Archival strategy of indices

gthang · June 22, 2018, 9:14pm

Hello,

We have about 40 different indices being produced everyday. We currently have an alias setup for to point to the current business day index, and every night when the day rolls over, we create a new index and recreate the alias.

Ideally we would like to make the previous day's index read-only and move it to SAN. We would still be able to access it to run queries etc. I don't think the snapshot feature will allow us to query the index without restoring it.

Any thoughts/suggestions and best practises for what I am trying to achieve?

Thanks!
G-Thang

warkolm · June 22, 2018, 9:16pm

Elasticsearch Curator is usually what we recommend here.

gthang · June 22, 2018, 9:22pm

Thanks for that, but unfortunately I can't install the package in the production host(security drama). I will just have to use the existing REST calls :(.

theuntergeek · June 22, 2018, 11:02pm

Curator doesn't have to be installed in the cluster. It only needs client access, which supports all X-Pack Security/SSL options.

Topic		Replies	Views
Remove old incidies and back it up Elasticsearch	2	450	August 7, 2018
Snapshot & restore Elasticsearch	7	1086	December 4, 2017
How to schedule auto archival of old indices? Elasticsearch	5	4106	December 13, 2016
Time-based indices and automation in node.js Elasticsearch	9	1498	January 13, 2017
WorkFlow for Snapshotting Indices as a Backup Option Elasticsearch	2	396	August 10, 2018

Archival strategy of indices

Related topics