
exactly one shard that is unassigned.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/1548aca9-50b4-42be-8b08-6be1a4d99bff%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/1548aca9-50b4-42be-8b08-6be1a4d99bff%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X_PrYoYFwysLL5Nr%3Dh4sfT0wRo-y8fcQPiDNNpTpOTLXw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Elastic Search - How to delete old records and improve performance

2015-03-31 Thread Edward Perry


You could do a few things, from my perspective. (Hope this hits some idea's 
you like)

   - upgrade, never hurts :) as long as you read the release notes to make 
   sure nothing your depending on.
   - Add some filters to your existing queries to exclude unneeded data
   - you can create filter aliases which lets you set up predefined alias 
   with filtered terms in-case you can't delete or loose data
  - 
  
http://www.elastic.co/guide/en/elasticsearch/reference/1.3/indices-aliases.html
  - I would rotate your index so all new data would go in to a new one 
   while the archive can wither and die
  - Maybe rotate it on a daily basis or a point of time that works for 
  your data sets  you can still have basic aliases to summarize multiple 
days 
  depending on your query needs 
  - Use a project called curator to purge old data on a routine basis 
  (cron)
 - https://github.com/elastic/curator/wiki
 - Finally if you need to massage the data you can look at this 
   project
   - https://github.com/taskrabbit/elasticsearch-dumpit does full dumps 
  and also Query Style dumpes. 
  - Dump the whole index 
  - Then dump with a query
  - Delete and import your query dump to a Date based index that can be 
  purged later by curator
   - Oh just thought of this one, increase the number of shards and ES 
   nodes, I see you have only 2 
  - To do this will require you to export and import the data again. 
  (at least for the old data
   


On Tuesday, March 31, 2015 at 4:13:07 PM UTC-4, AALISHE wrote:

 mkBig ... thanks for the suggestion ... but how do I exclude the things I 
 dont need ?

 cheers!



-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/4228dbd3-84a1-41ba-bed9-3bcf4cb70033%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

How to achieve ELK High availability

2015-03-31 Thread vikas gopal

Hi Exerts,

Need your valuable suggestions here . I have ELK on a single windows 
instance and I want to make it high available . I mean if one machine goes 
down second will take up the whole load, like clustering. Can you suggest 
how I can achieve this. 

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/38b05ef0-56e7-4590-b5e1-aaa64ab68150%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reindex from the existing index

2015-03-31 Thread Vladi Feigin

Hi,
Is there a way to build a new index from the existing index ?
Thank you,
Vladi
-- 
This message may contain confidential and/or privileged information. 
If you are not the addressee or authorized to receive this on behalf of the 
addressee you must not use, copy, disclose or take action based on this 
message or any information herein. 
If you have received this message in error, please advise the sender 
immediately by reply email and delete this message. Thank you.

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/9f51ce24-b826-4bcb-8d2c-ab18732e8016%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Health Status Red(Accidentally started another node)

2015-03-31 Thread Mark Walkom

It should, only way to know is to try.

You can try to force allocation if that node has them there.

On 1 April 2015 at 12:39, Shomo shoumitrados...@gmail.com wrote:

Thank you for the solution ! A quick clarification though. So I am
assuming that on restarting the second node, the cluster will automatically
come back to green, right? Also, is it possible that instead of restarting
the second node(which was accidental and not really needed), I can force
shard allocation of unassigned shard to my original node?

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/02b1b570-a7e9-42b8-af25-45714612fa6f%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/02b1b570-a7e9-42b8-af25-45714612fa6f%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-EJs2hvkUoiu4B9STgxuYX8%2BVvYdBJ95VFiTku0WeAEw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: ElasticSearch date format

2015-03-31 Thread James Green

I am speculating here that you should use the ISO 8601 format for dates
since this is quite common and has a timezone which yours lacks
(introducing ambiguity).

The T is a common separator between the date and time parts.

On 31 March 2015 at 14:26, phani.nadimi...@goktree.com wrote:

Hi All,

when i insert date to elastic search in the format of -MM-DD
hh:mm:ss from java api getting date format exception.but when i use
-MM-DDThh:mm:ss between them it is inserted fine.please explain me is T
here elasticsearch standard format?

please explain me functionality of T in date.i used the default mapping
of elasticsearch i didn't customized any thing.

mapping:

created: {
type: date,
format: dateOptionalTime
},

Thanks
phani

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/94b29fca-637d-4d73-84fe-6af4b6300611%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/94b29fca-637d-4d73-84fe-6af4b6300611%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAMH6%2BawJXDAs175DFWH5T5z5%2B-UvJgppKjvqPRBehzMX2R%2Bz7A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: is _id of document affects on scoring?

2015-03-31 Thread Mohammad.R esmailzadeh

Thanks for your response.
it is completely confusing for me why elasticsearch was configured for
large data by default instead of development and developers should find
these tiny tips under thousands of documentations.
On Tuesday, 31 March 2015 17:54:00 UTC+4:30, Adrien Grand wrote:

The difference is probably due to the fact that your documents ended on
different shards where doc frequencies are different. You should be able to
make it a bit better by using distributed frequencies.
https://www.elastic.co/blog/understanding-query-then-fetch-vs-dfs-query-then-fetch

On Tue, Mar 31, 2015 at 3:18 PM, Mohammad.R esmailzadeh
esmai...@gmail.com javascript: wrote:

I add two same documents the only different thing is _id of documents (I
restart scenario for each of them and I do not add them sequentially. to be
sure my test is correct)

one of them changes order of result of this query and one of them does
not:

GET index_for_test/business/_search
{

query: {
multi_match: {
query: italian,
type:most_fields,
fields: [ name^10, categories ]
}
}
}

i think it should be bug

my original question was:

https://github.com/elastic/elasticsearch/issues/10341

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearc...@googlegroups.com javascript:.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/5d0eba0f-0809-4a68-b247-0640addb9119%40googlegroups.com

https://groups.google.com/d/msgid/elasticsearch/5d0eba0f-0809-4a68-b247-0640addb9119%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
Adrien

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/b78aa9d8-2e22-40a3-b36b-5817fd2567ef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Try to make es-hadoop run

2015-03-31 Thread Costin Leau

Debugging Hadoop is ... tricky. Most likely the parameter you are passing (es.version) is incorrect - there's no such
Elasticsearch version.

2.1.0.Beta3 is the connector, es-hadoop version. es.version indicates the
version of Elasticsearch itself.

My advice is to first start with basic steps and defaults as described in the
docs [1].

As for the debug part itself, you have to look into your node/cluster logs, in particular the yarn/node ones to see the
underlying container exception.
Whatever message/exception is thrown by the underlying container, it does not bubble up (it is always wrapped by YARN
itself) and thus one has to manually

track it down...

[1] http://www.elastic.co/guide/en/elasticsearch/hadoop/2.1.Beta/ey-usage.html

On 3/31/15 5:50 PM, stéphane Verdy wrote:

Hi all,

HDFS 2.6.0.2.2.0.0 Apache Hadoop Distributed File System
Es-Hadoop : 2.1.0.Beta3
OS : Centos 6

When i start elasticsearch (hadoop jar elasticsearch-yarn-2.1.0.Beta3.jar
-start es.version=2.1.0.Beta3), the
process end FINISHED/FAILED and the only log i found is :

2015-03-31 13:29:57,792 INFO nodemanager.ContainerExecutor
(ContainerExecutor.java:logOutput(283)) - at
java.lang.Thread.run(Thread.java:744)
2015-03-31 13:29:57,793 WARN launcher.ContainerLaunch
(ContainerLaunch.java:call(338)) - Container exited with a
non-zero exit code 127

No ERROR log only WARN...
Can'i set the logger in DEBUG mode (how) ?
Are there any other log files ?

Thank
Stephane

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
elasticsearch+unsubscr...@googlegroups.com
mailto:elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/82bea02f-7356-4bab-8895-00b26842352a%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/82bea02f-7356-4bab-8895-00b26842352a%40googlegroups.com?utm_medium=emailutm_source=footer.
For more options, visit https://groups.google.com/d/optout.

--
Costin

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/551AB786.1040107%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Problems with combination of attributes in Elasticsearch

2015-03-31 Thread Maialen Otamendi



Hi all,

When designing an application I would like to know whether ElasticSearch is 
a suitable tool for implementing it (and how to do it). Any advice will be 
much appreciated!

My application needs to store (many) documents, each document being 
represented as a sequence of words. I want also to associate information 
with each word. For example, suppose I want to associate the word length 
with each word. So I would have something like this:

The house is yellow

3  5  2 6

Now, I would like to perform queries such as for instance give me words 
with length 2, followed by the word 'yellow'. In a relational database I 
would store the word forms and lengths as different attributes, for 
instance:

Word

Length

N

the

3

1

house

5

2

is

2

3

yellow

6

4

(where N is the position of the word) and in SQL I would make something 
like this:

SELECT word, N1 as N

FROM documents

WHERE (word=”yellow” AND N1 in (SELECT N2 as N

  FROM documents

  WHERE length=2 AND (N1-N2=1 OR N2-N1=1)

)

)

I'm struggling to implement this same functionality into ElasticSearch. 
I've read online manuals and the reference book, but I'm unable to figure 
out how to do this with ES. So any advice from your part will be very much 
appreciated.

Take into account:

   - 
   
   The database will have many attributes associated with words, and I'll 
   need to query for any combination of them.
   - 
   
   Those attributes are pre-computed and loaded into the database offline.
   

Thank you!

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/1697f5ad-e00b-4777-a7f9-8239e9c64e91%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Elastic Search - How to delete old records and improve performance

2015-03-31 Thread AALISHE

mkBig ... thanks for the suggestion ... but how do I exclude the things I 
dont need ?

cheers!

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/454830bc-a9c5-4803-ae95-8b37f65fedbf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: is _id of document affects on scoring?

2015-03-31 Thread Adrien Grand

On Tue, Mar 31, 2015 at 4:13 PM, Mohammad.R esmailzadeh 
esmailza...@gmail.com wrote:

 it is completely confusing for me why elasticsearch was configured for
 large data by default instead of development and developers should find
 these tiny tips under thousands of documentations.


I'm sorry you had a bad experience. I don't really have a good answer for
you here: the right value for a particular setting depends on your usage of
elasticsearch and while we strive at having good defaults, they can't
always be right for everyone.

In case you missed it, there is a free book about elasticsearch (
http://www.elastic.co/guide/en/elasticsearch/guide/current/index.html)
which you can read and dives you into how elasticsearch works and how to
use it so that you don't have to crawl the reference API every time that
you start using a new API.

-- 
Adrien

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAO5%3DkAgPajZ5Qn4_RFnJ1Y6KxfAWg8i2d8C2u54OYe_QgEss4w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

parent-child document relation problem

2015-03-31 Thread Viacheslav Shalamov

Hi all, could you help me with little problem regarding parent-child 
documents relation?

I use elasticsearch v1.4.4.

Considering JSON, I have objects, each of them contains an array of 
sub-objects. Sub-objects contain some text fields.
I need to maintain full-text-search on these objects and construct 
snippets. I need highlighting for building snippets.
If I use nested objects, highlighting does not deal with them.
Therefore, I use Parent-Child relationships.

Now I need to retrieve Parent-documents, which children match the 
query_string. Furthermore, I need to get highlighted fields of matched 
children and associate each one(each child) with corresponding parent to 
construct snippets in my application.

Is it possible to accomplish my goal in one query?

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/5e018b6c-8354-4600-822b-8956eb530237%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

A problem: ClusterBlockException : blocked by: [SERVICE_UNAVAILABLE/1/state not recovered / initialized];

2015-03-31 Thread Sephen Xu

This error occurred when i restart cluster.

Debug log:
[2015-04-01 11:25:09,743][DEBUG][node ] [es_node_4_1] 
using home [/home/nat/elasticsearch-1.1.2], config 
[/home/nat/elasticsearch-1.1.2/config], data [[/home/nat/esdata.d, 
/natlog1/nat/esdata.d, /natlog4/nat/esdata.d, /natlog5/nat/esdata.d, 
/natlog6/nat/esdata.d, /natlog7/nat/esdata.d, /natlog8/nat/esdata.d]], logs 
[/home/nat/elasticsearch-1.1.2/logs], work 
[/home/nat/elasticsearch-1.1.2/work], plugins 
[/home/nat/elasticsearch-1.1.2/plugins]
[2015-04-01 11:25:09,765][INFO ][plugins  ] [es_node_4_1] 
loaded [], sites [head, bigdesk]
[2015-04-01 11:25:09,775][DEBUG][common.compress.lzf  ] using 
[UnsafeChunkDecoder] decoder
[2015-04-01 11:25:09,787][DEBUG][env  ] [es_node_4_1] 
using node location [[/home/nat/esdata.d/elasticsearch_log/nodes/0, 
/natlog1/nat/esdata.d/elasticsearch_log/nodes/0, 
/natlog4/nat/esdata.d/elasticsearch_log/nodes/0, 
/natlog5/nat/esdata.d/elasticsearch_log/nodes/0, 
/natlog6/nat/esdata.d/elasticsearch_log/nodes/0, 
/natlog7/nat/esdata.d/elasticsearch_log/nodes/0, 
/natlog8/nat/esdata.d/elasticsearch_log/nodes/0]], local_node_id [0]
[2015-04-01 11:25:09,825][INFO ][node ] [es_node_4_2] 
version[1.1.2], pid[53749], build[e511f7b/2014-05-22T12:27:39Z]
[2015-04-01 11:25:09,826][INFO ][node ] [es_node_4_2] 
initializing ...
[2015-04-01 11:25:09,826][DEBUG][node ] [es_node_4_2] 
using home [/home/nat/elasticsearch-1.1.2], config 
[/home/nat/elasticsearch-1.1.2/config], data [[/home/nat/esdata.d, 
/natlog2/nat/esdata.d, /natlog3/nat/esdata.d, /natlog9/nat/esdata.d, 
/natlog10/nat/esdata.d, /natlog11/nat/esdata.d, /natlog12/nat/esdata.d, 
/natlog13/nat/esdata.d]], logs [/home/nat/elasticsearch-1.1.2/logs], work 
[/home/nat/elasticsearch-1.1.2/work], plugins 
[/home/nat/elasticsearch-1.1.2/plugins]
[2015-04-01 11:25:09,862][INFO ][plugins  ] [es_node_4_2] 
loaded [], sites [head, bigdesk]
[2015-04-01 11:25:09,879][DEBUG][common.compress.lzf  ] using 
[UnsafeChunkDecoder] decoder
[2015-04-01 11:25:09,901][DEBUG][env  ] [es_node_4_2] 
using node location [[/home/nat/esdata.d/elasticsearch_log/nodes/1, 
/natlog2/nat/esdata.d/elasticsearch_log/nodes/1, 
/natlog3/nat/esdata.d/elasticsearch_log/nodes/1, 
/natlog9/nat/esdata.d/elasticsearch_log/nodes/1, 
/natlog10/nat/esdata.d/elasticsearch_log/nodes/1, 
/natlog11/nat/esdata.d/elasticsearch_log/nodes/1, 
/natlog12/nat/esdata.d/elasticsearch_log/nodes/1, 
/natlog13/nat/esdata.d/elasticsearch_log/nodes/1]], local_node_id [1]
[2015-04-01 11:25:11,258][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [generic], type [cached], keep_alive [30s]
[2015-04-01 11:25:11,286][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [index], type [fixed], size [32], queue_size [200]
[2015-04-01 11:25:11,294][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [bulk], type [fixed], size [20], queue_size [32]
[2015-04-01 11:25:11,295][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [get], type [fixed], size [32], queue_size [1k]
[2015-04-01 11:25:11,296][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [search], type [fixed], size [96], queue_size [1k]
[2015-04-01 11:25:11,297][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [suggest], type [fixed], size [32], queue_size [1k]
[2015-04-01 11:25:11,297][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [percolate], type [fixed], size [32], queue_size [1k]
[2015-04-01 11:25:11,298][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [management], type [scaling], min [1], size [5], 
keep_alive [5m]
[2015-04-01 11:25:11,300][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [flush], type [scaling], min [1], size [5], keep_alive 
[5m]
[2015-04-01 11:25:11,301][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [merge], type [fixed], size [4], queue_size [32]
[2015-04-01 11:25:11,302][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [refresh], type [scaling], min [1], size [10], 
keep_alive [5m]
[2015-04-01 11:25:11,303][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [warmer], type [scaling], min [1], size [5], 
keep_alive [5m]
[2015-04-01 11:25:11,304][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [snapshot], type [scaling], min [1], size [5], 
keep_alive [5m]
[2015-04-01 11:25:11,305][DEBUG][threadpool   ] [es_node_4_1] 
creating thread_pool [optimize], type [fixed], size [1], queue_size [null]
[2015-04-01 11:25:11,348][DEBUG][threadpool   ] [es_node_4_2] 
creating thread_pool [generic], type [cached], keep_alive [30s]
[2015-04-01 11:25:11,348][DEBUG][transport.netty  ] [es_node_4_1] 
using worker_count[64],

Re: How to achieve ELK High availability

2015-03-31 Thread Mark Walkom

Which part do you want to make HA?

ES is pretty simple to do, the rest is dependent on a few things.

On 1 April 2015 at 14:06, vikas gopal vikas.ha...@gmail.com wrote:

 Hi Exerts,

 Need your valuable suggestions here . I have ELK on a single windows
 instance and I want to make it high available . I mean if one machine goes
 down second will take up the whole load, like clustering. Can you suggest
 how I can achieve this.

 --
 You received this message because you are subscribed to the Google Groups
 elasticsearch group.
 To unsubscribe from this group and stop receiving emails from it, send an
 email to elasticsearch+unsubscr...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/elasticsearch/38b05ef0-56e7-4590-b5e1-aaa64ab68150%40googlegroups.com
 https://groups.google.com/d/msgid/elasticsearch/38b05ef0-56e7-4590-b5e1-aaa64ab68150%40googlegroups.com?utm_medium=emailutm_source=footer
 .
 For more options, visit https://groups.google.com/d/optout.


-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X_0%2BjcG4pVfOa9cbxeb_-Z%2BBzoRK6miKjc4hyM_zj1eWA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Does english analyzer prevent fields from highlighting?

2015-03-31 Thread Viacheslav Shalamov

Hi all, could you help me with little problem regarding language-specific 
analyzers and highliting in elasticsearch?

I need search documents by a query string and highlight matched strings.
Here is my mapping:
{
usr: {
properties: {
text0: {
type: string,
analyzer: english
},
text1: {
type: string
}
}
}
}
Note, that for text0 field english analyzer is set, and for text1 
field is used standard analyzer by default.

In my index there is one document for now:

hits: [{
_index: tt,
_type: usr,
_id: AUxvIPAv84ayQMZV-3Ll,
_score: 1,
_source: {
text0: highlighted. need to be highlighted.,
text1: highlighted. need to be highlighted.
}
}]

Consider following query:
{
query: {
query_string : {
query : *highlighted*
}
},
highlight : {
fields : {
* : {}
}
}
}

I've expected each field in the document to be highlighted, but 
highlighting appeared only in text1 field (where is no analyzer set):

hits: [{
_type: usr, 
_source: {
text0: highlighted. need to be highlighted., 
text1: highlighted. need to be highlighted.
}, 
_score: 0.19178301, 
_index: tt, 
highlight: {
text1: [
emhighlighted/em. need to be emhighlighted/em.
]
}, 
_id: AUxvIPAv84ayQMZV-3Ll
}]

Let's consider the following query(I expected highlighted matches 
highlight because of analyzer):
{
query: {
query_string : {
query : *highlight*
}
},
highlight : {
 fields : {
 * : {}
 }
}
}

But there was no hist in response at all: (Did the english analyzer even 
work here?)
hits: {
hits: [], 
total: 0, 
max_score: null
}

At last, consider some curl commands (requests and responses):

curl http://localhost:9200/tt/_analyze?field=text0; -d highlighted

{tokens:[{ 
token:*highlight*,
start_offset:0,
end_offset:11,
type:ALPHANUM,
position:1
}]}

curl http://localhost:9200/tt/_analyze?field=text1; -d highlighted 

{tokens:[{
token:*highlighted*,
start_offset:0,
end_offset:11,
type:ALPHANUM,
position:1
}]}


We see, by passing text through the english and standard analyzers, the 
result is different.
Finally, the question: 
*does english analyzer prevent fields from highlighting? How can I get my 
fields highlighted while full-text search?*
P.S. I use elasticsearch v1.4.4 on my local machine with windows 8.1.

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/59cea72f-08e3-42b2-ad0e-e5d5ba7762a8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Debug Rest Plugin

2015-03-31 Thread María Carolina Bessega Lodi

Hi

I created a plugin, I'm able to create the zip, install it in my cluster, 
etc.
My problem comes if I want to debug from Eclipse having access to the 
current data in my cluster. 
To do that the easiest way should be make the debug node part of my 
cluster. 

When I run the java application in Eclipse it launches a new elasticsearch 
node but it uses the generic cluster name elasticsearch,  as my cluster 
have a different name the discovery functionality is not activated. 

Is there a way to specify elasticsearch config parameters (i.e. the 
parameter you usually add in elasticsearch.yml) when you debug the java app 
in your ide?

Thanks!!

 

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/0dd66199-336b-4d6d-ad25-68e67fa2f30c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: elasticsearch high cpu usage every hourly

2015-03-31 Thread Aaron Mefford

From what I can see in your graphs I noticed two things. You seem to have
a spike in search requests at that time, a spike in http traffic, and a
cache eviction right at the beginning of it.

Are you certain you don't have an external user with a cron job that runs
at the top of the hour? Perhaps a large scan and scroll query that dumps
alot of data?

Take a look at your network graphs to see if you have a correlated spike in
traffic to your ElasticSearch cluster. I wouldn't expect with a cluster
that size that you don't have any users, probably quite a few users. It
would not be unreasonable to expect that one such user is doing something
beyond what you had intended and causing stress on your system.

On Monday, March 30, 2015 at 8:37:54 PM UTC-6, vincent Park wrote:

we have 8 clustered nodes and each nodes have 1 replica.
total document size is about 4GB and 1,984,173 docs.

I was suffering from very high CPU usage 80%~90% every hourly.
It is held for 5 min.

there is no other process except es on each server.
there is no other cron job even at that time.

I thought there are something wrong with es process.
maybe external attacks or gc problem.. I don't know.

It happened every hourly.
I don't know what's going on elasticsearch at this time!!
somebody help me, tell me what happened in there. please..

$ ./elasticsearch -v
Version: 1.4.2, Build: 927caff/2014-12-16T14:11:12Z, JVM: 1.7.0_75

$ java -version
java version 1.7.0_75
Java(TM) SE Runtime Environment (build 1.7.0_75-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.75-b04, mixed mode)

and I installed plugins - HQ, bigdesk, head, kopf, sense

heres bigdesk graphs at cpu peak time:

http://elasticsearch-users.115913.n3.nabble.com/file/n4072788/es_cpu_high.png

--
View this message in context:
http://elasticsearch-users.115913.n3.nabble.com/elasticsearch-high-cpu-usage-every-hourly-tp4072788.html

Sent from the ElasticSearch Users mailing list archive at Nabble.com.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/aca13c50-3c3a-4630-a941-4116dc31e55e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Debug Rest Plugin

2015-03-31 Thread David Pilato

When I want to debug a plugin, I often run the
org.elasticsearch.bootstrap.Bootstrap class.
And I pass something like

-Des.foreground=true -Des.http.cors.enabled=true -Dhttp.cors.allow-origin=/.*/
-Dhttp.cors.allow-credentials=true -Des.path.conf=/path/to/your/config/dir/

/path/to/your/config/dir/ contains logging.yml and elasticsearch.yml

HTH

--
David Pilato - Developer | Evangelist
elastic.co
@dadoonet https://twitter.com/dadoonet | @elasticsearchfr
https://twitter.com/elasticsearchfr | @scrutmydocs
https://twitter.com/scrutmydocs

Le 31 mars 2015 à 18:10, María Carolina Bessega Lodi cbess...@gmail.com a
écrit :

I created a plugin, I'm able to create the zip, install it in my cluster, etc.
My problem comes if I want to debug from Eclipse having access to the current
data in my cluster.
To do that the easiest way should be make the debug node part of my
cluster.

When I run the java application in Eclipse it launches a new elasticsearch
node but it uses the generic cluster name elasticsearch, as my cluster
have a different name the discovery functionality is not activated.

Is there a way to specify elasticsearch config parameters (i.e. the parameter
you usually add in elasticsearch.yml) when you debug the java app in your ide?

Thanks!!

https://groups.google.com/d/msgid/elasticsearch/0dd66199-336b-4d6d-ad25-68e67fa2f30c%40googlegroups.com?utm_medium=emailutm_source=footer.
For more options, visit https://groups.google.com/d/optout
https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/98B7E3C1-DE1F-48AB-AA85-2E3CD3C95CA7%40pilato.fr.
For more options, visit https://groups.google.com/d/optout.

Nested object under path [messages] is not of nested type

2015-03-31 Thread Daniel Buckle

I am having a lot of issues with the nested type mapping in Elasticsearch, 
I have ran this to create my index:

curl -XPOST 'http://localhost:9200/thread_and_messages' -d 
'{mappings : {
message: {
properties: {
messages: {
type: nested, 
include_in_parent: true, 
properties: {
message_id: {type: string}, 
message_text: {type: string}, 
message_nick: {type: string}
}
}
}
}
}}'


Then this is how I've indexed a document:

curl -XPUT 'http://localhost:9200/thread_and_messages/thread/1' -d 
'{
thread_id:2, 
thread_name:Windows, 
created:Wed Mar 25 2015, 
first_nick:Admin, 
messages:[
{message_id:5, message_text: Pc with a mouse, 
message_nick:Admin},
{message_id:6, message_text:Keyboard, message_nick:Admin},
{message_id:7, message_text:iPhone, message_nick:Admin},
{message_id:8, message_text:Gym, message_nick:Admin}]
}'


This is my query:

curl -XGET 'http://localhost:9200/thread_and_messages/thread/_search' -d 
'{query: {
bool: {
must: [
{match: {thread_name: windows}}, 
{nested: {
path: messages, query: {
bool: {
must: [{
match: {messages.message_text: gym}
}]
}
}
}}
]}
}
}'


I am receiving this error, even though I have clearly mapped messages as a 
nested type:

QueryParsingException[[thread_and_messages] [nested] 
nested object under path [messages] is not of nested type



-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/9c1395b9-99aa-47e8-900b-a819323275ea%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ANN] Elasticsearch Mapper Attachment plugin 2.5.0 released

2015-03-31 Thread Elasticsearch Team

Heya,


We are pleased to announce the release of the Elasticsearch Mapper Attachment 
plugin, version 2.5.0.

The mapper attachments plugin adds the attachment type to Elasticsearch using 
Apache Tika..

https://github.com/elastic/elasticsearch-mapper-attachments/

Release Notes - elasticsearch-mapper-attachments - Version 2.5.0


Fix:
 * [121] - Don't wrap exceptions in `MapperParsingException` 
(https://github.com/elastic/elasticsearch-mapper-attachments/pull/121)
 * [118] - parse java.specification.version not java.version, so that it is 
robust (https://github.com/elastic/elasticsearch-mapper-attachments/pull/118)

Update:
 * [119] - Update to elasticsearch 1.5.0 
(https://github.com/elastic/elasticsearch-mapper-attachments/issues/119)
 * [90] - Tests: upgrade randomizedtesting-runner to 2.1.10 
(https://github.com/elastic/elasticsearch-mapper-attachments/issues/90)




Issues, Pull requests, Feature requests are warmly welcome on 
elasticsearch-mapper-attachments project repository: 
https://github.com/elastic/elasticsearch-mapper-attachments/
For questions or comments around this plugin, feel free to use elasticsearch 
mailing list: https://groups.google.com/forum/#!forum/elasticsearch

Enjoy,

-The Elasticsearch team

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/551ac92f.28e4b40a.33ed.6e2eSMTPIN_ADDED_MISSING%40gmr-mx.google.com.
For more options, visit https://groups.google.com/d/optout.

Re: ES/Lucene eating up entire memory!

2015-03-31 Thread Aaron Mefford

You need to read up a bit on how memory is allocated in Linux. 

In an ElasticSearch or Database server, this seems to be both, you want 
that free column to be 0.  All available free memory should be used to 
cache files.  In your snapshot you have 35GB of file cache listed under the 
cached heading.  Memory listed under cached is essentially free memory that 
is temporarily being used to cache files until it is otherwise requested.  
This is how Linux makes efficient use of your memory, leveraging free 
memory for file cache, but still having it available when you need it.  As 
such when determining if your box is out of memory you need to sum free and 
cached.  

This is precisely the reason that it is recommended that ElasticSearch only 
be allocated 50% of the memory on the box for heap.  In your case where you 
have databases running, it should be 50% of the memory you have available 
for ElasticSearch.  For that matter you should apply the same basic rule( 
50%) to your database unless it has specifically some other file caching 
mechanism.  For instance, you have 50GB of ram, assuming MySQL and 
ElasticSearch, and you want to equally divide the ram, 25GB to each.  
ElasticSearch then would be allowed to use 25GB, 12GB should be allocated 
to heap, the balance left to the OS for file caching on behalf of 
ElasticSearch.  Assuming MySQL, with MyIsam, the same would be done 12GB to 
MySQL, 12GB to the OS for file system caching of the MyISAM tables.  Now if 
you are using InnoDB things are different but that is way outside the scope 
of this discussion.  

So that you have 35GB of files being cached is a very good thing.  It means 
that you have a large amount of your data cached.  It means you have ample 
free memory, well beyond the 12GB a 50/50 split would demand.  The 12GB of 
free you have now probably came from the processes that you killed, I think 
you meant this was ElasticSearch, though you were not specific.

The one concern I see looking at your top, is that you have a large swap, 
and that some of it has been used.  This is a sign that at some point you 
had memory pressure, the only sign I see from your snapshot.  That pressure 
was not significant, but any swapping will destroy the performance of a 
database, or ElasticSearch.  In many cases people go to the extreme of 
disabling swap entirely, as performance during swapping will be so poor, 
that it will be unusable.  Further by the time you were to even put a dent 
in the size of that swap you will have wanted to reboot your box.  My 
approach is to keep a small swap available, so that I can see if the system 
ever got to a point that it needed it, and to potentially buy a moment of 
time.

If you are experiencing database slowdowns, this screenshot does not 
illustrate that it is due to memory issues.  Rather I would suspect disk IO 
instead based on this information.

On Tuesday, March 31, 2015 at 4:25:40 AM UTC-6, Yogesh wrote:

 Thanks Uwe. As I mentioned earlier, I did guess that VIRT doesn't indicate 
 RAM consumption.

 What I am concerned about is the 3rd row which shows memory and indicates 
 that out of the total 50g, 43g is in use. Once this number crosses 45g, my 
 other databases start behaving badly.

 Problem is, even after I kill all the processes, this doesn't go down. 
 (Attaching snapshot of top after killing all processes). Right now what I 
 do is reboot the system every three days which is the time it takes to 
 gradually fill the memory with something (I have no clue what that is).

 Though I think the max file descriptors wouldn't be the culprit for this? 
 I haven't changed that yet.

 On Mon, Mar 30, 2015 at 3:19 AM, Uwe Schindler uwe.h.s...@gmail.com 
 javascript: wrote:

 You should read: 
 http://blog.thetaphi.de/2012/07/use-lucenes-mmapdirectory-on-64bit.html

 Maybe this allows you to figure out what's going on! VIRT means nothing 
 about consumption, you should look at RES.

 Thanks,
 Uwe


 Am Sonntag, 29. März 2015 22:23:00 UTC+2 schrieb Yogesh:

 Hi,

 I have a single node ES setup (50GB memory, 500GB disk, 4 cores) and I 
 run the Twitter river on it. I've set the ES_HEAP_SIZE to 5g. However, when 
 I do top, the ES process shows the VIRT memory to be around 34g. That 
 would be I assume the max mapped memory. The %MEM though always hovers 
 around 10%

 However, within a few days post-reboot, the memory used keeps going up. 
 From 10g to almost 50g (as shown in the third line) because of which my 
 other dbs start behaving badly. Below is the snapshot of top. Despite the 
 fact that VIRT and %MEM still hover around the same 34g and 10% 
 respectively.

 Please help me understand where is my memory going over time! My one 
 guess is that Lucene is eating it up. How do I remedy it?

 Thanks-in-advance!



 https://lh3.googleusercontent.com/-zD9y4f2Eqqk/VRhdtX2XtTI/AN8/aq8-wxm2bBg/s1600/top.png


  -- 
 You received this message because you are subscribed to a topic in the 
 Google Groups

Re: ElasticSearch date format

2015-03-31 Thread James Green

http://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-date-format.html

The T is a standard symbol, not exclusive to any one software project.
ElasticSearch uses Joda to parse dates, and it looks like the default
accepts ISO 8601 which I would expect.

On 31 March 2015 at 15:32, phani.nadimi...@goktree.com wrote:

HI James,

Thanks for quick reply..

so my understanding is while inserting in to elasticsearch we need to
use T as separator other wise it won't insert in to date field from java
API because it expecting standard format of ISO 8601 am I right?

Thanks
phani

On Tuesday, March 31, 2015 at 7:48:42 PM UTC+5:30, James Green wrote:

I am speculating here that you should use the ISO 8601 format for dates
since this is quite common and has a timezone which yours lacks
(introducing ambiguity).

The T is a common separator between the date and time parts.

On 31 March 2015 at 14:26, phani.n...@goktree.com wrote:

Hi All,

please explain me functionality of T in date.i used the default
mapping of elasticsearch i didn't customized any thing.

mapping:

created: {
type: date,
format: dateOptionalTime
},

Thanks
phani

--
You received this message because you are subscribed to the Google
Groups elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send
an email to elasticsearc...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/elasticsearch/94b29fca-637d-4d73-84fe-6af4b6300611%
40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/94b29fca-637d-4d73-84fe-6af4b6300611%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/0a7fd7e8-b244-42e9-8427-752474250b07%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/0a7fd7e8-b244-42e9-8427-752474250b07%40googlegroups.com?utm_medium=emailutm_source=footer
.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAMH6%2BawqvJ_DOZUR2u7C%3DU7AvFFr%3DhyBoBTMRwCbdow7kZxOsg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Wildcard search on raw not_analyzed field

2015-03-31 Thread BradVido

I need help determining how wildcard matching for non_analyzed fields works.

I have a field `message` with this mapping defined:
message : {
type : string,
norms : {
enabled : false
},
fields : {
raw : {
type : string,
index : not_analyzed,
doc_values : true,
ignore_above : 256
}
}
}
I've indexed a document that has this data: {message: Failed to connect}

I'm executing a Query String Query, and here are the results:
message.raw:Failed*
No matches

message.raw:failed*
No matches

message.raw:?ailed*
Match found!

Why don't the first two match?

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/f55a7497-3bbe-4d32-bf27-89fc3a4533bc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Is there any blog which shows new frameworks related to elasticsearch?

2015-03-31 Thread Hakan Özler

Hi all,

Does elasticsearch itself have a blog which basically combines and shows 
extensions or tools made by developers from all over the world?

Why I am asking is bacause we have also implemented an extension called Pes 
which helps in building inline query DSLs with less effort. Perhaps, other 
developers want to contribute to this project on GitHub in order to improve 
it.

https://github.com/kodcu/pes   

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/5bc9-5ce5-4038-bf1d-ba58fd68a7c8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ANN] JDBC plugin with feeder mode as an alternative to the deprecated Elasticsearch River API

2015-03-31 Thread joergpra...@gmail.com

Hi,

if you use the JDBC river plugin and you are concerned about the
deprecation of the river API, I wrote a step-by-step guide how to start the
JDBC plugin in a feeder mode.

The feeder mode is a standalone JVM which connects to an ES cluster using
Java TransportClient under the hood.

You can read the instructions here:

https://github.com/jprante/elasticsearch-river-jdbc/wiki/JDBC-plugin-feeder-mode-as-an-alternative-to-the-deprecated-Elasticsearch-River-API

Best regards,

Jörg

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAKdsXoFj2tHMqkhO8SYcOJ6MAt8Lrp0w1KBpza4FT0uqooRAMw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: elastisticsearch_dsl python to create pivot tables

2015-03-31 Thread Mike

tested it. works as expected. 
Thanks again for your help 

Am Dienstag, 31. März 2015 00:04:39 UTC+2 schrieb Mike:


 Thanks Honza. 

 You made my day (my night rather, it is midnight here in Brussels). 

 I quickly tested the code and it gives the same results as the manually 
 chained expression. 

 I will test with various metrics tomorrow, I will then mark the question 
 as “completed”. 

 Thanks a lot and have a nice day. 

 P.S:This opens the possibilty to perform any “pivot” table in ES . The 
 challenge will be to parse the resulting json resuts (see 
 http://stackoverflow.com/questions/29280480/), but I hope to find a way. 









-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/6e22c9c6-b8d8-4d55-b0d7-57d7b17f45be%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Wildcard search on raw not_analyzed field

2015-03-31 Thread BradVido

Update, it seems that the problem is lowercase_expanded_terms defaults to 
true.
Setting it to false in my query returned results for the first two queries.


On Monday, January 26, 2015 at 5:04:44 PM UTC-6, BradVido wrote:

 I have a dynamic template that sets up not_analyzed raw mappings for all 
 my string fields. 

 When I perform a query search like this: 
 field.raw=KnownValue
 it works (has hits).

 When I do this: 
 field.raw=Known?alue
 it doesn't return any data (? wildcard doesn't work).

 However, 
 field.raw=*
 does return data.

 What am I missing? Does it have to do with case-sensitivity?

 Here is the dynamic template:
 {
 string_fields: {
 mapping: {
 index: analyzed,
 type: string,
 fields: {
 raw: {
 index: not_analyzed,
 ignore_above: 256,
 doc_values: true,
 type: string
 }
 }
 },
 match: *,
 match_mapping_type: string
 }
 }



-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/8b081a6d-ad56-497f-851c-abd34b7db916%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Running Elasticsearch error

2015-03-31 Thread kelnrluierhfeulne

Hello, When I run ./bin/elasticsearch like it says in the 
http://logstash.net/docs/1.4.2/tutorials/getting-started-with-logstash 
tutorial I get the following error?

failed to connect to master [[Annie Ghazikhanian] [127.0.0.1:9300]], 
retrying... 
Caused by: java.net.ConnectException: Connection refused: /127.0.0.1:9300


Would you happen to know how I can fix this error? I believe I may be 
accidentally connecting to someone else's cluster.
Thank you!

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/52a946d5-24a5-4b7d-b8d7-f48678556dce%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: what are the research papers that ES relies on?

2015-03-31 Thread MrBu

Thats what I was looking for (murmur3) I really wondered what they used and
I was going to ask about murmur3 as weel. But as I see things, are going
pretty awesome.

Thanks

31 Mart 2015 Salı 00:42:45 UTC+3 tarihinde Aaron Mefford yazdı:

I understand that if you do not have sufficient storage space, then you
cannot manage a replica on every node. However, you are not limited to the
size of a usual hdd. You can have a file system that spans many hdds. I
am not suggesting this, but if you have a situation where you need to
distribute all of your data, then you can. Also as we have little info on
your use case, and the most typical seems to be log ingestion, in that
scenario you can have that hot index, the most recent treated differently
than the others. You could have the number of replicas on your most recent
index spread data across the entire cluster, but then as a new index comes
online reduce the number of replicas. You could also reindex historical
data into fewer shards, improving performance, reducing addtl maintenance
tasks.

The reason I think you need to spend a bit more time reading is that the
algorithm is very easy to find:

http://www.elastic.co/guide/en/elasticsearch/guide/master/routing-value.html

It is a very simple algorithm and standard approach to the issue of
sharding:

shard = hash(routing) % number_of_primary_shards

The routing value by default is the document id, though you can specify
your own routing value. The specifics of which hash are not as important
except in very odd cases.

A bit more research shows this from the source:

https://github.com/elastic/elasticsearch/commit/9ea25df64927172787f2ffa1049f9c7804a91053#diff-d1fcc8637b3800bf7da881b93e1de983

Current implementations seem to use the DJB2 hash which is good but does
have some cases such as 33 shards where it behaves poorly. In version 2.0
it appears they are moving to murmur3 which is a more consistent hash
across a greater set of use cases. Note that with the default of 5 shards,
DJB2 performs ideally.

On Monday, March 30, 2015 at 10:04:08 AM UTC-6, MrBu wrote:

Aaron, thanks for the reply.

You cant distribute all of the documents if the size of it is more than a
usual hdd. Also that was an example I gave. I am just figuring out the
magical ways that ES uses rather than lucene has its own.

30 Mart 2015 Pazartesi 18:55:49 UTC+3 tarihinde Aaron Mefford yazdı:

Automagic routing happens already on hashing the document id. It
sounds like you may have a situation where your document id is creating a
hot spot. This being the case what you want is not automagic routing but
more control over the routing or a better document id. There is the
ability to code your own routing and create a more even distribution, for
your given keyset, but I think you would be better served by a better
document key, this isnt mongo or hbase where the document key rules the
world.

The other possible reason you are hot-spotting is index creation. In a
log ingestion scenario, the most recent index is almost always the hottest
index. That is where all indexing is occurring, that is where all queries
start. If you have tweaked the 5 shard norm and are only creating 1 shard
that shard will be hot in this scenario.

Your comment on routing a shard to another shard does not make any
sense. You need to read a bit more on what the shards are and how they
work. That said if you have multiple replicas of a shard, then those
shards will automatically be distributed across all of your nodes. In fact
if the number of replicas is the same as the number of nodes in the
cluster, you should automatically have all data on all nodes, and any node
will be able to query local data, and no node will be hot because of query
volume. However indexing is still routed to the master shard.

Like was mentioned previously, the code is open, however it sounds like
you are looking to go deep water diving before learning to swim.
On Monday, March 30, 2015 at 8:57:51 AM UTC-6, MrBu wrote:

Jörg,

Thanks for the input. I have read many tutorials, guides (official one
too). Just I want to re-route in more automagic way. Like routing evenly
to
the shard and duplicating mostly used shard to other shards maybe.

30 Mart 2015 Pazartesi 10:33:19 UTC+3 tarihinde Jörg Prante yazdı:

Elasticsearch is open source, so reading (and using and modifying) the
algorithms is possible. There is also a lot of introductory material
available online, and I recommend Elasticsearch - The definitive guide
if
you want paperwork.

If you create an index, ES creates shards for this index (by default
5), and different nodes receive one of such shards, so indexing and
search
is automatically distributed over the participating nodes. ES keeps a map
of shards in the cluster state, so every node is able to route a query or
an index command. You don't need to

Storing fields in _source and nested values in a strict mapping

2015-03-31 Thread Mark Adepteo

Hi,

I seem to be having an issue with getting the _source value to populate - 
I'm not sure why as I thought this happened on default - but it keeps 
coming back empty.

I also got the following error while trying to save the second value in a 
nested array (end_call_info). Do I need an _index field and if so what 
values does it need?

{error:RemoteTransportException[[es004][inet[/172.16.2.202:9300]][indices:data/write/index]];
 
nested: StrictDynamicMappingException[mapping set to strict, dynamic 
introduction of [_index] within [cdr_data] is not allowed]; ,status:400}


I made different changes to the mapping from:

1) changing _source includes and enabled,
2) Changing store values for fields

The value is always the same:
Example :

{
   
   - _index: cdr,
   - _type: cdr_data,
   - _id: vs-1426792279.84561,
   - _version: 1,
   - _score: 1,
   - _source: { }

}

Mapping is a follows:
{
dynamic:  strict,
_source:{
enabled:true,
includes: [meta.*, doc.*]
},
properties: {
uniqueid:  {
type: string,
index: not_analyzed,
store: true
},
context:  {
type: string,
index: not_analyzed,
store: true
},
start_call_info: {
type : nested,
properties: {
disposition: {
type: string,
index: not_analyzed
}
}
},
end_call_info: {
type : nested,
properties: {
uniqueid: {
type: string,
index: not_analyzed,
store: true
},
calldate: {
type: date,
format: date_hour_minute_second,
store: true
},
end_calldate: {
type: date,
format: date_hour_minute_second,
store: true
},
clid: {
type: string,
index: not_analyzed,
store: true
},
src: {
type: string,
index: not_analyzed,
store: true
},
dst: {
type: string,
index: not_analyzed,
store: true
},
dcontext: {
type: string,
index: not_analyzed,
store: true
},
channel: {
type: string,
index: not_analyzed,
store: true
},
dstchannel: {
type: string,
index: not_analyzed,
store: true
},
lastapp: {
type: string,
index: not_analyzed,
store: true
},
lastdata: {
type: string,
index: not_analyzed,
store: true
},
duration: {
type: long,
store: true
},
billsec: {
type: long,
store: true
},
call_direction: {
type: string,
index: not_analyzed,
store:no
},
disposition: {
type: string,
index: not_analyzed,
store: no
},
amaflags: {
type: long,
index: not_analyzed,
store: true
},
userfield: {
type: string,
index: not_analyzed,
store: true
},

Can I turn off kibana search highlight?

2015-03-31 Thread Lincoln Xiong

The search highlight is somehow very useful. But is there a setting or a 
configuration that allow me to turn the search highlight off?

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/a585ed41-01e7-45d9-953e-dc634b2cd0d0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: what are the research papers that ES relies on?

2015-03-31 Thread Aaron Mefford

Murmur3 appears to be coming in 2.0.  Currently it looks like it is using
DJB2.

On Tue, Mar 31, 2015 at 11:53 AM, MrBu metin.aky...@gmail.com wrote:

 Thats what I was looking for (murmur3) I really wondered what they used
 and I was going to ask about murmur3 as weel. But as I see things, are
 going pretty awesome.

 Thanks

 31 Mart 2015 Salı 00:42:45 UTC+3 tarihinde Aaron Mefford yazdı:

 I understand that if you do not have sufficient storage space, then you
 cannot manage a replica on every node.  However, you are not limited to the
 size of a usual hdd.  You can have a file system that spans many hdds.  I
 am not suggesting this, but if you have a situation where you need to
 distribute all of your data, then you can.  Also as we have little info on
 your use case, and the most typical seems to be log ingestion, in that
 scenario you can have that hot index, the most recent treated differently
 than the others.  You could have the number of replicas on your most recent
 index spread data across the entire cluster, but then as a new index comes
 online reduce the number of replicas.  You could also reindex historical
 data into fewer shards, improving performance, reducing addtl maintenance
 tasks.

 The reason I think you need to spend a bit more time reading is that the
 algorithm is very easy to find:
 http://www.elastic.co/guide/en/elasticsearch/guide/master/
 routing-value.html

 It is a very simple algorithm and standard approach to the issue of
 sharding:

 shard = hash(routing) % number_of_primary_shards


 The routing value by default is the document id, though you can specify
 your own routing value.  The specifics of which hash are not as important
 except in very odd cases.

 A bit more research shows this from the source:

 https://github.com/elastic/elasticsearch/commit/
 9ea25df64927172787f2ffa1049f9c7804a91053#diff-
 d1fcc8637b3800bf7da881b93e1de983

 Current implementations seem to use the DJB2 hash which is good but does
 have some cases such as 33 shards where it behaves poorly.  In version 2.0
 it appears they are moving to murmur3 which is a more consistent hash
 across a greater set of use cases.  Note that with the default of 5 shards,
 DJB2 performs ideally.


 On Monday, March 30, 2015 at 10:04:08 AM UTC-6, MrBu wrote:

 Aaron, thanks for the reply.

 You cant distribute all of the documents if the size of it is more than
 a usual hdd. Also that was an example I gave. I am just figuring out the
 magical ways that ES uses rather than lucene has its own.

 30 Mart 2015 Pazartesi 18:55:49 UTC+3 tarihinde Aaron Mefford yazdı:

 Automagic routing happens already on hashing the document id.  It
 sounds like you may have a situation where your document id is creating a
 hot spot.  This being the case what you want is not automagic routing but
 more control over the routing or a better document id.  There is the
 ability to code your own routing and create a more even distribution, for
 your given keyset, but I think you would be better served by a better
 document key, this isnt mongo or hbase where the document key rules the
 world.

 The other possible reason you are hot-spotting is index creation.  In a
 log ingestion scenario, the most recent index is almost always the hottest
 index.  That is where all indexing is occurring, that is where all queries
 start.  If you have tweaked the 5 shard norm and are only creating 1 shard
 that shard will be hot in this scenario.

 Your comment on routing a shard to another shard does not make any
 sense.  You need to read a bit more on what the shards are and how they
 work.  That said if you have multiple replicas of a shard, then those
 shards will automatically be distributed across all of your nodes.  In fact
 if the number of replicas is the same as the number of nodes in the
 cluster, you should automatically have all data on all nodes, and any node
 will be able to query local data, and no node will be hot because of query
 volume.  However indexing is still routed to the master shard.

 Like was mentioned previously, the code is open, however it sounds like
 you are looking to go deep water diving before learning to swim.
 On Monday, March 30, 2015 at 8:57:51 AM UTC-6, MrBu wrote:

 Jörg,

 Thanks for the input. I have read many tutorials, guides (official one
 too). Just I want to re-route in more automagic way. Like routing evenly 
 to
 the shard and duplicating mostly used shard to other shards maybe.

 30 Mart 2015 Pazartesi 10:33:19 UTC+3 tarihinde Jörg Prante yazdı:

 Elasticsearch is open source, so reading (and using and modifying)
 the algorithms is possible. There is also a lot of introductory material
 available online, and I recommend Elasticsearch - The definitive guide 
 if
 you want paperwork.

 If you create an index, ES creates shards for this index (by default
 5), and different nodes receive one of such shards, so indexing and 
 search
 is automatically distributed over the participating nodes. ES keeps a map
 of

Re: Debug Rest Plugin

2015-03-31 Thread María Carolina Bessega Lodi

Thank you David! It worked :-)

El martes, 31 de marzo de 2015, 12:13:23 (UTC-4), David Pilato escribió:

When I want to debug a plugin, I often run the
org.elasticsearch.bootstrap.Bootstrap class.
And I pass something like

-Des.foreground=true -Des.http.cors.enabled=true
-Dhttp.cors.allow-origin=/.*/ -Dhttp.cors.allow-credentials=true
-Des.path.conf=/path/to/your/config/dir/

/path/to/your/config/dir/ contains logging.yml and elasticsearch.yml

HTH

--
*David Pilato* - Developer | Evangelist
*elastic.co http://elastic.co*
@dadoonet https://twitter.com/dadoonet | @elasticsearchfr
https://twitter.com/elasticsearchfr | @scrutmydocs
https://twitter.com/scrutmydocs

Le 31 mars 2015 à 18:10, María Carolina Bessega Lodi cbes...@gmail.com
javascript: a écrit :

I created a plugin, I'm able to create the zip, install it in my cluster,
etc.
My problem comes if I want to debug from Eclipse having access to the
current data in my cluster.
To do that the easiest way should be make the debug node part of my
cluster.

Is there a way to specify elasticsearch config parameters (i.e. the
parameter you usually add in elasticsearch.yml) when you debug the java app
in your ide?

Thanks!!

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearc...@googlegroups.com javascript:.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/0dd66199-336b-4d6d-ad25-68e67fa2f30c%40googlegroups.com

https://groups.google.com/d/msgid/elasticsearch/0dd66199-336b-4d6d-ad25-68e67fa2f30c%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/bb8687b3-4d83-47e4-93b3-505b0074eb98%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: unable to get script_fields to work

2015-03-31 Thread Julia Neidert

I'm having the same problem. Were you able to resolve this? Thanks!


On Thursday, February 26, 2015 at 10:38:26 AM UTC-8, Gerald DeConto wrote:

 fyi:

 my config files (elasticsearch.yml and logging.yml) are 
 in /etc/elasticsearch.  the script_fields documentation indicated that I 
 put the test.groovy in config/scripts folder, so I assumed my location is 
 correct as I am unable to find a config folder in any elasticsearch folder


-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/1b71e8f1-7cb7-41d2-8587-b6a5f88e5ebb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Is there any blog which shows new frameworks related to elasticsearch?

2015-03-31 Thread Mark Walkom

We don't have a blog but we do include things in our weekly summary, so I
will pass this onto our community team.

Thanks for sharing it though, and good luck!

On 1 April 2015 at 06:21, Hakan Özler ozler.ha...@gmail.com wrote:

Hi all,

Does elasticsearch itself have a blog which basically combines and shows
extensions or tools made by developers from all over the world?

Why I am asking is bacause we have also implemented an extension called
Pes which helps in building inline query DSLs with less effort. Perhaps,
other developers want to contribute to this project on GitHub in order to
improve it.

https://github.com/kodcu/pes

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/5bc9-5ce5-4038-bf1d-ba58fd68a7c8%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/5bc9-5ce5-4038-bf1d-ba58fd68a7c8%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X805HPT0cmEB_jK8hEPTm%2BAsDvOWW6TPXn%2BfQMKnJy%3DJA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Groovy ElsticSearch script

2015-03-31 Thread Julia Neidert

I'm having a similar problem. Were you able to get this to work? Thanks!

On Friday, February 13, 2015 at 4:18:06 AM UTC-8, Sergio Soto Núñez wrote:

 Hi guys,
 I'm making a simple script to add information to documents.

 My first aproximation to solve my problem is based in a local script. I 
 need to parse it and before add simple field to the documents.

 My problem is making 
 import groovy.json.JsonSlurper

 def jsonFile = new File(./custom_data.json);
 def json = new JsonSlurper().parseText(jsonFile.text);
 def ident=id1;

 json[ident];

 ElasticSearch show the next error when i save the script:
 java.lang.SecurityException: Importing [groovy.json.JsonSlurper] is not 
 allowed
 at 
 org.codehaus.groovy.control.customizers.SecureASTCustomizer.assertImportIsAllowed(SecureASTCustomizer.java:609)
 at 
 org.codehaus.groovy.control.customizers.SecureASTCustomizer.call(SecureASTCustomizer.java:531)
 at 
 org.codehaus.groovy.control.CompilationUnit.applyToPrimaryClassNodes(CompilationUnit.java:1047)
 at 
 org.codehaus.groovy.control.CompilationUnit.doPhaseOperation(CompilationUnit.java:583)
 at 
 org.codehaus.groovy.control.CompilationUnit.processPhaseOperations(CompilationUnit.java:561)
 at 
 org.codehaus.groovy.control.CompilationUnit.compile(CompilationUnit.java:538)
 at groovy.lang.GroovyClassLoader.doParseClass(GroovyClassLoader.java:286)
 at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:259)
 at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:245)
 at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:203)
 at 
 org.elasticsearch.script.groovy.GroovyScriptEngineService.compile(GroovyScriptEngineService.java:119)
 at 
 org.elasticsearch.script.ScriptService$ScriptChangesListener.onFileInit(ScriptService.java:548)
 at 
 org.elasticsearch.script.ScriptService$ScriptChangesListener.onFileChanged(ScriptService.java:581)
 at 
 org.elasticsearch.watcher.FileWatcher$FileObserver.onFileChanged(FileWatcher.java:261)
 at 
 org.elasticsearch.watcher.FileWatcher$FileObserver.checkAndNotify(FileWatcher.java:112)
 at 
 org.elasticsearch.watcher.FileWatcher$FileObserver.updateChildren(FileWatcher.java:197)
 at 
 org.elasticsearch.watcher.FileWatcher$FileObserver.checkAndNotify(FileWatcher.java:98)
 at 
 org.elasticsearch.watcher.FileWatcher.doCheckAndNotify(FileWatcher.java:52)
 at 
 org.elasticsearch.watcher.AbstractResourceWatcher.checkAndNotify(AbstractResourceWatcher.java:43)
 at 
 org.elasticsearch.watcher.ResourceWatcherService$ResourceMonitor.run(ResourceWatcherService.java:180)
 at 
 org.elasticsearch.threadpool.ThreadPool$LoggingRunnable.run(ThreadPool.java:489)
 at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
 at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)
 at 
 java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)
 at 
 java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
 at 
 java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
 at 
 java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
 at java.lang.Thread.run(Thread.java:745)

 1 error
 ]
 at 
 org.elasticsearch.script.groovy.GroovyScriptEngineService.compile(GroovyScriptEngineService.java:124)
 at 
 org.elasticsearch.script.ScriptService$ScriptChangesListener.onFileInit(ScriptService.java:548)
 at 
 org.elasticsearch.script.ScriptService$ScriptChangesListener.onFileChanged(ScriptService.java:581)
 at 
 org.elasticsearch.watcher.FileWatcher$FileObserver.onFileChanged(FileWatcher.java:261)
 at 
 org.elasticsearch.watcher.FileWatcher$FileObserver.checkAndNotify(FileWatcher.java:112)
 at 
 org.elasticsearch.watcher.FileWatcher$FileObserver.updateChildren(FileWatcher.java:197)
 at 
 org.elasticsearch.watcher.FileWatcher$FileObserver.checkAndNotify(FileWatcher.java:98)
 at 
 org.elasticsearch.watcher.FileWatcher.doCheckAndNotify(FileWatcher.java:52)
 at 
 org.elasticsearch.watcher.AbstractResourceWatcher.checkAndNotify(AbstractResourceWatcher.java:43)
 at 
 org.elasticsearch.watcher.ResourceWatcherService$ResourceMonitor.run(ResourceWatcherService.java:180)
 at 
 org.elasticsearch.threadpool.ThreadPool$LoggingRunnable.run(ThreadPool.java:489)
 at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
 at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)
 at 
 java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)
 at 
 java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
 at 
 java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
 at 
 java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)


 Here all the non empty lines in elasticsearch.yaml:
 cat /etc/elasticsearch/elasticsearch.yml |grep

Re: ElasticSearch date format

2015-03-31 Thread phani . nadiminti

HI James,

Thanks for quick reply..

Thanks
phani

On Tuesday, March 31, 2015 at 7:48:42 PM UTC+5:30, James Green wrote:

I am speculating here that you should use the ISO 8601 format for dates
since this is quite common and has a timezone which yours lacks
(introducing ambiguity).

The T is a common separator between the date and time parts.

On 31 March 2015 at 14:26, phani.n...@goktree.com javascript: wrote:

Hi All,

please explain me functionality of T in date.i used the default mapping
of elasticsearch i didn't customized any thing.

mapping:

created: {
type: date,
format: dateOptionalTime
},

Thanks
phani

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearc...@googlegroups.com javascript:.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/94b29fca-637d-4d73-84fe-6af4b6300611%40googlegroups.com

https://groups.google.com/d/msgid/elasticsearch/94b29fca-637d-4d73-84fe-6af4b6300611%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/0a7fd7e8-b244-42e9-8427-752474250b07%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Wrong load distribution

2015-03-31 Thread Loïc Wenkin

Hi all,

I meet a load distribution problem today and I browsed the Internet to find 
out someone having the same problem but unfortunately, no one seems to 
have. Here is my cluster configuration:

- 4 machines with 16 Go Ram (9600 Mo allocated to JVM)
- 8 core CPUs
- Special cluster config: awareness of the vm host for shard primary and 
replica allocation (to avoid having both a primary and a replica on the 
same hardware).

I tried a (huge) insert today, and it leads to one of the 4 nodes having a 
load average extremely higher than the three others (1.5 to 2 for the 3 
relax servers vs. 12 for the high loaded one). I was thinking that 
Elasticsearch was designed to avoid it. Am I wrong here?

Any tips is welcome :)

Regards,
Loïc

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/d1aa9ed2-cdeb-4e07-aa7f-b760fb5f728e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Is there any blog which shows new frameworks related to elasticsearch?

2015-03-31 Thread Hakan Özler

Thank you :)

On Tuesday, March 31, 2015 at 11:40:47 PM UTC+3, Mark Walkom wrote:

We don't have a blog but we do include things in our weekly summary, so I
will pass this onto our community team.

Thanks for sharing it though, and good luck!

On 1 April 2015 at 06:21, Hakan Özler ozler...@gmail.com javascript:
wrote:

Hi all,

Does elasticsearch itself have a blog which basically combines and shows
extensions or tools made by developers from all over the world?

https://github.com/kodcu/pes

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearc...@googlegroups.com javascript:.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/5bc9-5ce5-4038-bf1d-ba58fd68a7c8%40googlegroups.com

https://groups.google.com/d/msgid/elasticsearch/5bc9-5ce5-4038-bf1d-ba58fd68a7c8%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/d37d7a75-a1be-4708-b5ea-dab7f4936b66%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

is _id of document affects on scoring?

2015-03-31 Thread Mohammad.R esmailzadeh



I add two same documents the only different thing is _id of documents (I 
restart scenario for each of them and I do not add them sequentially. to be 
sure my test is correct)

 one of them changes order of result of this query and one of them does not:

GET index_for_test/business/_search
{

query: {
multi_match: {
query:   italian,
type:most_fields,
fields:  [ name^10, categories ]
  }
}
}

i think it should be bug

my original question was:

https://github.com/elastic/elasticsearch/issues/10341

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/5d0eba0f-0809-4a68-b247-0640addb9119%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: is _id of document affects on scoring?

2015-03-31 Thread Adrien Grand

On Tue, Mar 31, 2015 at 3:18 PM, Mohammad.R esmailzadeh
esmailza...@gmail.com wrote:

I add two same documents the only different thing is _id of documents (I
restart scenario for each of them and I do not add them sequentially. to be
sure my test is correct)

one of them changes order of result of this query and one of them does
not:

GET index_for_test/business/_search
{

query: {
multi_match: {
query: italian,
type:most_fields,
fields: [ name^10, categories ]
}
}
}

i think it should be bug

my original question was:

https://github.com/elastic/elasticsearch/issues/10341

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/5d0eba0f-0809-4a68-b247-0640addb9119%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/5d0eba0f-0809-4a68-b247-0640addb9119%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
Adrien

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAO5%3DkAg-z%3DDqNptG14Ekp_czAYLxCZXYkgzK%3DokV3X9f6d%2BvSA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: How to merge elasticsearch 1.4.2 data with already running elasticsearch 1.4.4?

2015-03-31 Thread Adrien Grand

One option would be to take snapshots of your data in your 1.4.2 cluster
and restore it in your 1.4.4 cluster.
http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-snapshots.html

On Tue, Mar 31, 2015 at 1:33 PM, Priya G g.shanmugapriy...@gmail.com
wrote:

I am having some data in elasticsearch 1.4.2.i am also having some data in
elasticsearch 1.4.4.
Now i want to take data stored in elasticsearch 1.4.2 and i have to store
that data in elasticsearch1.4.4.

Can anyone tell me how to do?

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/e7d87a86-03a0-4f34-a97c-8b28dc6e5ac3%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/e7d87a86-03a0-4f34-a97c-8b28dc6e5ac3%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
Adrien

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAO5%3DkAjqXAHyAkTmL6xs7i%2B75fCVNbyPY_8ZPBjxEeYGNJm2dw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Kibana showing wrong sales per month

2015-03-31 Thread phani . nadiminti

Hi Schmorgs ,
   Thanks for reply. using daily netsales also I tested, those also going 
wrong and I checked my query it is fine and per year I am checking my 
monthly netsales and one more point here the date field values we are 
inserting as CST time.is it be a problem when we mapped to kibana.ES is 
representing the values in UTC i heard.is there any change in kibana we 
change time zone to CST?

date mapping is:

   created: {
  type: date,
  format: dateOptionalTime
   },

Thanks,
phani

On Friday, March 27, 2015 at 7:24:14 PM UTC+5:30, Schmorgs wrote:

 Timestamping is a pretty critical feature for Kibana so I am 99.999% 
 (recurring) that this is not an Elasticsearch issue.

 Have you checked the data that's being returned to confirm that the 
 timestamp field in the data matches the timerange in Kibana?
 i.e. is your query correct

 On Wednesday, 25 March 2015 14:14:01 UTC, phani.n...@goktree.com wrote:

 Hi All,

   i have the following scenario in kibana

  I am using kibana version 3.1.2.

   I am getting my monthly sales wrong in kibana dashboards. let say i 
 have all the data for Jan on elastic search now I created one dashboard 
 show net sales it is displaying some part of sales in december and some 
 part of sales in Jan due to that I am unable to track sale per month .

Data populating to elasticsearch is fine but coming to sales getting 
 numbers wrong but in past year sales displayed fine from kibana. please let 
 me know cause for this change?

 Thanks  Regards
 phani











-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/8273ac72-22b5-437c-a5d7-c780f8b7263a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Elastic Search - How to delete old records and improve performance

2015-03-31 Thread mkBig

Can you create a new index and exclude what you dont need. we did this 
recently because of some other mapping reason. take a snapshot (with newwer 
version) before doing so.

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/c473d836-50dd-4706-b7ab-da29cacd2612%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Question on upsert

2015-03-31 Thread Bae, Jae Hyeon

NVM, I found the problem.

On Tue, Mar 31, 2015 at 4:10 PM, Bae, Jae Hyeon metac...@gmail.com wrote:

 Hi

 I am using upsert bulk api with ES 1.4.1. The problem is, I get the
 following errors so frequently.

 Error messages is

 error - ElasticsearchIllegalArgumentException[failed to execute
 script]; nested: GroovyScriptExecutionException[NullPointerException[Cannot
 execute null+null]]; 

 and the upsert payload is

 {
 params: {
 count: 1
 },
 script: ctx._source.logcount += count,
 upsert: {
 ts: 1427842500662,
 logcount: 1,
 EVENT_TYPE: NF_ERRORS
 }
 }

 I stripped out a few fields to reduce the space.

 When I retrieve the document from ES, I found something weird, the
 document is showing upsert payload itself.

 {
 _index: nf_errors_log20150331,
 _type: default,
 _id:
 23797375spider-i-c5a68429com.netflix.cloudservice.resources.JarVersions.JarVersionsController115,
 _version: 662,
 found: true,
 _source: {
 params: {
 count: 1
 },
 script: ctx._source.logcount += count,
 upsert: {
 ts: 1427842522664,
 logcount: 1,
 EVENT_TYPE: NF_ERRORS
 }
 }
 }

 Do you have any idea what I am doing wrong?

 Thank you
 Best, Jae


-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAKe7ALffcsLjQQa4bmazYRMDux2jH6CqrQ2shnO40RQysyF13Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: mlockall

2015-03-31 Thread Mark Walkom

Can you show us the relevant config sections from the nodes that don't have
mlockall set?

On 31 March 2015 at 17:40, Cheten Dev cheten@carwale.com wrote:

Hi,

here is the info

Distributor ID: Ubuntu
Description:Ubuntu 14.04.1 LTS
Release:14.04
Codename: trusty

I have tried to set mlockall = true on two server . i am able to
successfully do it on one
but not able to do it on other server

On Tue, Mar 31, 2015 at 11:56 AM, Mark Walkom markwal...@gmail.com
wrote:

Which linux?

On 31 March 2015 at 16:16, Cheten Dev cheten@carwale.com wrote:

Hi,

I am on linux server with elasticsearch 1.5.0

On Tue, Mar 31, 2015 at 8:07 AM, Mark Walkom markwal...@gmail.com
wrote:

A bit more info would be useful.

What version of ES, what OS?

On 30 March 2015 at 22:24, Chetan Dev cheten@carwale.com wrote:

Hi,

i have tried everything written on the document to set mlackall = true
but
nothing seems working here

what am i missing here ?

Thanks

--
You received this message because you are subscribed to the Google
Groups elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send
an email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/5748d9fb-120a-4521-8caa-62b780ea0594%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/5748d9fb-120a-4521-8caa-62b780ea0594%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to a topic in the
Google Groups elasticsearch group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/R41hW2QaL0w/unsubscribe
.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-92m9Qw4j4T8gwUV6%2BumkvbAOENTTsiupMurpGf8NZSw%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X-92m9Qw4j4T8gwUV6%2BumkvbAOENTTsiupMurpGf8NZSw%40mail.gmail.com?utm_medium=emailutm_source=footer
.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google
Groups elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send
an email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAG_NmL9T4dZeHUYpN0_5gwbfppL7%2BOJyNc6t3SQUpSe9N5oN2Q%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CAG_NmL9T4dZeHUYpN0_5gwbfppL7%2BOJyNc6t3SQUpSe9N5oN2Q%40mail.gmail.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to a topic in the
Google Groups elasticsearch group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/R41hW2QaL0w/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X_5X8ubgUVPd6ZV%2Bh_EP1m72Noht4DOvMCysUieWrQp9Q%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X_5X8ubgUVPd6ZV%2Bh_EP1m72Noht4DOvMCysUieWrQp9Q%40mail.gmail.com?utm_medium=emailutm_source=footer
.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAG_NmL-ADaAv%2BUx76DUVmVc7q0CJrT%2BV5VOJnUCYtfa-7CcW2w%40mail.gmail.com
https://groups.google.com/d/msgid/elasticsearch/CAG_NmL-ADaAv%2BUx76DUVmVc7q0CJrT%2BV5VOJnUCYtfa-7CcW2w%40mail.gmail.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAEYi1X9Gfe-ZuNppxwF-ydLOQwNnDsOR0xf3A9BN5sGkkMXT_Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Health Status Red(Accidentally started another node)

2015-03-31 Thread Shomo

Today, I accidentally started another node on a different machine on the 
same LAN which resulted in my first ES instance adding this new node to the 
cluster. I killed this second node with SIGKILL and restarted my original 
ES  instance. However, on checking the health status of the various 
indices, a lot of them show red. The one's that show a red status have no. 
of replicas set to 0. The ones that are green had the number of replicas 
set to 1. Is there any way I can cleanly get the health back to Green 
without deleting and re-indexing. I am using the default setting of having 
5 shards per index. Also, for each index that has its' status as red has 
exactly one shard that is unassigned.

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/1548aca9-50b4-42be-8b08-6be1a4d99bff%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Does english analyzer prevent fields from highlighting?

2015-03-31 Thread Nikolas Everett

Using inline highlighters doesn't help highlighting.  No.  For the most
part you should stay away from inline analyzers and use a mapping instead.

On Tue, Mar 31, 2015 at 12:02 PM, Viacheslav Shalamov sslavian...@gmail.com
 wrote:

 Hi all, could you help me with little problem regarding language-specific
 analyzers and highliting in elasticsearch?

 I need search documents by a query string and highlight matched strings.
 Here is my mapping:
 {
 usr: {
 properties: {
 text0: {
 type: string,
 analyzer: english
 },
 text1: {
 type: string
 }
 }
 }
 }
 Note, that for text0 field english analyzer is set, and for text1
 field is used standard analyzer by default.

 In my index there is one document for now:

 hits: [{
 _index: tt,
 _type: usr,
 _id: AUxvIPAv84ayQMZV-3Ll,
 _score: 1,
 _source: {
 text0: highlighted. need to be highlighted.,
 text1: highlighted. need to be highlighted.
 }
 }]

 Consider following query:
 {
 query: {
 query_string : {
 query : *highlighted*
 }
 },
 highlight : {
 fields : {
 * : {}
 }
 }
 }

 I've expected each field in the document to be highlighted, but
 highlighting appeared only in text1 field (where is no analyzer set):

 hits: [{
 _type: usr,
 _source: {
 text0: highlighted. need to be highlighted.,
 text1: highlighted. need to be highlighted.
 },
 _score: 0.19178301,
 _index: tt,
 highlight: {
 text1: [
 emhighlighted/em. need to be emhighlighted/em.
 ]
 },
 _id: AUxvIPAv84ayQMZV-3Ll
 }]

 Let's consider the following query(I expected highlighted matches
 highlight because of analyzer):
 {
 query: {
 query_string : {
 query : *highlight*
 }
 },
 highlight : {
  fields : {
  * : {}
  }
 }
 }

 But there was no hist in response at all: (Did the english analyzer even
 work here?)
 hits: {
 hits: [],
 total: 0,
 max_score: null
 }

 At last, consider some curl commands (requests and responses):

 curl http://localhost:9200/tt/_analyze?field=text0; -d highlighted

 {tokens:[{
 token:*highlight*,
 start_offset:0,
 end_offset:11,
 type:ALPHANUM,
 position:1
 }]}

 curl http://localhost:9200/tt/_analyze?field=text1; -d highlighted

 {tokens:[{
 token:*highlighted*,
 start_offset:0,
 end_offset:11,
 type:ALPHANUM,
 position:1
 }]}


 We see, by passing text through the english and standard analyzers, the
 result is different.
 Finally, the question:
 *does english analyzer prevent fields from highlighting? How can I get my
 fields highlighted while full-text search?*
 P.S. I use elasticsearch v1.4.4 on my local machine with windows 8.1.

 --
 You received this message because you are subscribed to the Google Groups
 elasticsearch group.
 To unsubscribe from this group and stop receiving emails from it, send an
 email to elasticsearch+unsubscr...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/elasticsearch/59cea72f-08e3-42b2-ad0e-e5d5ba7762a8%40googlegroups.com
 https://groups.google.com/d/msgid/elasticsearch/59cea72f-08e3-42b2-ad0e-e5d5ba7762a8%40googlegroups.com?utm_medium=emailutm_source=footer
 .
 For more options, visit https://groups.google.com/d/optout.


-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAPmjWd3m3mR2OMu6nbQG-9fVh04YOL_qTjqyn-%3DKqNPAdoeHuA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Wrong load distribution

2015-03-31 Thread joergpra...@gmail.com

Do you have your shards equally distributed over the 4 nodes? Or do you use
the default of 5 shards?

Jörg

On Tue, Mar 31, 2015 at 5:28 PM, Loïc Wenkin loic.wen...@gmail.com wrote:

Hi all,

I meet a load distribution problem today and I browsed the Internet to
find out someone having the same problem but unfortunately, no one seems to
have. Here is my cluster configuration:

- 4 machines with 16 Go Ram (9600 Mo allocated to JVM)
- 8 core CPUs
- Special cluster config: awareness of the vm host for shard primary and
replica allocation (to avoid having both a primary and a replica on the
same hardware).

I tried a (huge) insert today, and it leads to one of the 4 nodes having a
load average extremely higher than the three others (1.5 to 2 for the 3
relax servers vs. 12 for the high loaded one). I was thinking that
Elasticsearch was designed to avoid it. Am I wrong here?

Any tips is welcome :)

Regards,
Loïc

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/d1aa9ed2-cdeb-4e07-aa7f-b760fb5f728e%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/d1aa9ed2-cdeb-4e07-aa7f-b760fb5f728e%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/CAKdsXoH-iy-%3D5NPb0YoYuydwd-MXR%2BuLQ7p_4m9mNVrNLyEPyg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Question on upsert

2015-03-31 Thread Bae, Jae Hyeon

Hi

I am using upsert bulk api with ES 1.4.1. The problem is, I get the
following errors so frequently.

Error messages is

error - ElasticsearchIllegalArgumentException[failed to execute
script]; nested: GroovyScriptExecutionException[NullPointerException[Cannot
execute null+null]]; 

and the upsert payload is

{
params: {
count: 1
},
script: ctx._source.logcount += count,
upsert: {
ts: 1427842500662,
logcount: 1,
EVENT_TYPE: NF_ERRORS
}
}

I stripped out a few fields to reduce the space.

When I retrieve the document from ES, I found something weird, the document
is showing upsert payload itself.

{
_index: nf_errors_log20150331,
_type: default,
_id:
23797375spider-i-c5a68429com.netflix.cloudservice.resources.JarVersions.JarVersionsController115,
_version: 662,
found: true,
_source: {
params: {
count: 1
},
script: ctx._source.logcount += count,
upsert: {
ts: 1427842522664,
logcount: 1,
EVENT_TYPE: NF_ERRORS
}
}
}

Do you have any idea what I am doing wrong?

Thank you
Best, Jae

-- 
You received this message because you are subscribed to the Google Groups 
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAKe7ALeeagTNAzeVKaBzknvtHDEoBijSw71xdcsXvpuKCWiaVQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

78 matches

Mail list logo