Use this information to troubleshoot problems with Elasticsearch in a cluster environment. Elasticsearch, a search and analytics engine used for auditing, reports, and directory sync logs, is embedded in the VMware Identity Manager virtual appliance.

Troubleshooting Elasticsearch

To verify the health of Elasticsearch, you must use the curl tool. If curl is not installed on the windows machine, you can query from a Linux or Mac machine to curl http://<hostname>:9200/_cluster/health?pretty The firewall must be enabled for the external querying.

The command should return a result similar to the following.

  "cluster_name" : "horizon",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 3,
  "number_of_data_nodes" : 3,
  "active_primary_shards" : 20,
  "active_shards" : 40,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0

If Elasticsearch does not start correctly or its status is red, follow these steps to troubleshoot.

  1. Ensure port 9300 is open.

    1. Update node details by adding the IP addresses of all nodes in the cluster to the \usr\local\horizon\scripts\updateiptables.hzn file.

      ALL_IPS="node1IPadd node2IPadd node3IPadd"

    2. Run the following script on all nodes in the cluster.


  2. Restart Elasticsearch on all nodes in the cluster.

  3. Check logs for more details.

    cd /opt/vmware/elasticsearch/logs

    You can user either Powershell or NotePad++ with the Document Monitor Plugin to monitor the log files. In Powershell, the syntax is, Get-Conent myTestLog.log-Wait.