엘라스틱서치 아래와 같이 설정 변경 후 구동시 에러발생 [darksharavim.tistory.com]vi /etc/elasticsearch/elasticsearch.yml network.host: _site_ [2022-06-16T16:39:36,037][ERROR][o.e.b.Bootstrap ] [node-1] node validation exception [1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch. bootstrap check failure [1] of [1]: memory locking requested for elas..

다운로드 https://www.elastic.co/kr/downloads/elasticsearch Download Elasticsearch Download Elasticsearch or the complete Elastic Stack (formerly ELK stack) for free and start searching and analyzing in minutes with Elastic. www.elastic.co 설치환경 [darksharavim.tistory.com]cat /etc/redhat-release Rocky Linux release 8.6 (Green Obsidian) 엘라스틱서치 GPG키 및 레포지토리 추가 [darksharavim.tistory.com]rpm --import https..

auditbeat설치 후 elasticsearch 로그 확인시 아래와 같이 오류발생 index [.async-search] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block]; 쌓여지는 데이터가 많다보니 발생하였습니다. 해서 디스크 공간이 부족하여 / 을 증설하였습니다. 1 2 3 4 5 6 7 8 9 # fdisk /dev/sda # pvcreate /dev/sda3 # vgextend centos_mail /dev/sda3 # lvextend -l+100%FREE /dev/centos_mail/root # xfs_growfs /dev/centos..

아파치 에러로그 [Sun Jan 31 16:07:40.266665 2021] [access_compat:error] [pid 14356] [client 18.183.46.74:50067] AH01797: client denied by server configuration: /DATA/darksharavim/html/xmlrpc.php grok filter 설정값 \[(?%{DAY:day} %{MONTH:month} %{MONTHDAY} %{TIME} %{YEAR})\] \[.*:%{LOGLEVEL:loglevel}\] \[pid %{NUMBER:pid}\] \[client %{IP:clientip}:.*\] %{GREEDYDATA:errormsg} 결과값 { "timestamp": [ "Sun Jan 3..

엘라스틱 health 확인시 아래와 같이 상태값이 503 # curl -XGET "localhost:9200/_cluster/health?pretty" { "error" : { "root_cause" : [ { "type" : "master_not_discovered_exception", "reason" : null } ], "type" : "master_not_discovered_exception", "reason" : null }, "status" : 503 } 추가확인시 클러스터 uuid값이 나오지 않았음 # curl http://localhost:9200/ { "name" : "node-1", "cluster_name" : "elasticsearch", "cluster_uuid" : "_na_",..