Nagios Support Forum

Hi,

I am getting 500 Internal server error in Nagios log server user interface. Error details are given below.

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at ########.cognizant.com to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

/etc/httpd/logs/error_log:

[Thu Jun 02 08:25:18.553316 2016] [core:notice] [pid 47564] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Thu Jun 02 10:13:01.298732 2016] [core:error] [pid 48201] [client 10.1.2.2:50887] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.
cat: /var/run/elasticsearch/elasticsearch.pid: No such file or directory
[Thu Jun 02 11:09:07.940300 2016] [core:error] [pid 48201] [client 10.1.2.2:62651] AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.

When I have checked in Nagios log server forum for the specific internal error(
https://support.nagios.com/forum/viewto ... or#p141893)

they have mentioned to see the output of below commands

[root@COGNISRV03 /]# curl -XGET 'http://localhost:9200/_cluster/health?pretty=true'
curl: (7) Failed connect to localhost:9200; Connection refused
[root@COGNISRV03 /]# curl -s localhost:9200/_cat/shards

on running those commands, I am getting connection refused error.

Could you please help us in resolving this 500 Internal server error.

Yesterday, After running this command I have started facing the issue.

cp /etc/selinux/config /etc/selinux/config.bak && sed -i s/SELINUX=enabled/SELINUX=disabled/g /etc/selinux/config && shutdown now -r

Does internal server error is thrown because of the shut down which is present in above command( shutdown now -r
)?

What is the output of a 'service elasticsearch status' command?

Hi,

I couldn't able to remember the error exactly .i think 'unable to find thread main 'something like that

Can you run the command once again, and show us the full output? Without that it's hard to know what's going on with your system.

Hi

Please find the status of the elastic search command output here

[root@COGNISRV03 ~]# service elasticsearch status
elasticsearch.service - LSB: This service manages the elasticsearch daemon
Loaded: loaded (/etc/rc.d/init.d/elasticsearch)
Active: active (exited) since Wed 2016-06-01 13:42:55 CEST; 1 day 18h ago
Process: 2775 ExecStart=/etc/rc.d/init.d/elasticsearch start (code=exited, status=0/SUCCESS)

Jun 01 13:42:56 COGNISRV03 elasticsearch[2775]: at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141)
Jun 01 13:42:56 COGNISRV03 elasticsearch[2775]: at java.net.URLClassLoader.defineClass(URLClassLoader.java:283)
Jun 01 13:42:56 COGNISRV03 elasticsearch[2775]: at java.net.URLClassLoader.access$000(URLClassLoader.java:58)
Jun 01 13:42:56 COGNISRV03 elasticsearch[2775]: at java.net.URLClassLoader$1.run(URLClassLoader.java:197)
Jun 01 13:42:56 COGNISRV03 elasticsearch[2775]: at java.security.AccessController.doPrivileged(Native Method)
Jun 01 13:42:56 COGNISRV03 elasticsearch[2775]: at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
Jun 01 13:42:56 COGNISRV03 elasticsearch[2775]: at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
Jun 01 13:42:56 COGNISRV03 elasticsearch[2775]: at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
Jun 01 13:42:56 COGNISRV03 elasticsearch[2775]: at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
Jun 01 13:42:56 COGNISRV03 elasticsearch[2775]: Could not find the main class: org.elasticsearch.bootstrap.Elasticsearch. Program will exit.
[root@COGNISRV03 ~]#

Can I please get some details about your installation?

Was this installation done with our .ova, or did you install manually?

What's the output of the follow commands ran in the order listed:

[root@COGNISRV03 selinux]# free -m
total used free shared buffers cached
Mem: 7817 2050 5767 8 0 828
-/+ buffers/cache: 1220 6596
Swap: 8079 0 8079


top - 14:09:51 up 1:07, 1 user, load average: 0.00, 0.01, 0.05
Tasks: 256 total, 1 running, 255 sleeping, 0 stopped, 0 zombie
%Cpu(s): 1.3 us, 0.8 sy, 0.4 ni, 96.5 id, 0.9 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem: 8005280 total, 2099660 used, 5905620 free, 764 buffers
KiB Swap: 8273916 total, 0 used, 8273916 free. 848396 cached Mem


[root@COGNISRV03 selinux]# tail /var/log/messages
Jun 6 13:02:27 COGNISRV03 kernel: shpchp: Standard Hot Plug PCI Controller Driver version: 0.4
Jun 6 13:02:27 COGNISRV03 systemd: Starting LVM2 PV scan on device 8:2...
Jun 6 13:02:27 COGNISRV03 kernel: input: PC Speaker as /devices/platform/pcspkr/input/input3
Jun 6 13:02:27 COGNISRV03 systemd: Found device Virtual_disk.
Jun 6 13:02:27 COGNISRV03 systemd: Starting File System Check on /dev/disk/by-uuid/90f1745f-8edb-4d95-8445-62ce6a4ccb15...
Jun 6 13:02:27 COGNISRV03 pvscan: 3 logical volume(s) in volume group "rhel" now active
Jun 6 13:02:27 COGNISRV03 kernel: ppdev: user-space parallel port driver
Jun 6 13:02:27 COGNISRV03 systemd-fsck: /sbin/fsck.xfs: XFS file system.
Jun 6 13:02:27 COGNISRV03 systemd: Started File System Check on /dev/disk/by-uuid/90f1745f-8edb-4d95-8445-62ce6a4ccb15.
Jun 6 13:02:27 COGNISRV03 systemd: Mounting /boot...
[root@COGNISRV03 selinux]#



[root@COGNISRV03 selinux]# tail /var/log/elasticsearch/*log
==> /var/log/elasticsearch/21434b9f-bca8-449b-a24d-3eeff2e8f5d4_index_indexing_slowlog.log <==

==> /var/log/elasticsearch/21434b9f-bca8-449b-a24d-3eeff2e8f5d4_index_search_slowlog.log <==

==> /var/log/elasticsearch/21434b9f-bca8-449b-a24d-3eeff2e8f5d4.log <==

==> /var/log/elasticsearch/432b62f3-320c-48be-804b-cf1e54fa325c_index_indexing_slowlog.log <==

==> /var/log/elasticsearch/432b62f3-320c-48be-804b-cf1e54fa325c_index_search_slowlog.log <==

==> /var/log/elasticsearch/432b62f3-320c-48be-804b-cf1e54fa325c.log <==
[2016-06-06 13:03:58,494][INFO ][plugins ] [c32b6fa1-5806-424d-a1d3-7adabf6a3691] loaded [knapsack-1.5.2.0-f340ad1], sites []
[2016-06-06 13:03:58,549][INFO ][env ] [c32b6fa1-5806-424d-a1d3-7adabf6a3691] using [1] data paths, mounts [[/ (rootfs)]], net usable_space [27.7gb], net total_space [49.9gb], types [rootfs]
[2016-06-06 13:04:04,175][INFO ][node ] [c32b6fa1-5806-424d-a1d3-7adabf6a3691] initialized
[2016-06-06 13:04:04,175][INFO ][node ] [c32b6fa1-5806-424d-a1d3-7adabf6a3691] starting ...
[2016-06-06 13:04:04,309][INFO ][transport ] [c32b6fa1-5806-424d-a1d3-7adabf6a3691] bound_address {inet[/0:0:0:0:0:0:0:0:9300]}, publish_address {inet[/10.8.200.199:9300]}
[2016-06-06 13:04:04,383][INFO ][discovery ] [c32b6fa1-5806-424d-a1d3-7adabf6a3691] 432b62f3-320c-48be-804b-cf1e54fa325c/GGmFoCnwTUW90UnrywTloA
[2016-06-06 13:04:07,440][INFO ][cluster.service ] [c32b6fa1-5806-424d-a1d3-7adabf6a3691] new_master [c32b6fa1-5806-424d-a1d3-7adabf6a3691][GGmFoCnwTUW90UnrywTloA][COGNISRV03][inet[/10.8.200.199:9300]]{max_local_storage_nodes=1}, reason: zen-disco-join (elected_as_master)
[2016-06-06 13:04:07,526][INFO ][http ] [c32b6fa1-5806-424d-a1d3-7adabf6a3691] bound_address {inet[/127.0.0.1:9200]}, publish_address {inet[localhost/127.0.0.1:9200]}
[2016-06-06 13:04:07,526][INFO ][node ] [c32b6fa1-5806-424d-a1d3-7adabf6a3691] started
[2016-06-06 13:04:07,538][INFO ][gateway ] [c32b6fa1-5806-424d-a1d3-7adabf6a3691] recovered [2] indices into cluster_state



[root@COGNISRV03 selinux]# service logstash status
Logstash Daemonlogstash.service - LSB: Logstash
Loaded: loaded (/etc/rc.d/init.d/logstash)
Active: active (exited) since Mon 2016-06-06 13:03:19 CEST; 1h 7min ago
Process: 2989 ExecStart=/etc/rc.d/init.d/logstash start (code=exited, status=0/SUCCESS)

Jun 06 13:03:18 COGNISRV03 systemd[1]: Starting LSB: Logstash...
Jun 06 13:03:18 COGNISRV03 runuser[2996]: pam_unix(runuser:session): session opened for user root by (uid=0)
Jun 06 13:03:19 COGNISRV03 logstash[2989]: Starting Logstash Daemon: WARNING: Default JAVA_OPTS will be overridden by the JAVA_OPTS defined in the environm...server/tmp
Jun 06 13:03:19 COGNISRV03 logstash[2989]: [ OK ]
Jun 06 13:03:19 COGNISRV03 systemd[1]: Started LSB: Logstash.
Jun 06 13:03:44 COGNISRV03 runuser[2996]: pam_unix(runuser:session): session closed for user root
Hint: Some lines were ellipsized, use -l to show in full.
[root@COGNISRV03 selinux]#


[root@COGNISRV03 selinux]# service elasticsearch status
elasticsearch.service - LSB: This service manages the elasticsearch daemon
Loaded: loaded (/etc/rc.d/init.d/elasticsearch)
Active: active (exited) since Mon 2016-06-06 13:02:47 CEST; 1h 8min ago
Process: 2797 ExecStart=/etc/rc.d/init.d/elasticsearch start (code=exited, status=0/SUCCESS)

Jun 06 13:02:49 COGNISRV03 elasticsearch[2797]: at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141)
Jun 06 13:02:49 COGNISRV03 elasticsearch[2797]: at java.net.URLClassLoader.defineClass(URLClassLoader.java:283)
Jun 06 13:02:49 COGNISRV03 elasticsearch[2797]: at java.net.URLClassLoader.access$000(URLClassLoader.java:58)
Jun 06 13:02:49 COGNISRV03 elasticsearch[2797]: at java.net.URLClassLoader$1.run(URLClassLoader.java:197)
Jun 06 13:02:49 COGNISRV03 elasticsearch[2797]: at java.security.AccessController.doPrivileged(Native Method)
Jun 06 13:02:49 COGNISRV03 elasticsearch[2797]: at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
Jun 06 13:02:49 COGNISRV03 elasticsearch[2797]: at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
Jun 06 13:02:49 COGNISRV03 elasticsearch[2797]: at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
Jun 06 13:02:49 COGNISRV03 elasticsearch[2797]: at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
Jun 06 13:02:49 COGNISRV03 elasticsearch[2797]: Could not find the main class: org.elasticsearch.bootstrap.Elasticsearch. Program will exit.
[root@COGNISRV03 selinux]#


ps -ef command output:
-----------------------------

root 775 2 0 13:02 ? 00:00:00 [xfsaild/dm-2]
root 780 1 0 13:02 ? 00:00:00 /sbin/auditd -n
root 812 1 0 13:02 ? 00:00:00 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
avahi 815 1 0 13:02 ? 00:00:00 avahi-daemon: running [COGNISRV03.local]
root 818 1 0 13:02 ? 00:00:00 /usr/bin/python -Es /usr/sbin/tuned -l -P
root 820 1 0 13:02 ? 00:00:00 /usr/sbin/irqbalance --foreground
root 822 1 0 13:02 ? 00:00:00 /usr/lib/systemd/systemd-logind
dbus 823 1 0 13:02 ? 00:00:00 /bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
root 827 1 0 13:02 ? 00:00:00 /usr/sbin/crond -n
root 836 1 0 13:02 tty1 00:00:00 /sbin/agetty --noclear tty1
avahi 842 815 0 13:02 ? 00:00:00 avahi-daemon: chroot helper
root 848 1 0 13:02 ? 00:00:00 /sbin/iprinit --daemon
root 852 1 0 13:02 ? 00:00:00 /sbin/iprupdate --daemon
root 860 1 0 13:02 ? 00:00:00 /sbin/iprdump --daemon
root 950 1 0 13:02 ? 00:00:00 /usr/sbin/NetworkManager --no-daemon
polkitd 1356 1 0 13:02 ? 00:00:00 /usr/lib/polkit-1/polkitd --no-debug
root 1426 950 0 13:02 ? 00:00:00 /sbin/dhclient -d -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-eno16777752.pid -lf /var/lib/NetworkManager/dhcl
root 1551 1 0 13:02 ? 00:00:00 /usr/bin/rhsmcertd
root 1555 1 0 13:02 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
root 1556 1 0 13:02 ? 00:00:00 /usr/sbin/sshd -D
root 2047 1 0 13:02 ? 00:00:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysq
mysql 2688 2047 0 13:02 ? 00:00:01 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --log-error=/
root 2689 1 0 13:02 ? 00:00:00 sendmail: accepting connections
smmsp 2740 1 0 13:02 ? 00:00:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
apache 2806 1555 0 13:02 ? 00:00:01 /usr/sbin/httpd -DFOREGROUND
apache 2808 1555 0 13:02 ? 00:00:01 /usr/sbin/httpd -DFOREGROUND
root 2858 1556 0 13:02 ? 00:00:00 sshd: root@pts/0
root 2872 2858 0 13:02 pts/0 00:00:00 -bash
apache 2904 1555 0 13:03 ? 00:00:01 /usr/sbin/httpd -DFOREGROUND
apache 2929 1555 0 13:03 ? 00:00:01 /usr/sbin/httpd -DFOREGROUND
root 3127 1 1 13:03 ? 00:00:56 splunkd -p 8089 start
root 3128 3127 0 13:03 ? 00:00:02 [splunkd pid=3127] splunkd -p 8089 start [process-runner]
root 3409 3128 0 13:03 ? 00:00:07 /usr/share/Splunklight/splunk/bin/python -O /usr/share/Splunklight/splunk/lib/python2.7/site-packages/splunk/appserver/m
root 3730 3128 0 13:03 ? 00:00:02 /usr/share/Splunklight/splunk/bin/splunkd instrument-resource-usage -p 8089
nagios 3930 1 0 13:03 ? 00:00:20 /Installables/jdk1.7.0_75//bin/java -Xms3908m -Xmx3908m -Djava.awt.headless=true -XX:+UseParNewGC -XX:+UseConcMarkSweepG
apache 4258 1555 0 13:04 ? 00:00:01 /usr/sbin/httpd -DFOREGROUND
apache 4259 1555 0 13:04 ? 00:00:01 /usr/sbin/httpd -DFOREGROUND
apache 6237 1555 0 13:09 ? 00:00:01 /usr/sbin/httpd -DFOREGROUND
root 23559 2 0 13:55 ? 00:00:00 [kworker/1:1]
root 24304 2 0 13:58 ? 00:00:00 [kworker/0:0]
root 26134 2 0 14:02 ? 00:00:00 [kworker/u128:1]
root 26754 2 0 14:03 ? 00:00:00 [kworker/1:3]
root 26763 2 0 14:04 ? 00:00:00 [kworker/0:2]
apache 27874 1555 0 14:07 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 27875 1555 0 14:07 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
apache 27876 1555 0 14:07 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
root 28588 2 0 14:08 ? 00:00:00 [kworker/1:0]
root 28951 2 0 14:10 ? 00:00:00 [kworker/u128:2]
root 29038 2 0 14:10 ? 00:00:00 [kworker/0:1]
root 29443 2872 0 14:11 pts/0 00:00:00 ps -ef
[root@COGNISRV03 selinux]#


[root@COGNISRV03 selinux]# cat /etc/*release*
NAME="Red Hat Enterprise Linux Server"
VERSION="7.0 (Maipo)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="7.0"
PRETTY_NAME="Red Hat Enterprise Linux"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:7.0:GA:server"
HOME_URL="https://www.redhat.com/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7"
REDHAT_BUGZILLA_PRODUCT_VERSION=7.0
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION=7.0
Red Hat Enterprise Linux Server release 7.0 (Maipo)
Red Hat Enterprise Linux Server release 7.0 (Maipo)
cpe:/o:redhat:enterprise_linux:7.0:ga:server
[root@COGNISRV03 selinux]#

That looks healthy right now. Are you still unable to do a curl against the ElasticSearch API?

I am able to proceed. But thing is why logstash is not showing the instances running when trying to execute ps -ef |grep -i logstash .

[root@COGNISRV03 ~]# ps -ef|grep -i logstash
root 36818 36442 0 12:45 pts/0 00:00:00 grep --color=auto -i logstash
[root@COGNISRV03 ~]#

how can i check whether logstash is running with ps command. I am able to see the instances of elastic search

[root@COGNISRV03 ~]# ps -ef|grep -i elastic
nagios 5350 1 0 08:30 ? 00:00:45 /Installables/jdk1.7.0_75//bin/java -Xms3908m -Xmx3908m -Djava.awt.headless=true -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -XX:+HeapDumpOnOutOfMemoryError -XX:+DisableExplicitGC -Dfile.encoding=UTF-8 -Des.cluster.name=432b62f3-320c-48be-804b-cf1e54fa325c -Des.node.name=c32b6fa1-5806-424d-a1d3-7adabf6a3691 -Des.discovery.zen.ping.unicast.hosts=localhost -Des.path.repo=/ -Delasticsearch -Des.pidfile=/var/run/elasticsearch/elasticsearch.pid -Des.path.home=/usr/local/nagioslogserver/elasticsearch -cp :/usr/local/nagioslogserver/elasticsearch/lib/elasticsearch-1.6.0.jar:/usr/local/nagioslogserver/elasticsearch/lib/*:/usr/local/nagioslogserver/elasticsearch/lib/sigar/* -Des.default.path.home=/usr/local/nagioslogserver/elasticsearch -Des.default.path.logs=/var/log/elasticsearch -Des.default.path.data=/usr/local/nagioslogserver/elasticsearch/data -Des.default.path.work=/usr/local/nagioslogserver/tmp/elasticsearch -Des.default.path.conf=/usr/local/nagioslogserver/elasticsearch/config org.elasticsearch.bootstrap.Elasticsearch
root 36880 36442 0 12:46 pts/0 00:00:00 grep --color=auto -i elastic
[root@COGNISRV03 ~]#

Even if elastic search is running , the status is exited:(.
For logstash also it is in exited status instead of running.

this should show as running on executing status command(just like rsyslog) right?

[root@COGNISRV03 ~]# service logstash status
Logstash Daemonlogstash.service - LSB: Logstash
Loaded: loaded (/etc/rc.d/init.d/logstash)
Active: active (exited) since Tue 2016-06-07 08:30:42 CEST; 4h 16min ago
Process: 5555 ExecStop=/etc/rc.d/init.d/logstash stop (code=exited, status=0/SUCCESS)
Process: 5580 ExecStart=/etc/rc.d/init.d/logstash start (code=exited, status=0/SUCCESS)

Jun 07 08:30:42 COGNISRV03 systemd[1]: Starting LSB: Logstash...
Jun 07 08:30:42 COGNISRV03 runuser[5586]: pam_unix(runuser:session): session opened for user root by (uid=0)
Jun 07 08:30:42 COGNISRV03 logstash[5580]: Starting Logstash Daemon: WARNING: Default JAVA_OPTS will be overridden by the JAVA_OPTS defined in the environm...server/tmp
Jun 07 08:30:42 COGNISRV03 logstash[5580]: [ OK ]
Jun 07 08:30:42 COGNISRV03 systemd[1]: Started LSB: Logstash.
Hint: Some lines were ellipsized, use -l to show in full.

[root@COGNISRV03 ~]# service rsyslog status
Redirecting to /bin/systemctl status rsyslog.service
rsyslog.service - System Logging Service
Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled)
Active: active (running) since Tue 2016-06-07 09:47:26 CEST; 3h 12min ago
Main PID: 35010 (rsyslogd)
CGroup: /system.slice/rsyslog.service
ââ35010 /usr/sbin/rsyslogd -n

Jun 07 09:47:26 COGNISRV03 systemd[1]: Started System Logging Service.


[root@COGNISRV03 ~]# service elasticsearch status
elasticsearch.service - LSB: This service manages the elasticsearch daemon
Loaded: loaded (/etc/rc.d/init.d/elasticsearch)
Active: active (exited) since Tue 2016-06-07 08:25:55 CEST; 4h 45min ago
Process: 2814 ExecStart=/etc/rc.d/init.d/elasticsearch start (code=exited, status=0/SUCCESS)

Jun 07 08:25:57 COGNISRV03 elasticsearch[2814]: at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141)
Jun 07 08:25:57 COGNISRV03 elasticsearch[2814]: at java.net.URLClassLoader.defineClass(URLClassLoader.java:283)
Jun 07 08:25:57 COGNISRV03 elasticsearch[2814]: at java.net.URLClassLoader.access$000(URLClassLoader.java:58)
Jun 07 08:25:57 COGNISRV03 elasticsearch[2814]: at java.net.URLClassLoader$1.run(URLClassLoader.java:197)
Jun 07 08:25:57 COGNISRV03 elasticsearch[2814]: at java.security.AccessController.doPrivileged(Native Method)
Jun 07 08:25:57 COGNISRV03 elasticsearch[2814]: at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
Jun 07 08:25:57 COGNISRV03 elasticsearch[2814]: at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
Jun 07 08:25:57 COGNISRV03 elasticsearch[2814]: at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
Jun 07 08:25:57 COGNISRV03 elasticsearch[2814]: at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
Jun 07 08:25:57 COGNISRV03 elasticsearch[2814]: Could not find the main class: org.elasticsearch.bootstrap.Elasticsearch. Program will exit.[root@COGNISRV03 ~]#

Did you install on a clean, minimal system? Elasticsearch/logstash shouldn't be behaving that way.
Also, ps -ef: