Use this information to troubleshoot problems with Elasticsearch in a cluster environment. Elasticsearch, a search and analytics engine used for auditing, reports, and directory sync logs, is embedded in the VMware Identity Manager virtual appliance.

Troubleshooting Elasticsearch

You can verify the health of Elasticsearch by using the following command in the VMware Identity Manager appliance.

curl 'http://localhost:9200/_cluster/health?pretty'

The command should return a result similar to the following.

         {
  "cluster_name" : "horizon",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 3,
  "number_of_data_nodes" : 3,
  "active_primary_shards" : 20,
  "active_shards" : 40,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0
}

If Elasticsearch does not start correctly or its status is red, follow these steps to troubleshoot.

  1. Ensure port 9300 is open.

    1. Update node details by adding the IP addresses of all nodes in the cluster to the /usr/local/horizon/scripts/updateiptables.hzn file:

      ALL_IPS="node1IPadd node2IPadd node3IPadd"

    2. Run the following script on all nodes in the cluster.

      /usr/local/horizon/scripts/updateiptables.hzn

  2. Restart Elasticsearch on all nodes in the cluster.

    service elasticsearch restart

  3. Check logs for more details.

    cd /opt/vmware/elasticsearch/logs

    tail -f horizon.log