Deleting old logs in elasticsearch came from logstash
Question
I wanted to delete the old logs in elastic search which came from the logstash.
I have read regarding the curator which can be used for removing this.
But it always points that it will remove old indices which is older than so many days. Will it actually remove my indices if I execute it ? or just old logs in that particular index.
I have custom index like a, b , c etc. I dont have timestring parameters in my indices.
curator delete indices --older-than 14 --time-unit days --timestring %Y.%m.%d --regex '^logstash-'
How to execute the deletion of indices in these format.?
1 answers
solution1
0 2017-11-03 00:57:41
Curator cannot remove data from an index. It can only remove one or more indices. This makes it especially hard for you since your index hames are not time-series in nature (the a, b, c, etc. you mentioned).
You should switch to using time-series indices and gradually phase out the named, non-timeseries indices.
It's also apparent you're reading about older versions of curator, based on the syntax you're sharing. That is the old Curator 3.x syntax. Curator 3.x is deprecated, as it only supports Elasticsearch 1.x indices and 2.x indices. Curator 4.x supports 2.x indices, and 5.x indices. Curator 5.x support Elasticsearch 5.x indices only. See https://www.elastic.co/guide/en/elasticsearch/client/curator/5.3/version-compatibility.html
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.