Follow the below steps to troubleshoot the issue -
- We need to check whether elastic search is accessible or not by using http[s]://[hostname]:[port]/
Example: http://localhost:9200/ - Make sure SapphireES and SapphireIMSLogAnalyzer services are running.
- Verify data collection is happening or not using following URL http[s]://[hostname]:[port]/_cat/indices
Example: http://localhost:9200/_cat/indices - Verify Raw Data collected or not in another tab
- If Raw data is collecting data then verify the Errors in LogAnalyzer.log in following path SapphireIMS\Plugins\LogAnalyzer\log, we may come across errors like indexnotfound.
- To recreate the template, using command prompt run “run.bat” in following path SapphireIMS\Plugins\LogAnalyzer\upgrade\DREC\
- Delete the current index which gets recreated automatically by using following command in command prompt in administrator mode
“curl.exe -XDELETE http[s]://[hostname]:[port]/[indexname]”
Example: “curl.exe -XDELETE http://localhost:9200/”
Index we can get from accessing URL as mentioned in #3 ( Example: http://localhost:9200/_cat/indices ) and curl.exe can be obtained from location (SapphireIMS\Plugins\LogAnalyzer\bin)