Fortytwo - Answer to the Ultimate Question of Life, the Universe, and Everything

User Tools

Site Tools

Trace:
elasticsearch

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
elasticsearch [2018/12/26 16:59] – [Register snapshot repository] baumielasticsearch [2021/08/29 11:33] (current) – [Merge smaller indexes to one large index] baumi
Line 14: Line 14:
 ===== backup ===== ===== backup =====
 ==== Add backup directory to repository ==== ==== Add backup directory to repository ====
 +<code bash>
 +$ grep backup /srv/elk/elasticsearch/config/elasticsearch.yml
 +path.repo: [ "/backup" ]
 +</code>
 ==== Register snapshot repository ==== ==== Register snapshot repository ====
 <code> <code>
Line 24: Line 28:
   }   }
 } }
 +</code>
 +==== Create snapshot ====
 +<code>
 +PUT /_snapshot/backup/snapshot_$date?wait_for_completion=true
 +</code>
 +
 +===== Prune Indices with curator =====
 +<code>
 +$ cat action.yml
 +actions:
 +  1:
 +    action: delete_indices
 +    description: >-
 +      Delete indices older than 5 days (based on index name), for logstash-
 +      prefixed indices. Ignore the error if the filter does not result in an
 +      actionable list of indices (ignore_empty_list) and If you want to change the retention Days then goto unit_count:<enter no of day>.
 +    options:
 +      ignore_empty_list: True
 +      timeout_override:
 +      continue_if_exception: False
 +      disable_action: False
 +    filters:
 +    - filtertype: pattern
 +      kind: prefix
 +      value: logstash-
 +      exclude:
 +    - filtertype: age
 +      source: name
 +      direction: older
 +      timestring: '%Y.%m.%d'
 +      unit: days
 +      unit_count: 90
 +      exclude:
 +
 +$ cat config.yml
 +client:
 +  hosts:
 +    - elk-elasticsearch
 +  port: 9200
 +  url_prefix:
 +  use_ssl: False
 +  certificate:
 +  client_cert:
 +  client_key:
 +  ssl_no_validate: False
 +  http_auth:
 +  timeout: 30
 +  master_only: False
 +
 +logging:
 +  loglevel: INFO
 +  logfile:
 +  logformat: default
 +  blacklist: ['elasticsearch', 'urllib3']
 +
 +$ curator --config ./config.yml action.yml
 +</code>
 +===== Merge smaller indexes to one large index =====
 +<code>
 +$ curl --netrc --insecure --request POST --header "Content-Type: application/json" https://elk-elasticsearch:9200/_reindex -d'
 +{
 +  "source": {
 +    "index": "filebeat-7.13.2-2021.07.*"
 +  },
 +  "dest": {
 +    "index": "filebeat-7.13.2-2021.07-000001"
 +  }
 +}'
 +
 +$ curl --netrc --insecure --request PUT --header "Content-Type: application/json" https://elk-elasticsearch:9200/filebeat-7.13.2-2021.07-000001/_alias/filebeat-7.13.2
 </code> </code>
  
-{{tag>kb}}+{{tag>kb elasticsearch}}
elasticsearch.1545839951.txt.gz · Last modified: by baumi
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki