Analysis of log loss between Logstash and elasticsearch
I'm trying to understand the reason why Logstash (or Elasticsearch, I haven't figured it out yet) is losing some logs under load (In moment when performance test of our service is proceeding). I can't see about 15% of logs in Kibana.
Logstash is in a container on a host that is on the same subnet as the host on which the Elasticsearch container is deployed.
I dump from the host running the Logstash container and see something strange.
A lot of retransmits and Dup ACK packets from the container to the host with elasticsearch. What could be the cause of this behavior?
172.26.1.5 - This is Logstash container of host 172.16.103.101, 172.16.103.110 and 172.16.103.109 - This is a elasticsearch hosts, whre elastic container running
Performance Testing Host -> NGINX -> Service -> Logstach -> Elasticsearch