

Last date modified: September 30 2025
This document provides troubleshooting guidance for common Elasticsearch issues encountered during installation, configuration, and operation in Relativity Server environments.
This guide assumes a default Elasticsearch installation path of C:\elastic\elasticsearch
. Adjust paths according to your actual installation directory.
Before troubleshooting Elasticsearch, verify that all required Elastic Stack services are running. If any of these are not running, other troubleshooting steps may be irrelevant.
Check all required services:
Get-Service -Name elasticsearch-service-x64, kibana, apm-server | Format-Table -AutoSize
OR
Get-Service -Name elasticsearch, kibana, apm-server | Format-Table -AutoSize
Status Name DisplayName
------ ---- -----------
Running elasticsearch elasticsearch
Running kibana kibana
Running apm-server apm-server
kibana
Windows service may not exist if Kibana was not installed as a Windows service (e.g., via NSSM). NSSM is not required; Kibana can be run manually or as a scheduled task. Only check for the kibana
service if you have installed it as a service.Symptoms:
Troubleshooting Steps:
Check Service Status:
Get-Service -Name elasticsearch-service-x64 | Select-Object Status, StartType, Name
OR
Get-Service -Name elasticsearch | Select-Object Status, StartType, Name
Status StartType Name
------ --------- ----
Running Automatic elasticsearch
Verify Service Configuration:
(Get-CimInstance Win32_Service -Filter "Name = 'elasticsearch-service-x64'").StartName
OR
(Get-CimInstance Win32_Service -Filter "Name = 'elasticsearch'").StartName
LocalSystem
Check Elasticsearch Logs:
C:\elastic\elasticsearch-8.17.3\logs\
).elasticsearch.log
) for error messages.For detailed logging information, refer to the official Elasticsearch logging documentation
JAVA_HOME
environment variable is defined, Elasticsearch will use the specified Java version instead of the bundled one.JAVA_HOME
is set correctly.Start Service Manually:
Start-Service elasticsearch-service-x64
OR
Start-Service elasticsearch
(No output if successful. Service status will be "Running" after execution.)
Symptoms:
Troubleshooting Steps:
C:\elastic\elasticsearch\logs\
elasticsearch.log
) for errorsAlways check the latest error in the Elasticsearch log and troubleshoot accordingly. This approach should be followed everywhere.
Verify Disk Space:
# Check disk space
Get-WmiObject -Class Win32_LogicalDisk | Select-Object DeviceID, @{Name="FreeSpace(%)";Expression={[math]::Round(($_.FreeSpace/$_.Size)*100,2)}}
DeviceID FreeSpace(%)
-------- ------------
C: 22.15
D: 48.92
For port-related issues, see the Port Configuration Troubleshooting guide.
Symptoms:
Troubleshooting Steps:
Check Current Memory Usage:
Get-WmiObject -Class Win32_PhysicalMemory | Measure-Object -Property Capacity -Sum
Count : 2
Average :
Sum : 34359738368
Property : Capacity
Sum
is the total RAM in bytes (e.g., 34359738368 bytes = 32 GB).
C:\elastic\elasticsearch\config\jvm.options
file:# Recommended: Set Xms and Xmx to same value
# Example for system with 8GB+ RAM:
-Xms4g
-Xmx4g
Set heap to 50% of available RAM, maximum 32GB. Monitor current memory usage before making changes.
Symptoms:
Troubleshooting Steps:
Verify User Exists:
curl.exe -k -X GET "https://<hostname_or_ip>:9200/_security/user/<username>" -u <username>:<password>
{
"<username>": {
"username": "<username>",
"roles": [
"superuser"
],
...
}
}
Reset Password:
C:\elastic\elasticsearch\bin\elasticsearch-reset-password.bat -u <username>
Password for the [<username>] user successfully reset.
Verify Security Configuration:
C:\elastic\elasticsearch\config\elasticsearch.yml
:
xpack.security.enabled: true
Also verify that the URL you are using is https://<username>:9200/
Symptoms:
Troubleshooting Steps:
Check Cluster Health:
curl.exe -k -u <username>:<password> -X GET "https://<hostname_or_ip>:9200/_cluster/health?pretty"
{
"cluster_name": "elasticsearch",
"status": "green",
"timed_out": false,
"number_of_nodes": 3,
"number_of_data_nodes": 3
}
Verify Node Status:
curl.exe -k -u <username>:<password> -X GET "https://<hostname_or_ip>:9200/_cat/nodes?v"
ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name
<ip address> 14 95 28 cdfhilmrstw * <node name>
Check Index Health:
curl.exe -k -u <username>:<password> -X GET "https://<hostname_or_ip>:9200/_cat/indices?v"
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
green open myindex 1a2b3c4d5e6f7g8h9i0j 1 1 1000 0 1.2mb 600kb
Monitor Performance:
curl.exe -k -u <username>:<password> -X GET "https://<hostname_or_ip>:9200/_nodes/stats?pretty"
{
"nodes": {
"node_id": {
"name": "node-1",
"host": "10.0.0.1",
...
}
}
}
On this page
Why was this not helpful?
Check one that applies.
Thank you for your feedback.
Want to tell us more?
Great!