All shards are unassigned, no index name in _cat/shards

Hi All,

After running the _cat/shards command I get the below,
warning 3 p STARTED 0 160b 10.0.0.4 Karl Mordo
warning 3 r UNASSIGNED
warning 2 p STARTED 0 160b 10.0.0.4 Karl Mordo
warning 2 r UNASSIGNED
warning 4 p STARTED 0 160b 10.0.0.4 Karl Mordo
warning 4 r UNASSIGNED
warning 1 p STARTED 0 160b 10.0.0.4 Karl Mordo
warning 1 r UNASSIGNED
warning 0 p STARTED 0 160b 10.0.0.4 Karl Mordo
warning 0 r UNASSIGNED

It did not mention index name , and mentioned "Warning"
I was trying to use the below script to reassign the shards, however it would not work as the index name does not exist as mentioned above

for shard in $(curl -XGET http://localhost:9200/_cat/shards | grep UNASSIGNED | awk '{print $2}'); do
curl -XPOST 'localhost:9200/_cluster/reroute' -d '{
"commands" : [ {
"allocate" : {
"index" : "t37",
"shard" : $shard,
"node" : "datanode15",
"allow_primary" : true
}
}
]
}'
sleep 5
done

also note when I open the \elasticsearch-2.3.4\data\elasticsearch\nodes\0\indices
I found no indexes, only a "warning" folder, however the rest from 1 to 5 all have data for the indexes

Thanks in advance

Is this cluster internet facing?

yes it is , it is currently single node, 5 shards

Then you have been hit by Ransom attack on Elasticsearch cluster?

Thanks very much for pointing me to this , unfortunately that is exactly what happened , as per the link above sadly I will have to create a new secured cluster
Thanks again for your prompt response.
George

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.